[Openvas-commits] r11723 - trunk/openvas-plugins/scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri Sep 30 16:02:58 CEST 2011


Author: veerendragg
Date: 2011-09-30 16:02:57 +0200 (Fri, 30 Sep 2011)
New Revision: 11723

Added:
   trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl
   trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl
   trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl
   trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl
   trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl
   trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl
   trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl
Log:
Added new LSC plugins. Added new plugins. Updated to detect latest version.

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,118 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for firefox CESA-2011:1341 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881014);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "CESA", value: "2011:1341");
+  script_cve_id("CVE-2011-2372", "CVE-2011-2995", "CVE-2011-2998", "CVE-2011-2999", "CVE-2011-3000");
+  script_name("CentOS Update for firefox CESA-2011:1341 centos4 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+  Runtime environment for Mozilla Firefox.
+  
+  Several flaws were found in the processing of malformed web content. A web
+  page containing malicious content could cause Firefox to crash or,
+  potentially, execute arbitrary code with the privileges of the user running
+  Firefox. (CVE-2011-2995)
+  
+  A flaw was found in the way Firefox processed the "Enter" keypress event. A
+  malicious web page could present a download dialog while the key is
+  pressed, activating the default "Open" action. A remote attacker could
+  exploit this vulnerability by causing the browser to open malicious web
+  content. (CVE-2011-2372)
+  
+  A flaw was found in the way Firefox handled Location headers in redirect
+  responses. Two copies of this header with different values could be a
+  symptom of a CRLF injection attack against a vulnerable server. Firefox now
+  treats two copies of the Location, Content-Length, or Content-Disposition
+  header as an error condition. (CVE-2011-3000)
+  
+  A flaw was found in the way Firefox handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way Firefox handled large
+  JavaScript regular expressions. A web page containing malicious JavaScript
+  could cause Firefox to access already freed memory, causing Firefox to
+  crash or, potentially, execute arbitrary code with the privileges of the
+  user running Firefox. (CVE-2011-2998)
+  
+  For technical details regarding these flaws, refer to the Mozilla security
+  advisories for Firefox 3.6.23. You can find a link to the Mozilla
+  advisories in the References section of this erratum.
+  
+  All Firefox users should upgrade to these updated packages, which contain
+  Firefox version 3.6.23, which corrects these issues. After installing the
+  update, Firefox must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  firefox on CentOS 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018085.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+  if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~1.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,130 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for firefox CESA-2011:1341 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881015);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "CESA", value: "2011:1341");
+  script_cve_id("CVE-2011-2372", "CVE-2011-2995", "CVE-2011-2998", "CVE-2011-2999", "CVE-2011-3000");
+  script_name("CentOS Update for firefox CESA-2011:1341 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+  Runtime environment for Mozilla Firefox.
+  
+  Several flaws were found in the processing of malformed web content. A web
+  page containing malicious content could cause Firefox to crash or,
+  potentially, execute arbitrary code with the privileges of the user running
+  Firefox. (CVE-2011-2995)
+  
+  A flaw was found in the way Firefox processed the "Enter" keypress event. A
+  malicious web page could present a download dialog while the key is
+  pressed, activating the default "Open" action. A remote attacker could
+  exploit this vulnerability by causing the browser to open malicious web
+  content. (CVE-2011-2372)
+  
+  A flaw was found in the way Firefox handled Location headers in redirect
+  responses. Two copies of this header with different values could be a
+  symptom of a CRLF injection attack against a vulnerable server. Firefox now
+  treats two copies of the Location, Content-Length, or Content-Disposition
+  header as an error condition. (CVE-2011-3000)
+  
+  A flaw was found in the way Firefox handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way Firefox handled large
+  JavaScript regular expressions. A web page containing malicious JavaScript
+  could cause Firefox to access already freed memory, causing Firefox to
+  crash or, potentially, execute arbitrary code with the privileges of the
+  user running Firefox. (CVE-2011-2998)
+  
+  For technical details regarding these flaws, refer to the Mozilla security
+  advisories for Firefox 3.6.23. You can find a link to the Mozilla
+  advisories in the References section of this erratum.
+  
+  All Firefox users should upgrade to these updated packages, which contain
+  Firefox version 3.6.23, which corrects these issues. After installing the
+  update, Firefox must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  firefox on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018079.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~2.el5.centos", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.23~1.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner-devel", rpm:"xulrunner-devel~1.9.2.23~1.el5_7", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for thunderbird CESA-2011:1343 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881016);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1343");
+  script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+  script_name("CentOS Update for thunderbird CESA-2011:1343 centos4 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Thunderbird is a standalone mail and newsgroup client.
+  
+  A flaw was found in the way Thunderbird handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way Thunderbird handled large
+  JavaScript regular expressions. An HTML mail message containing malicious
+  JavaScript could cause Thunderbird to access already freed memory, causing
+  Thunderbird to crash or, potentially, execute arbitrary code with the
+  privileges of the user running Thunderbird. (CVE-2011-2998)
+  
+  All Thunderbird users should upgrade to this updated package, which
+  resolves these issues. All running instances of Thunderbird must be
+  restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  thunderbird on CentOS 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018087.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+  if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~1.5.0.12~44.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for thunderbird CESA-2011:1343 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881012);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1343");
+  script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+  script_name("CentOS Update for thunderbird CESA-2011:1343 centos5 i386");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Thunderbird is a standalone mail and newsgroup client.
