[Openvas-commits] r11723 - trunk/openvas-plugins/scripts
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Fri Sep 30 16:02:58 CEST 2011
Author: veerendragg
Date: 2011-09-30 16:02:57 +0200 (Fri, 30 Sep 2011)
New Revision: 11723
Added:
trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl
trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl
trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl
trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl
trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl
trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl
Log:
Added new LSC plugins. Added new plugins. Updated to detect latest version.
Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos4_i386.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,118 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for firefox CESA-2011:1341 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(881014);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "CESA", value: "2011:1341");
+ script_cve_id("CVE-2011-2372", "CVE-2011-2995", "CVE-2011-2998", "CVE-2011-2999", "CVE-2011-3000");
+ script_name("CentOS Update for firefox CESA-2011:1341 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+ Runtime environment for Mozilla Firefox.
+
+ Several flaws were found in the processing of malformed web content. A web
+ page containing malicious content could cause Firefox to crash or,
+ potentially, execute arbitrary code with the privileges of the user running
+ Firefox. (CVE-2011-2995)
+
+ A flaw was found in the way Firefox processed the "Enter" keypress event. A
+ malicious web page could present a download dialog while the key is
+ pressed, activating the default "Open" action. A remote attacker could
+ exploit this vulnerability by causing the browser to open malicious web
+ content. (CVE-2011-2372)
+
+ A flaw was found in the way Firefox handled Location headers in redirect
+ responses. Two copies of this header with different values could be a
+ symptom of a CRLF injection attack against a vulnerable server. Firefox now
+ treats two copies of the Location, Content-Length, or Content-Disposition
+ header as an error condition. (CVE-2011-3000)
+
+ A flaw was found in the way Firefox handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way Firefox handled large
+ JavaScript regular expressions. A web page containing malicious JavaScript
+ could cause Firefox to access already freed memory, causing Firefox to
+ crash or, potentially, execute arbitrary code with the privileges of the
+ user running Firefox. (CVE-2011-2998)
+
+ For technical details regarding these flaws, refer to the Mozilla security
+ advisories for Firefox 3.6.23. You can find a link to the Mozilla
+ advisories in the References section of this erratum.
+
+ All Firefox users should upgrade to these updated packages, which contain
+ Firefox version 3.6.23, which corrects these issues. After installing the
+ update, Firefox must be restarted for the changes to take effect.
+
+
+ Affected Software/OS:
+ firefox on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2011-September/018085.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of firefox");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~1.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1341_firefox_centos5_i386.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,130 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for firefox CESA-2011:1341 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(881015);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "CESA", value: "2011:1341");
+ script_cve_id("CVE-2011-2372", "CVE-2011-2995", "CVE-2011-2998", "CVE-2011-2999", "CVE-2011-3000");
+ script_name("CentOS Update for firefox CESA-2011:1341 centos5 i386");
+ desc = "
+
+ Vulnerability Insight:
+ Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+ Runtime environment for Mozilla Firefox.
+
+ Several flaws were found in the processing of malformed web content. A web
+ page containing malicious content could cause Firefox to crash or,
+ potentially, execute arbitrary code with the privileges of the user running
+ Firefox. (CVE-2011-2995)
+
+ A flaw was found in the way Firefox processed the "Enter" keypress event. A
+ malicious web page could present a download dialog while the key is
+ pressed, activating the default "Open" action. A remote attacker could
+ exploit this vulnerability by causing the browser to open malicious web
+ content. (CVE-2011-2372)
+
+ A flaw was found in the way Firefox handled Location headers in redirect
+ responses. Two copies of this header with different values could be a
+ symptom of a CRLF injection attack against a vulnerable server. Firefox now
+ treats two copies of the Location, Content-Length, or Content-Disposition
+ header as an error condition. (CVE-2011-3000)
+
+ A flaw was found in the way Firefox handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way Firefox handled large
+ JavaScript regular expressions. A web page containing malicious JavaScript
+ could cause Firefox to access already freed memory, causing Firefox to
+ crash or, potentially, execute arbitrary code with the privileges of the
+ user running Firefox. (CVE-2011-2998)
+
+ For technical details regarding these flaws, refer to the Mozilla security
+ advisories for Firefox 3.6.23. You can find a link to the Mozilla
+ advisories in the References section of this erratum.