+  
+  A flaw was found in the way Thunderbird handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way Thunderbird handled large
+  JavaScript regular expressions. An HTML mail message containing malicious
+  JavaScript could cause Thunderbird to access already freed memory, causing
+  Thunderbird to crash or, potentially, execute arbitrary code with the
+  privileges of the user running Thunderbird. (CVE-2011-2998)
+  
+  All Thunderbird users should upgrade to this updated package, which
+  resolves these issues. All running instances of Thunderbird must be
+  restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  thunderbird on CentOS 5
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018081.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~2.0.0.24~26.el5.centos", rls:"CentOS5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,127 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for seamonkey CESA-2011:1344 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(881013);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "CESA", value: "2011:1344");
+  script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+  script_name("CentOS Update for seamonkey CESA-2011:1344 centos4 i386");
+  desc = "
+
+  Vulnerability Insight:
+  SeaMonkey is an open source web browser, email and newsgroup client, IRC
+  chat client, and HTML editor.
+  
+  A flaw was found in the way SeaMonkey handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way SeaMonkey handled large
+  JavaScript regular expressions. A web page containing malicious JavaScript
+  could cause SeaMonkey to access already freed memory, causing SeaMonkey to
+  crash or, potentially, execute arbitrary code with the privileges of the
+  user running SeaMonkey. (CVE-2011-2998)
+   
+  All SeaMonkey users should upgrade to these updated packages, which correct
+  these issues. After installing the update, SeaMonkey must be restarted for
+  the changes to take effect.
+
+
+  Affected Software/OS:
+  seamonkey on CentOS 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.centos.org/pipermail/centos-announce/2011-September/018089.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of seamonkey");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+  if(isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~1.0.9~76.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-chat", rpm:"seamonkey-chat~1.0.9~76.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-devel", rpm:"seamonkey-devel~1.0.9~76.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~1.0.9~76.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-js-debugger", rpm:"seamonkey-js-debugger~1.0.9~76.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-mail", rpm:"seamonkey-mail~1.0.9~76.el4.centos", rls:"CentOS4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,164 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for firefox RHSA-2011:1341-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870494);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "RHSA", value: "2011:1341-01");
+  script_cve_id("CVE-2011-2372", "CVE-2011-2995", "CVE-2011-2998", "CVE-2011-2999", "CVE-2011-3000");
+  script_name("RedHat Update for firefox RHSA-2011:1341-01");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+  Runtime environment for Mozilla Firefox.
+  
+  Several flaws were found in the processing of malformed web content. A web
+  page containing malicious content could cause Firefox to crash or,
+  potentially, execute arbitrary code with the privileges of the user running
+  Firefox. (CVE-2011-2995)
+  
+  A flaw was found in the way Firefox processed the "Enter" keypress event. A
+  malicious web page could present a download dialog while the key is
+  pressed, activating the default "Open" action. A remote attacker could
+  exploit this vulnerability by causing the browser to open malicious web
+  content. (CVE-2011-2372)
+  
+  A flaw was found in the way Firefox handled Location headers in redirect
+  responses. Two copies of this header with different values could be a
+  symptom of a CRLF injection attack against a vulnerable server. Firefox now
+  treats two copies of the Location, Content-Length, or Content-Disposition
+  header as an error condition. (CVE-2011-3000)
+  
+  A flaw was found in the way Firefox handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way Firefox handled large
+  JavaScript regular expressions. A web page containing malicious JavaScript
+  could cause Firefox to access already freed memory, causing Firefox to
+  crash or, potentially, execute arbitrary code with the privileges of the
+  user running Firefox. (CVE-2011-2998)
+  
+  For technical details regarding these flaws, refer to the Mozilla security
+  advisories for Firefox 3.6.23. You can find a link to the Mozilla
+  advisories in the References section of this erratum.
+  
+  All Firefox users should upgrade to these updated packages, which contain
+  Firefox version 3.6.23, which corrects these issues. After installing the
+  update, Firefox must be restarted for the changes to take effect.
+
+
+  Affected Software/OS:
+  firefox on Red Hat Enterprise Linux (v. 5 server),
+  Red Hat Enterprise Linux AS version 4,
+  Red Hat Enterprise Linux ES version 4,
+  Red Hat Enterprise Linux WS version 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00045.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~2.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"firefox-debuginfo", rpm:"firefox-debuginfo~3.6.23~2.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.23~1.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner-debuginfo", rpm:"xulrunner-debuginfo~1.9.2.23~1.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"xulrunner-devel", rpm:"xulrunner-devel~1.9.2.23~1.el5_7", rls:"RHENT_5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "RHENT_4")
+{
+
+  if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~1.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"firefox-debuginfo", rpm:"firefox-debuginfo~3.6.23~1.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,104 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for thunderbird RHSA-2011:1343-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870496);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "RHSA", value: "2011:1343-01");
+  script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+  script_name("RedHat Update for thunderbird RHSA-2011:1343-01");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Thunderbird is a standalone mail and newsgroup client.
+  
+  A flaw was found in the way Thunderbird handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way Thunderbird handled large
+  JavaScript regular expressions. An HTML mail message containing malicious
+  JavaScript could cause Thunderbird to access already freed memory, causing
+  Thunderbird to crash or, potentially, execute arbitrary code with the
+  privileges of the user running Thunderbird. (CVE-2011-2998)
+  
+  All Thunderbird users should upgrade to this updated package, which
+  resolves these issues. All running instances of Thunderbird must be
+  restarted for the update to take effect.
+
+
+  Affected Software/OS:
+  thunderbird on Red Hat Enterprise Linux AS version 4,
+  Red Hat Enterprise Linux ES version 4,
+  Red Hat Enterprise Linux WS version 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00047.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+  if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~1.5.0.12~44.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"thunderbird-debuginfo", rpm:"thunderbird-debuginfo~1.5.0.12~44.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,135 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for seamonkey RHSA-2011:1344-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(870495);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "RHSA", value: "2011:1344-01");
+  script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+  script_name("RedHat Update for seamonkey RHSA-2011:1344-01");
+  desc = "
+
+  Vulnerability Insight:
+  SeaMonkey is an open source web browser, email and newsgroup client, IRC
+  chat client, and HTML editor.
+  
+  A flaw was found in the way SeaMonkey handled frame objects with certain
+  names. An attacker could use this flaw to cause a plug-in to grant its
+  content access to another site or the local file system, violating the
+  same-origin policy. (CVE-2011-2999)
+  
+  An integer underflow flaw was found in the way SeaMonkey handled large
+  JavaScript regular expressions. A web page containing malicious JavaScript
+  could cause SeaMonkey to access already freed memory, causing SeaMonkey to
+  crash or, potentially, execute arbitrary code with the privileges of the
+  user running SeaMonkey. (CVE-2011-2998)
+   
+  All SeaMonkey users should upgrade to these updated packages, which correct
+  these issues. After installing the update, SeaMonkey must be restarted for
+  the changes to take effect.
+
+
+  Affected Software/OS:
+  seamonkey on Red Hat Enterprise Linux AS version 4,
+  Red Hat Enterprise Linux ES version 4,
+  Red Hat Enterprise Linux WS version 4
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://www.redhat.com/archives/rhsa-announce/2011-September/msg00048.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of seamonkey");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+  if(isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~1.0.9~76.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-chat", rpm:"seamonkey-chat~1.0.9~76.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-debuginfo", rpm:"seamonkey-debuginfo~1.0.9~76.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-devel", rpm:"seamonkey-devel~1.0.9~76.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~1.0.9~76.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-js-debugger", rpm:"seamonkey-js-debugger~1.0.9~76.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"seamonkey-mail", rpm:"seamonkey-mail~1.0.9~76.el4", rls:"RHENT_4"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for qt FEDORA-2011-12193
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863554);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12193");
+  script_cve_id("CVE-2011-3194");
+  script_name("Fedora Update for qt FEDORA-2011-12193");
+  desc = "
+
+  Vulnerability Insight:
+  Qt is a software toolkit for developing applications.
+  
+  This package contains base tools, like string, xml, and network
+  handling.
+  
+
+  Affected Software/OS:
+  qt on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066319.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of qt");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"qt", rpm:"qt~4.7.4~2.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for Django FEDORA-2011-12481
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863551);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "FEDORA", value: "2011-12481");
+  script_cve_id("CVE-2011-0697");
+  script_name("Fedora Update for Django FEDORA-2011-12481");
+  desc = "
+
+  Vulnerability Insight:
+  Django is a high-level Python Web framework that encourages rapid
+  development and a clean, pragmatic design. It focuses on automating as
+  much as possible and adhering to the DRY (Don't Repeat Yourself)
+  principle.
+
+
+  Affected Software/OS:
+  Django on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066389.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of Django");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"Django", rpm:"Django~1.3.1~2.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for opensaml FEDORA-2011-12890
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863553);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12890");
+  script_cve_id("CVE-2011-1411");
+  script_name("Fedora Update for opensaml FEDORA-2011-12890");
+  desc = "
+
+  Vulnerability Insight:
+  OpenSAML is an open source implementation of the OASIS Security Assertion
+  Markup Language Specification. It contains a set of open source C++ classes
+  that support the SAML 1.0, 1.1, and 2.0 specifications.
+
+
+  Affected Software/OS:
+  opensaml on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066308.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of opensaml");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"opensaml", rpm:"opensaml~2.3~4.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for phpMyAdmin FEDORA-2011-12918
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863556);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12918");
+  script_name("Fedora Update for phpMyAdmin FEDORA-2011-12918");
+  desc = "
+
+  Vulnerability Insight:
+  phpMyAdmin is a tool written in PHP intended to handle the administration of
+  MySQL over the World Wide Web. Most frequently used operations are supported
+  by the user interface (managing databases, tables, fields, relations, indexes,
+  users, permissions), while you still have the ability to directly execute any
+  SQL statement.
+  
+  Features include an intuitive web interface, support for most MySQL features
+  (browse and drop databases, tables, views, fields and indexes, create, copy,
+  drop, rename and alter databases, tables, fields and indexes, maintenance
+  server, databases and tables, with proposals on server configuration, execute,
+  edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
+  and privileges, manage stored procedures and triggers), import data from CSV
+  and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
+  and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
+  creating PDF graphics of your database layout, creating complex queries using
+  Query-by-example (QBE), searching globally in a database or a subset of it,
+  transforming stored data into any format using a set of predefined functions,
+  like displaying BLOB-data as image or download-link and much more...