+
+ All Firefox users should upgrade to these updated packages, which contain
+ Firefox version 3.6.23, which corrects these issues. After installing the
+ update, Firefox must be restarted for the changes to take effect.
+
+
+ Affected Software/OS:
+ firefox on CentOS 5
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2011-September/018079.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of firefox");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+ if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~2.el5.centos", rls:"CentOS5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.23~1.el5_7", rls:"CentOS5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"xulrunner-devel", rpm:"xulrunner-devel~1.9.2.23~1.el5_7", rls:"CentOS5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos4_i386.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for thunderbird CESA-2011:1343 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(881016);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "CESA", value: "2011:1343");
+ script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+ script_name("CentOS Update for thunderbird CESA-2011:1343 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ Mozilla Thunderbird is a standalone mail and newsgroup client.
+
+ A flaw was found in the way Thunderbird handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way Thunderbird handled large
+ JavaScript regular expressions. An HTML mail message containing malicious
+ JavaScript could cause Thunderbird to access already freed memory, causing
+ Thunderbird to crash or, potentially, execute arbitrary code with the
+ privileges of the user running Thunderbird. (CVE-2011-2998)
+
+ All Thunderbird users should upgrade to this updated package, which
+ resolves these issues. All running instances of Thunderbird must be
+ restarted for the update to take effect.
+
+
+ Affected Software/OS:
+ thunderbird on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2011-September/018087.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of thunderbird");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~1.5.0.12~44.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1343_thunderbird_centos5_i386.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for thunderbird CESA-2011:1343 centos5 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(881012);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "CESA", value: "2011:1343");
+ script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+ script_name("CentOS Update for thunderbird CESA-2011:1343 centos5 i386");
+ desc = "
+
+ Vulnerability Insight:
+ Mozilla Thunderbird is a standalone mail and newsgroup client.
+
+ A flaw was found in the way Thunderbird handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way Thunderbird handled large
+ JavaScript regular expressions. An HTML mail message containing malicious
+ JavaScript could cause Thunderbird to access already freed memory, causing
+ Thunderbird to crash or, potentially, execute arbitrary code with the
+ privileges of the user running Thunderbird. (CVE-2011-2998)
+
+ All Thunderbird users should upgrade to this updated package, which
+ resolves these issues. All running instances of Thunderbird must be
+ restarted for the update to take effect.
+
+
+ Affected Software/OS:
+ thunderbird on CentOS 5
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2011-September/018081.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of thunderbird");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+ if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~2.0.0.24~26.el5.centos", rls:"CentOS5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_CESA-2011_1344_seamonkey_centos4_i386.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,127 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for seamonkey CESA-2011:1344 centos4 i386
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(881013);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "CESA", value: "2011:1344");
+ script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+ script_name("CentOS Update for seamonkey CESA-2011:1344 centos4 i386");
+ desc = "
+
+ Vulnerability Insight:
+ SeaMonkey is an open source web browser, email and newsgroup client, IRC
+ chat client, and HTML editor.
+
+ A flaw was found in the way SeaMonkey handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way SeaMonkey handled large
+ JavaScript regular expressions. A web page containing malicious JavaScript
+ could cause SeaMonkey to access already freed memory, causing SeaMonkey to
+ crash or, potentially, execute arbitrary code with the privileges of the
+ user running SeaMonkey. (CVE-2011-2998)
+
+ All SeaMonkey users should upgrade to these updated packages, which correct
+ these issues. After installing the update, SeaMonkey must be restarted for
+ the changes to take effect.
+
+
+ Affected Software/OS:
+ seamonkey on CentOS 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.centos.org/pipermail/centos-announce/2011-September/018089.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of seamonkey");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("CentOS Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "CentOS4")
+{
+
+ if(isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~1.0.9~76.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-chat", rpm:"seamonkey-chat~1.0.9~76.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-devel", rpm:"seamonkey-devel~1.0.9~76.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~1.0.9~76.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-js-debugger", rpm:"seamonkey-js-debugger~1.0.9~76.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-mail", rpm:"seamonkey-mail~1.0.9~76.el4.centos", rls:"CentOS4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1341-01_firefox.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,164 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for firefox RHSA-2011:1341-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870494);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "RHSA", value: "2011:1341-01");
+ script_cve_id("CVE-2011-2372", "CVE-2011-2995", "CVE-2011-2998", "CVE-2011-2999", "CVE-2011-3000");
+ script_name("RedHat Update for firefox RHSA-2011:1341-01");
+ desc = "
+
+ Vulnerability Insight:
+ Mozilla Firefox is an open source web browser. XULRunner provides the XUL
+ Runtime environment for Mozilla Firefox.