+
+
+  Affected Software/OS:
+  phpMyAdmin on Fedora 14
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066335.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of phpMyAdmin");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC14")
+{
+
+  if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.4.5~1.fc14", rls:"FC14"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for phpMyAdmin FEDORA-2011-12928
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863547);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-12928");
+  script_name("Fedora Update for phpMyAdmin FEDORA-2011-12928");
+  desc = "
+
+  Vulnerability Insight:
+  phpMyAdmin is a tool written in PHP intended to handle the administration of
+  MySQL over the World Wide Web. Most frequently used operations are supported
+  by the user interface (managing databases, tables, fields, relations, indexes,
+  users, permissions), while you still have the ability to directly execute any
+  SQL statement.
+  
+  Features include an intuitive web interface, support for most MySQL features
+  (browse and drop databases, tables, views, fields and indexes, create, copy,
+  drop, rename and alter databases, tables, fields and indexes, maintenance
+  server, databases and tables, with proposals on server configuration, execute,
+  edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
+  and privileges, manage stored procedures and triggers), import data from CSV
+  and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
+  and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
+  creating PDF graphics of your database layout, creating complex queries using
+  Query-by-example (QBE), searching globally in a database or a subset of it,
+  transforming stored data into any format using a set of predefined functions,
+  like displaying BLOB-data as image or download-link and much more...
+
+
+  Affected Software/OS:
+  phpMyAdmin on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066333.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of phpMyAdmin");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.4.5~1.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for NetworkManager FEDORA-2011-13388
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863548);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"2.1");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "FEDORA", value: "2011-13388");
+  script_cve_id("CVE-2011-3364", "CVE-2011-2176", "CVE-2011-1943");
+  script_name("Fedora Update for NetworkManager FEDORA-2011-13388");
+  desc = "
+
+  Vulnerability Insight:
+  NetworkManager is a system network service that manages your network devices
+  and connections, attempting to keep active network connectivity when available.
+  It manages ethernet, WiFi, mobile broadband (WWAN), and PPPoE devices, and
+  provides VPN integration with a variety of different VPN services.
+
+
+  Affected Software/OS:
+  NetworkManager on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066425.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of NetworkManager");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"NetworkManager", rpm:"NetworkManager~0.9.1.90~1.git20110927.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for firefox FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863549);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-13465");
+  script_name("Fedora Update for firefox FEDORA-2011-13465");
+  desc = "
+
+  Vulnerability Insight:
+  Mozilla Firefox is an open-source web browser, designed for standards
+  compliance, performance and portability.
+
+
+  Affected Software/OS:
+  firefox on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066398.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"firefox", rpm:"firefox~7.0~1.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gnome-python2-extras FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863557);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-13465");
+  script_name("Fedora Update for gnome-python2-extras FEDORA-2011-13465");
+  desc = "
+
+  Vulnerability Insight:
+  The gnome-python-extra package contains the source packages for additional
+  Python bindings for GNOME. It should be used together with gnome-python.
+
+
+  Affected Software/OS:
+  gnome-python2-extras on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066397.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of gnome-python2-extras");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"gnome-python2-extras", rpm:"gnome-python2-extras~2.25.3~35.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mozvoikko FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863550);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-13465");
+  script_name("Fedora Update for mozvoikko FEDORA-2011-13465");
+  desc = "
+
+  Vulnerability Insight:
+  This is mozvoikko, an extension for Mozilla programs for using the Finnish
+  spell-checker Voikko.
+
+
+  Affected Software/OS:
+  mozvoikko on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066399.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of mozvoikko");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"mozvoikko", rpm:"mozvoikko~1.9.0~8.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,79 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863552);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-13465");
+  script_name("Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-13465");
+  desc = "
+
+  Vulnerability Insight:
+  This module allows you to use the Mozilla embedding widget from Perl.
+
+
+  Affected Software/OS:
+  perl-Gtk2-MozEmbed on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066401.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of perl-Gtk2-MozEmbed");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"perl-Gtk2-MozEmbed", rpm:"perl-Gtk2-MozEmbed~0.09~1.fc15.4", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for xulrunner FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(863555);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "FEDORA", value: "2011-13465");
+  script_name("Fedora Update for xulrunner FEDORA-2011-13465");
+  desc = "
+
+  Vulnerability Insight:
+  XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM
+  applications that are as rich as Firefox and Thunderbird. It provides mechanisms
+  for installing, upgrading, and uninstalling these applications. XULRunner also
+  provides libxul, a solution which allows the embedding of Mozilla technologies
+  in other projects and products.
+
+
+  Affected Software/OS:
+  xulrunner on Fedora 15
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066400.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of xulrunner");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC15")
+{
+
+  if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~7.0~1.fc15", rls:"FC15"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,182 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for openssl MDVSA-2011:136 (openssl)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(831455);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"2.6");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "MDVSA", value: "2011:136");
+  script_cve_id("CVE-2011-1945");
+  script_name("Mandriva Update for openssl MDVSA-2011:136 (openssl)");
+  desc = "
+
+  Vulnerability Insight:
+
+  A vulnerability was discovered and corrected in openssl:
+  
+  The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and
+  earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA)
+  is used for the ECDHE_ECDSA cipher suite, does not properly implement
+  curves over binary fields, which makes it easier for context-dependent
+  attackers to determine private keys via a timing attack and a lattice
+  calculation (CVE-2011-1945).
+  
+  Packages for 2009.0 are provided as of the Extended Maintenance
+  Program. Please visit this link to learn more:
+  http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+  
+  The updated packages have been patched to correct this issue.
+
+  Affected Software/OS:
+  openssl on Mandriva Linux 2009.0,
+  Mandriva Linux 2009.0/X86_64,
+  Mandriva Enterprise Server 5,
+  Mandriva Enterprise Server 5/X86_64
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.mandriva.com/security-announce/2011-09/msg00021.php
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of openssl");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Mandrake Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+  if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+  if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,154 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for openssl MDVSA-2011:137 (openssl)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(831454);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_xref(name: "MDVSA", value: "2011:137");
+  script_cve_id("CVE-2011-1945", "CVE-2011-3207", "CVE-2011-3210");
+  script_name("Mandriva Update for openssl MDVSA-2011:137 (openssl)");
+  desc = "
+
+  Vulnerability Insight:
+
+  Multiple vulnerabilities has been discovered and corrected in openssl:
+  
+  The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and
+  earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA)
+  is used for the ECDHE_ECDSA cipher suite, does not properly implement
+  curves over binary fields, which makes it easier for context-dependent
+  attackers to determine private keys via a timing attack and a lattice
+  calculation (CVE-2011-1945).
+  
+  crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not
+  initialize certain structure members, which makes it easier for
+  remote attackers to bypass CRL validation by using a nextUpdate value
+  corresponding to a time in the past (CVE-2011-3207).
+  
+  The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through
+  0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during
+  processing of handshake messages, which allows remote attackers
+  to cause a denial of service (application crash) via out-of-order
+  messages that violate the TLS protocol (CVE-2011-3210).
+  
+  Packages for 2009.0 are provided as of the Extended Maintenance
+  Program. Please visit this link to learn more:
+  http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+  
+  The updated packages have been patched to correct these issues.
+
+  Affected Software/OS:
+  openssl on Mandriva Linux 2010.1,
+  Mandriva Linux 2010.1/X86_64
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  http://lists.mandriva.com/security-announce/2011-09/msg00022.php
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of openssl");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Mandrake Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "MNDK_2010.1")
+{
+
+  if(isrpmvuln(pkg:"libopenssl1.0.0", rpm:"libopenssl1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libopenssl1.0.0-devel", rpm:"libopenssl1.0.0-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libopenssl1.0.0-static-devel", rpm:"libopenssl1.0.0-static-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"libopenssl-engines1.0.0", rpm:"libopenssl-engines1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"openssl", rpm:"openssl~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl1.0.0", rpm:"lib64openssl1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl1.0.0-devel", rpm:"lib64openssl1.0.0-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl1.0.0-static-devel", rpm:"lib64openssl1.0.0-static-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isrpmvuln(pkg:"lib64openssl-engines1.0.0", rpm:"lib64openssl-engines1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,131 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for firefox USN-1210-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840756);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "USN", value: "1210-1");
+  script_cve_id("CVE-2011-2995", "CVE-2011-2996", "CVE-2011-2999", "CVE-2011-3000", "CVE-2011-2372", "CVE-2011-3001");
+  script_name("Ubuntu Update for firefox USN-1210-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered
+  multiple memory vulnerabilities in the browser rendering engine. An
+  attacker could use these to possibly execute arbitrary code with the
+  privileges of the user invoking Firefox. (CVE-2011-2995, CVE-2011-2996)
+  
+  Boris Zbarsky discovered that a frame named "location" could shadow the
+  window.location object unless a script in a page grabbed a reference to the
+  true object before the frame was created. This is in violation of the Same
+  Origin Policy. A malicious website could possibly use this to access
+  another website or the local file system. (CVE-2011-2999)
+  
+  Mark Kaplan discovered an integer underflow in the SpiderMonkey JavaScript
+  engine. An attacker could potentially use this to crash Firefox.
+  
+  Ian Graham discovered that when multiple Location headers were present,
+  Firefox would use the second one resulting in a possible CRLF injection
+  attack. CRLF injection issues can result in a wide variety of attacks, such
+  as XSS (Cross-Site Scripting) vulnerabilities, browser cache poisoning, and
+  cookie theft. (CVE-2011-3000)
+  
+  Mariusz Mlynski discovered that if the user could be convinced to hold down
+  the enter key, a malicious website could potential pop up a download dialog
+  and the default open action would be selected. This would result in
+  potentially malicious content being run with privileges of the user
+  invoking Firefox. (CVE-2011-2372)
+
+  Affected Software/OS:
+  firefox on Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001427.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"firefox", ver:"3.6.23+build1+nobinonly-0ubuntu0.10.04.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"xulrunner-1.9.2", ver:"1.9.2.23+build1+nobinonly-0ubuntu0.10.04.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"firefox", ver:"3.6.23+build1+nobinonly-0ubuntu0.10.10.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"xulrunner-1.9.2", ver:"1.9.2.23+build1+nobinonly-0ubuntu0.10.10.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,133 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for thunderbird USN-1213-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840754);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "USN", value: "1213-1");
+  script_cve_id("CVE-2011-2995", "CVE-2011-2996", "CVE-2011-2999", "CVE-2011-3000", "CVE-2011-2372");
+  script_name("Ubuntu Update for thunderbird USN-1213-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered
+  multiple memory vulnerabilities in the Gecko rendering engine. An
+  attacker could use these to possibly execute arbitrary code with the
+  privileges of the user invoking Thunderbird. (CVE-2011-2995, CVE-2011-2996)
+  
+  Boris Zbarsky discovered that a frame named "location" could shadow the
+  window.location object unless a script in a page grabbed a reference to the
+  true object before the frame was created. This is in violation of the Same
+  Origin Policy. A malicious E-Mail could possibly use this to access the
+  local file system. (CVE-2011-2999)
+  
+  Mark Kaplan discovered an integer underflow in the SpiderMonkey JavaScript
+  engine. An attacker could potentially use this to crash Thunderbird.