+
+ Several flaws were found in the processing of malformed web content. A web
+ page containing malicious content could cause Firefox to crash or,
+ potentially, execute arbitrary code with the privileges of the user running
+ Firefox. (CVE-2011-2995)
+
+ A flaw was found in the way Firefox processed the "Enter" keypress event. A
+ malicious web page could present a download dialog while the key is
+ pressed, activating the default "Open" action. A remote attacker could
+ exploit this vulnerability by causing the browser to open malicious web
+ content. (CVE-2011-2372)
+
+ A flaw was found in the way Firefox handled Location headers in redirect
+ responses. Two copies of this header with different values could be a
+ symptom of a CRLF injection attack against a vulnerable server. Firefox now
+ treats two copies of the Location, Content-Length, or Content-Disposition
+ header as an error condition. (CVE-2011-3000)
+
+ A flaw was found in the way Firefox handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way Firefox handled large
+ JavaScript regular expressions. A web page containing malicious JavaScript
+ could cause Firefox to access already freed memory, causing Firefox to
+ crash or, potentially, execute arbitrary code with the privileges of the
+ user running Firefox. (CVE-2011-2998)
+
+ For technical details regarding these flaws, refer to the Mozilla security
+ advisories for Firefox 3.6.23. You can find a link to the Mozilla
+ advisories in the References section of this erratum.
+
+ All Firefox users should upgrade to these updated packages, which contain
+ Firefox version 3.6.23, which corrects these issues. After installing the
+ update, Firefox must be restarted for the changes to take effect.
+
+
+ Affected Software/OS:
+ firefox on Red Hat Enterprise Linux (v. 5 server),
+ Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2011-September/msg00045.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of firefox");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+ if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~2.el5_7", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"firefox-debuginfo", rpm:"firefox-debuginfo~3.6.23~2.el5_7", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~1.9.2.23~1.el5_7", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"xulrunner-debuginfo", rpm:"xulrunner-debuginfo~1.9.2.23~1.el5_7", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"xulrunner-devel", rpm:"xulrunner-devel~1.9.2.23~1.el5_7", rls:"RHENT_5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.23~1.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"firefox-debuginfo", rpm:"firefox-debuginfo~3.6.23~1.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1343-01_thunderbird.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,104 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for thunderbird RHSA-2011:1343-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870496);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "RHSA", value: "2011:1343-01");
+ script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+ script_name("RedHat Update for thunderbird RHSA-2011:1343-01");
+ desc = "
+
+ Vulnerability Insight:
+ Mozilla Thunderbird is a standalone mail and newsgroup client.
+
+ A flaw was found in the way Thunderbird handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way Thunderbird handled large
+ JavaScript regular expressions. An HTML mail message containing malicious
+ JavaScript could cause Thunderbird to access already freed memory, causing
+ Thunderbird to crash or, potentially, execute arbitrary code with the
+ privileges of the user running Thunderbird. (CVE-2011-2998)
+
+ All Thunderbird users should upgrade to this updated package, which
+ resolves these issues. All running instances of Thunderbird must be
+ restarted for the update to take effect.
+
+
+ Affected Software/OS:
+ thunderbird on Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2011-September/msg00047.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of thunderbird");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~1.5.0.12~44.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"thunderbird-debuginfo", rpm:"thunderbird-debuginfo~1.5.0.12~44.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_RHSA-2011_1344-01_seamonkey.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,135 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for seamonkey RHSA-2011:1344-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(870495);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "RHSA", value: "2011:1344-01");
+ script_cve_id("CVE-2011-2998", "CVE-2011-2999");
+ script_name("RedHat Update for seamonkey RHSA-2011:1344-01");
+ desc = "
+
+ Vulnerability Insight:
+ SeaMonkey is an open source web browser, email and newsgroup client, IRC
+ chat client, and HTML editor.
+
+ A flaw was found in the way SeaMonkey handled frame objects with certain
+ names. An attacker could use this flaw to cause a plug-in to grant its
+ content access to another site or the local file system, violating the
+ same-origin policy. (CVE-2011-2999)
+
+ An integer underflow flaw was found in the way SeaMonkey handled large
+ JavaScript regular expressions. A web page containing malicious JavaScript
+ could cause SeaMonkey to access already freed memory, causing SeaMonkey to
+ crash or, potentially, execute arbitrary code with the privileges of the
+ user running SeaMonkey. (CVE-2011-2998)
+
+ All SeaMonkey users should upgrade to these updated packages, which correct
+ these issues. After installing the update, SeaMonkey must be restarted for
+ the changes to take effect.
+
+
+ Affected Software/OS:
+ seamonkey on Red Hat Enterprise Linux AS version 4,
+ Red Hat Enterprise Linux ES version 4,
+ Red Hat Enterprise Linux WS version 4
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://www.redhat.com/archives/rhsa-announce/2011-September/msg00048.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of seamonkey");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Red Hat Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "RHENT_4")
+{
+
+ if(isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~1.0.9~76.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-chat", rpm:"seamonkey-chat~1.0.9~76.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-debuginfo", rpm:"seamonkey-debuginfo~1.0.9~76.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-devel", rpm:"seamonkey-devel~1.0.9~76.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~1.0.9~76.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-js-debugger", rpm:"seamonkey-js-debugger~1.0.9~76.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"seamonkey-mail", rpm:"seamonkey-mail~1.0.9~76.el4", rls:"RHENT_4"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12193_qt_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for qt FEDORA-2011-12193
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863554);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-12193");
+ script_cve_id("CVE-2011-3194");
+ script_name("Fedora Update for qt FEDORA-2011-12193");
+ desc = "
+
+ Vulnerability Insight:
+ Qt is a software toolkit for developing applications.
+
+ This package contains base tools, like string, xml, and network
+ handling.
+
+
+ Affected Software/OS:
+ qt on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066319.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of qt");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"qt", rpm:"qt~4.7.4~2.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12481_Django_fc14.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for Django FEDORA-2011-12481
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863551);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-12481");
+ script_cve_id("CVE-2011-0697");
+ script_name("Fedora Update for Django FEDORA-2011-12481");
+ desc = "
+
+ Vulnerability Insight:
+ Django is a high-level Python Web framework that encourages rapid
+ development and a clean, pragmatic design. It focuses on automating as
+ much as possible and adhering to the DRY (Don't Repeat Yourself)
+ principle.
+
+
+ Affected Software/OS:
+ Django on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066389.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of Django");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"Django", rpm:"Django~1.3.1~2.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12890_opensaml_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for opensaml FEDORA-2011-12890
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863553);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-12890");
+ script_cve_id("CVE-2011-1411");
+ script_name("Fedora Update for opensaml FEDORA-2011-12890");
+ desc = "
+
+ Vulnerability Insight:
+ OpenSAML is an open source implementation of the OASIS Security Assertion
+ Markup Language Specification. It contains a set of open source C++ classes
+ that support the SAML 1.0, 1.1, and 2.0 specifications.
+
+
+ Affected Software/OS:
+ opensaml on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066308.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of opensaml");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"opensaml", rpm:"opensaml~2.3~4.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12918_phpMyAdmin_fc14.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for phpMyAdmin FEDORA-2011-12918
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863556);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-12918");
+ script_name("Fedora Update for phpMyAdmin FEDORA-2011-12918");
+ desc = "
+
+ Vulnerability Insight:
+ phpMyAdmin is a tool written in PHP intended to handle the administration of
+ MySQL over the World Wide Web. Most frequently used operations are supported
+ by the user interface (managing databases, tables, fields, relations, indexes,
+ users, permissions), while you still have the ability to directly execute any
+ SQL statement.
+
+ Features include an intuitive web interface, support for most MySQL features
+ (browse and drop databases, tables, views, fields and indexes, create, copy,
+ drop, rename and alter databases, tables, fields and indexes, maintenance
+ server, databases and tables, with proposals on server configuration, execute,
+ edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
+ and privileges, manage stored procedures and triggers), import data from CSV
+ and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
+ and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
+ creating PDF graphics of your database layout, creating complex queries using
+ Query-by-example (QBE), searching globally in a database or a subset of it,
+ transforming stored data into any format using a set of predefined functions,
+ like displaying BLOB-data as image or download-link and much more...