+  
+  Ian Graham discovered that when multiple Location headers were present,
+  Thunderbird would use the second one resulting in a possible CRLF injection
+  attack. CRLF injection issues can result in a wide variety of attacks, such
+  as XSS (Cross-Site Scripting) vulnerabilities, browser cache poisoning, and
+  cookie theft. (CVE-2011-3000)
+  
+  Mariusz Mlynski discovered that if the user could be convinced to hold down
+  the enter key, a malicious website or E-Mail could potential pop up a
+  download dialog and the default open action would be selected. This would
+  result in potentially malicious content being run with privileges of the
+  user invoking Thunderbird. (CVE-2011-2372)
+
+  Affected Software/OS:
+  thunderbird on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001428.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of thunderbird");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"thunderbird", ver:"3.1.15+build1+nobinonly-0ubuntu0.10.10.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"thunderbird", ver:"3.1.15+build1+nobinonly-0ubuntu0.10.04.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"thunderbird", ver:"3.1.15+build1+nobinonly-0ubuntu0.11.04.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,129 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ec2 USN-1216-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840761);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.1");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1216-1");
+  script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4251", "CVE-2010-4805", "CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1577", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux-ec2 USN-1216-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+  initialize structure memory. A local attacker could exploit this to read
+  portions of kernel stack memory, leading to a loss of privacy.
+  (CVE-2010-4076, CVE-2010-4077)
+  
+  Alex Shi and Eric Dumazet discovered that the network stack did not
+  correctly handle packet backlogs. A remote attacker could exploit this by
+  sending a large amount of network traffic to cause the system to run out of
+  memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)
+  
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+  handle certain fields. If a system was running with Rose enabled, a remote
+  attacker could send specially crafted traffic to gain root privileges.
+  (CVE-2011-1493)
+  
+  Timo Warns discovered that the GUID partition parsing routines did not
+  correctly validate certain structures. A local attacker with physical
+  access could plug in a specially crafted block device to crash the system,
+  leading to a denial of service. (CVE-2011-1577)
+  
+  Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+  correctly validate certain requests. A local attacker could exploit this to
+  consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+  
+  Vasiliy Kulikov discovered that taskstats listeners were not correctly
+  handled. A local attacker could expoit this to exhaust memory and CPU
+  resources, leading to a denial of service. (CVE-2011-2484)
+  
+  It was discovered that Bluetooth l2cap and rfcomm did not correctly
+  initialize structures. A local attacker could exploit this to read portions
+  of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+  
+  Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+  correctly check the length of memory copies. If this hardware was
+  available, a local attacker could exploit this to crash the system or gain
+  root privileges. (CVE-2011-2700)
+  
+  Herbert Xu discovered that certain fields were incorrectly handled when
+  Generic Receive Offload (CVE-2011-2723)
+  
+  The performance counter subsystem did not correctly handle certain
+  counters. A local attacker could exploit this to crash the system, leading
+  to a denial of service. (CVE-2011-2918)
+
+  Affected Software/OS:
+  linux-ec2 on Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001426.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-ec2");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-318-ec2", ver:"2.6.32-318.38", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,110 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for puppet USN-1217-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840757);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1217-1");
+  script_cve_id("CVE-2011-3848");
+  script_name("Ubuntu Update for puppet USN-1217-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Kristian Erik Hermansen discovered a directory traversal vulnerability in
+  the SSLFile indirection base class. A remote attacker could exploit this to
+  overwrite files with the privileges of the Puppet Master.
+
+  Affected Software/OS:
+  puppet on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001429.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of puppet");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"puppet-common", ver:"2.6.1-0ubuntu2.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"puppet-common", ver:"0.25.4-2ubuntu6.2", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"puppet-common", ver:"2.6.4-2ubuntu2.2", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,207 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-1218-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840760);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"6.1");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1218-1");
+  script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4251", "CVE-2010-4805", "CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1577", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918");
+  script_name("Ubuntu Update for linux USN-1218-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+  initialize structure memory. A local attacker could exploit this to read
+  portions of kernel stack memory, leading to a loss of privacy.
+  (CVE-2010-4076, CVE-2010-4077)
+  
+  Alex Shi and Eric Dumazet discovered that the network stack did not
+  correctly handle packet backlogs. A remote attacker could exploit this by
+  sending a large amount of network traffic to cause the system to run out of
+  memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)
+  
+  It was discovered that the /proc filesystem did not correctly handle
+  permission changes when programs executed. A local attacker could hold open
+  files to examine details about programs running with higher privileges,
+  potentially increasing the chances of exploiting additional
+  vulnerabilities. (CVE-2011-1020)
+  
+  Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+  handle certain fields. If a system was running with Rose enabled, a remote
+  attacker could send specially crafted traffic to gain root privileges.