+
+
+ Affected Software/OS:
+ phpMyAdmin on Fedora 14
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066335.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of phpMyAdmin");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC14")
+{
+
+ if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.4.5~1.fc14", rls:"FC14"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_12928_phpMyAdmin_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for phpMyAdmin FEDORA-2011-12928
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863547);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-12928");
+ script_name("Fedora Update for phpMyAdmin FEDORA-2011-12928");
+ desc = "
+
+ Vulnerability Insight:
+ phpMyAdmin is a tool written in PHP intended to handle the administration of
+ MySQL over the World Wide Web. Most frequently used operations are supported
+ by the user interface (managing databases, tables, fields, relations, indexes,
+ users, permissions), while you still have the ability to directly execute any
+ SQL statement.
+
+ Features include an intuitive web interface, support for most MySQL features
+ (browse and drop databases, tables, views, fields and indexes, create, copy,
+ drop, rename and alter databases, tables, fields and indexes, maintenance
+ server, databases and tables, with proposals on server configuration, execute,
+ edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
+ and privileges, manage stored procedures and triggers), import data from CSV
+ and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
+ and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
+ creating PDF graphics of your database layout, creating complex queries using
+ Query-by-example (QBE), searching globally in a database or a subset of it,
+ transforming stored data into any format using a set of predefined functions,
+ like displaying BLOB-data as image or download-link and much more...
+
+
+ Affected Software/OS:
+ phpMyAdmin on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066333.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of phpMyAdmin");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"phpMyAdmin", rpm:"phpMyAdmin~3.4.5~1.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13388_NetworkManager_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,84 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for NetworkManager FEDORA-2011-13388
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863548);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"2.1");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "FEDORA", value: "2011-13388");
+ script_cve_id("CVE-2011-3364", "CVE-2011-2176", "CVE-2011-1943");
+ script_name("Fedora Update for NetworkManager FEDORA-2011-13388");
+ desc = "
+
+ Vulnerability Insight:
+ NetworkManager is a system network service that manages your network devices
+ and connections, attempting to keep active network connectivity when available.
+ It manages ethernet, WiFi, mobile broadband (WWAN), and PPPoE devices, and
+ provides VPN integration with a variety of different VPN services.
+
+
+ Affected Software/OS:
+ NetworkManager on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066425.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of NetworkManager");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"NetworkManager", rpm:"NetworkManager~0.9.1.90~1.git20110927.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_firefox_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for firefox FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863549);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-13465");
+ script_name("Fedora Update for firefox FEDORA-2011-13465");
+ desc = "
+
+ Vulnerability Insight:
+ Mozilla Firefox is an open-source web browser, designed for standards
+ compliance, performance and portability.
+
+
+ Affected Software/OS:
+ firefox on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066398.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of firefox");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"firefox", rpm:"firefox~7.0~1.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_gnome-python2-extras_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gnome-python2-extras FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863557);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-13465");
+ script_name("Fedora Update for gnome-python2-extras FEDORA-2011-13465");
+ desc = "
+
+ Vulnerability Insight:
+ The gnome-python-extra package contains the source packages for additional
+ Python bindings for GNOME. It should be used together with gnome-python.
+
+
+ Affected Software/OS:
+ gnome-python2-extras on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066397.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of gnome-python2-extras");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"gnome-python2-extras", rpm:"gnome-python2-extras~2.25.3~35.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_mozvoikko_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,80 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for mozvoikko FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863550);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-13465");
+ script_name("Fedora Update for mozvoikko FEDORA-2011-13465");
+ desc = "
+
+ Vulnerability Insight:
+ This is mozvoikko, an extension for Mozilla programs for using the Finnish
+ spell-checker Voikko.
+
+
+ Affected Software/OS:
+ mozvoikko on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066399.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mozvoikko");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"mozvoikko", rpm:"mozvoikko~1.9.0~8.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_perl-Gtk2-MozEmbed_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,79 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863552);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-13465");
+ script_name("Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-13465");
+ desc = "
+
+ Vulnerability Insight:
+ This module allows you to use the Mozilla embedding widget from Perl.
+
+
+ Affected Software/OS:
+ perl-Gtk2-MozEmbed on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066401.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of perl-Gtk2-MozEmbed");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"perl-Gtk2-MozEmbed", rpm:"perl-Gtk2-MozEmbed~0.09~1.fc15.4", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_fedora_2011_13465_xulrunner_fc15.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for xulrunner FEDORA-2011-13465
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(863555);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "FEDORA", value: "2011-13465");
+ script_name("Fedora Update for xulrunner FEDORA-2011-13465");
+ desc = "
+
+ Vulnerability Insight:
+ XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM
+ applications that are as rich as Firefox and Thunderbird. It provides mechanisms
+ for installing, upgrading, and uninstalling these applications. XULRunner also
+ provides libxul, a solution which allows the embedding of Mozilla technologies
+ in other projects and products.