+  (CVE-2011-1493)
+  
+  Timo Warns discovered that the GUID partition parsing routines did not
+  correctly validate certain structures. A local attacker with physical
+  access could plug in a specially crafted block device to crash the system,
+  leading to a denial of service. (CVE-2011-1577)
+  
+  Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+  correctly validate certain requests. A local attacker could exploit this to
+  consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+  
+  Vasiliy Kulikov discovered that taskstats listeners were not correctly
+  handled. A local attacker could expoit this to exhaust memory and CPU
+  resources, leading to a denial of service. (CVE-2011-2484)
+  
+  It was discovered that Bluetooth l2cap and rfcomm did not correctly
+  initialize structures. A local attacker could exploit this to read portions
+  of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+  
+  Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+  correctly check the length of memory copies. If this hardware was
+  available, a local attacker could exploit this to crash the system or gain
+  root privileges. (CVE-2011-2700)
+  
+  Herbert Xu discovered that certain fields were incorrectly handled when
+  Generic Receive Offload (CVE-2011-2723)
+  
+  The performance counter subsystem did not correctly handle certain
+  counters. A local attacker could exploit this to crash the system, leading
+  to a denial of service. (CVE-2011-2918)
+
+  Affected Software/OS:
+  linux on Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001430.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-386", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-generic", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-generic-pae", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-ia64", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-lpia", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-powerpc", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-powerpc-smp", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-powerpc64-smp", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-preempt", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-server", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-sparc64", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-sparc64-smp", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-versatile", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.32-34-virtual", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,147 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-backport-maverick USN-1219-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840762);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"8.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "USN", value: "1219-1");
+  script_cve_id("CVE-2011-1576", "CVE-2011-1776", "CVE-2011-1833", "CVE-2011-2213", "CVE-2011-2497", "CVE-2011-2699", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918", "CVE-2011-2928", "CVE-2011-3191");
+  script_name("Ubuntu Update for linux-lts-backport-maverick USN-1219-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Ryan Sweat discovered that the kernel incorrectly handled certain VLAN
+  packets. On some systems, a remote attacker could send specially crafted
+  traffic to crash the system, leading to a denial of service.
+  (CVE-2011-1576)
+  
+  Timo Warns discovered that the EFI GUID partition table was not correctly
+  parsed. A physically local attacker that could insert mountable devices
+  could exploit this to crash the system or possibly gain root privileges.
+  (CVE-2011-1776)
+  
+  Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not
+  correctly check the origin of mount points. A local attacker could exploit
+  this to trick the system into unmounting arbitrary mount points, leading to
+  a denial of service. (CVE-2011-1833)
+  
+  Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+  correctly validate certain requests. A local attacker could exploit this to
+  consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+  
+  Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
+  certain L2CAP requests. If a system was using Bluetooth, a remote attacker
+  could send specially crafted traffic to crash the system or gain root
+  privileges. (CVE-2011-2497)
+  
+  Fernando Gont discovered that the IPv6 stack used predictable fragment
+  identification numbers. A remote attacker could exploit this to exhaust
+  network resources, leading to a denial of service. (CVE-2011-2699)
+  
+  Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+  correctly check the length of memory copies. If this hardware was
+  available, a local attacker could exploit this to crash the system or gain
+  root privileges. (CVE-2011-2700)
+  
+  Herbert Xu discovered that certain fields were incorrectly handled when
+  Generic Receive Offload (CVE-2011-2723)
+  
+  The performance counter subsystem did not correctly handle certain
+  counters. A local attacker could exploit this to crash the system, leading
+  to a denial of service. (CVE-2011-2918)
+  
+  Time Warns discovered that long symlinks were incorrectly handled on Be
+  filesystems. A local attacker could exploit this with a malformed Be
+  filesystem and crash the system, leading to a denial of service.
+  (CVE-2011-2928)
+  
+  Darren Lavender discovered that the CIFS client incorrectly handled certain
+  large values. A remote attacker with a malicious server could exploit this
+  to crash the system or possibly execute arbitrary code as the root user.
+  (CVE-2011-3191)
+
+  Affected Software/OS:
+  linux-lts-backport-maverick on Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001431.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-lts-backport-maverick");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic-pae", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-server", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-30-virtual", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,120 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ti-omap4 USN-1220-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840758);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"8.3");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "USN", value: "1220-1");
+  script_cve_id("CVE-2011-1576", "CVE-2011-1776", "CVE-2011-2213", "CVE-2011-2497", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2928", "CVE-2011-3188", "CVE-2011-3191");
+  script_name("Ubuntu Update for linux-ti-omap4 USN-1220-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Ryan Sweat discovered that the kernel incorrectly handled certain VLAN
+  packets. On some systems, a remote attacker could send specially crafted
+  traffic to crash the system, leading to a denial of service.
+  (CVE-2011-1576)
+  
+  Timo Warns discovered that the EFI GUID partition table was not correctly
+  parsed. A physically local attacker that could insert mountable devices
+  could exploit this to crash the system or possibly gain root privileges.
+  (CVE-2011-1776)
+  
+  Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+  correctly validate certain requests. A local attacker could exploit this to
+  consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+  
+  Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
+  certain L2CAP requests. If a system was using Bluetooth, a remote attacker
+  could send specially crafted traffic to crash the system or gain root
+  privileges. (CVE-2011-2497)
+  
+  Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+  correctly check the length of memory copies. If this hardware was
+  available, a local attacker could exploit this to crash the system or gain
+  root privileges. (CVE-2011-2700)
+  
+  Herbert Xu discovered that certain fields were incorrectly handled when
+  Generic Receive Offload (CVE-2011-2723)
+  
+  Time Warns discovered that long symlinks were incorrectly handled on Be
+  filesystems. A local attacker could exploit this with a malformed Be
+  filesystem and crash the system, leading to a denial of service.
+  (CVE-2011-2928)
+  
+  Dan Kaminsky discovered that the kernel incorrectly handled random sequence
+  number generation. An attacker could use this flaw to possibly predict
+  sequence numbers and inject packets. (CVE-2011-3188)
+  
+  Darren Lavender discovered that the CIFS client incorrectly handled certain
+  large values. A remote attacker with a malicious server could exploit this
+  to crash the system or possibly execute arbitrary code as the root user.
+  (CVE-2011-3191)
+
+  Affected Software/OS:
+  linux-ti-omap4 on Ubuntu 10.10
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001432.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of linux-ti-omap4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"linux-image-2.6.35-903-omap4", ver:"2.6.35-903.25", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,130 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for mutt USN-1221-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840755);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"5.8");
+  script_tag(name:"risk_factor", value:"High");
+  script_xref(name: "USN", value: "1221-1");
+  script_cve_id("CVE-2011-1429");
+  script_name("Ubuntu Update for mutt USN-1221-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  It was discovered that mutt incorrectly verified the hostname in an SSL
+  certificate. An attacker could trick mutt into trusting a rogue SMTPS,
+  IMAPS, or POP3S server's certificate, which was signed by a trusted certificate
+  authority, to perform a man-in-the-middle attack.
+
+  Affected Software/OS:
+  mutt on Ubuntu 11.04 ,
+  Ubuntu 10.10 ,
+  Ubuntu 10.04 LTS
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001433.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of mutt");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+  if(isdpkgvuln(pkg:"mutt", ver:"1.5.20-9ubuntu2.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"mutt-patched", ver:"1.5.20-9ubuntu2.1", rls:"UBUNTU10.10"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if(isdpkgvuln(pkg:"mutt", ver:"1.5.20-7ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"mutt-patched", ver:"1.5.20-7ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"mutt", ver:"1.5.21-2ubuntu3.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  if(isdpkgvuln(pkg:"mutt-patched", ver:"1.5.21-2ubuntu3.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file

Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl	2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl	2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,117 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for firefox USN-1222-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(840759);
+  script_version("$Revision$: 1.0");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_xref(name: "USN", value: "1222-1");
+  script_cve_id("CVE-2011-2995", "CVE-2011-2997", "CVE-2011-2999", "CVE-2011-3000", "CVE-2011-2372", "CVE-2011-3001", "CVE-2011-3002", "CVE-2011-3003", "CVE-2011-3005", "CVE-2011-3232", "CVE-2011-3004");
+  script_name("Ubuntu Update for firefox USN-1222-1");
+  desc = "
+
+  Vulnerability Insight:
+
+  Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight,
+  Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and
+  Marcia Knous discovered multiple memory vulnerabilities in the browser
+  rendering engine. An attacker could use these to possibly execute arbitrary
+  code with the privileges of the user invoking Firefox. (CVE-2011-2995,
+  CVE-2011-2997)
+  
+  Boris Zbarsky discovered that a frame named "location" could shadow the
+  window.location object unless a script in a page grabbed a reference to the
+  true object before the frame was created. This is in violation of the Same
+  Origin Policy. A malicious website could possibly use this to access
+  another website or the local file system. (CVE-2011-2999)
+  
+  Ian Graham discovered that when multiple Location headers were present,
+  Firefox would use the second one resulting in a possible CRLF injection
+  attack. CRLF injection issues can result in a wide variety of attacks, such
+  as XSS (Cross-Site Scripting) vulnerabilities, browser cache poisoning, and
+  cookie theft. (CVE-2011-3000)
+  
+  Mariusz Mlynski discovered that if the user could be convinced to hold down
+  the enter key, a malicious website could potential pop up a download dialog
+  and the default open action would be selected or lead to the installation
+  of an arbitrary add-on. This would result in potentially malicious content
+  being run with privileges of the user invoking Firefox. (CVE-2011-2372,
+  CVE-2011-3001)
+  
+  Michael Jordon and Ben Hawkes discovered flaws in WebGL. If a user were
+  tricked into opening a malicious page, an attacker could cause the browser
+  to crash. (CVE-2011-3002, CVE-2011-3003)
+  
+  It was discovered that Firefox did not properly free memory when processing
+  ogg files. If a user were tricked into opening a malicious page, an
+  attacker could cause the browser to crash. (CVE-2011-3005)
+  
+  David Rees and Aki Helin discovered a problems in the JavaScript engine. An
+  attacker could exploit this to crash the browser or potentially escalate
+  privileges within the browser. (CVE-2011-3232)
+
+  Affected Software/OS:
+  firefox on Ubuntu 11.04
+
+  Fix: Please Install the Updated Packages.
+
+  References:
+  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001434.html
+
+  ";
+
+  script_description(desc);
+  script_summary("Check for the Version of firefox");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_require_keys("ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU11.04")
+{
+
+  if(isdpkgvuln(pkg:"firefox", ver:"7.0.1+build1+nobinonly-0ubuntu0.11.04.1", rls:"UBUNTU11.04"))
+  {
+    security_hole(0);
+    exit(0);
+  }
+
+  exit(0);
+}
\ No newline at end of file



More information about the Openvas-commits mailing list