+
+
+ Affected Software/OS:
+ xulrunner on Fedora 15
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066400.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of xulrunner");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Fedora Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "FC15")
+{
+
+ if(isrpmvuln(pkg:"xulrunner", rpm:"xulrunner~7.0~1.fc15", rls:"FC15"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_136.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,182 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for openssl MDVSA-2011:136 (openssl)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831455);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"2.6");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "MDVSA", value: "2011:136");
+ script_cve_id("CVE-2011-1945");
+ script_name("Mandriva Update for openssl MDVSA-2011:136 (openssl)");
+ desc = "
+
+ Vulnerability Insight:
+
+ A vulnerability was discovered and corrected in openssl:
+
+ The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and
+ earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA)
+ is used for the ECDHE_ECDSA cipher suite, does not properly implement
+ curves over binary fields, which makes it easier for context-dependent
+ attackers to determine private keys via a timing attack and a lattice
+ calculation (CVE-2011-1945).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+
+ The updated packages have been patched to correct this issue.
+
+ Affected Software/OS:
+ openssl on Mandriva Linux 2009.0,
+ Mandriva Linux 2009.0/X86_64,
+ Mandriva Enterprise Server 5,
+ Mandriva Enterprise Server 5/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2011-09/msg00021.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openssl");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_mes5")
+{
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8h~3.11mdvmes5.2", rls:"MNDK_mes5"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "MNDK_2009.0")
+{
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8", rpm:"libopenssl0.9.8~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-devel", rpm:"libopenssl0.9.8-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl0.9.8-static-devel", rpm:"libopenssl0.9.8-static-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8", rpm:"lib64openssl0.9.8~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-devel", rpm:"lib64openssl0.9.8-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl0.9.8-static-devel", rpm:"lib64openssl0.9.8-static-devel~0.9.8h~3.11mdv2009.0", rls:"MNDK_2009.0"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_137.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,154 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Mandriva Update for openssl MDVSA-2011:137 (openssl)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(831454);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"risk_factor", value:"Medium");
+ script_xref(name: "MDVSA", value: "2011:137");
+ script_cve_id("CVE-2011-1945", "CVE-2011-3207", "CVE-2011-3210");
+ script_name("Mandriva Update for openssl MDVSA-2011:137 (openssl)");
+ desc = "
+
+ Vulnerability Insight:
+
+ Multiple vulnerabilities has been discovered and corrected in openssl:
+
+ The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and
+ earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA)
+ is used for the ECDHE_ECDSA cipher suite, does not properly implement
+ curves over binary fields, which makes it easier for context-dependent
+ attackers to determine private keys via a timing attack and a lattice
+ calculation (CVE-2011-1945).
+
+ crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not
+ initialize certain structure members, which makes it easier for
+ remote attackers to bypass CRL validation by using a nextUpdate value
+ corresponding to a time in the past (CVE-2011-3207).
+
+ The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through
+ 0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during
+ processing of handshake messages, which allows remote attackers
+ to cause a denial of service (application crash) via out-of-order
+ messages that violate the TLS protocol (CVE-2011-3210).
+
+ Packages for 2009.0 are provided as of the Extended Maintenance
+ Program. Please visit this link to learn more:
+ http://store.mandriva.com/product_info.php?cPath=149&products_id=490
+
+ The updated packages have been patched to correct these issues.
+
+ Affected Software/OS:
+ openssl on Mandriva Linux 2010.1,
+ Mandriva Linux 2010.1/X86_64
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ http://lists.mandriva.com/security-announce/2011-09/msg00022.php
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of openssl");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Mandrake Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "MNDK_2010.1")
+{
+
+ if(isrpmvuln(pkg:"libopenssl1.0.0", rpm:"libopenssl1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl1.0.0-devel", rpm:"libopenssl1.0.0-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl1.0.0-static-devel", rpm:"libopenssl1.0.0-static-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"libopenssl-engines1.0.0", rpm:"libopenssl-engines1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"openssl", rpm:"openssl~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl1.0.0", rpm:"lib64openssl1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl1.0.0-devel", rpm:"lib64openssl1.0.0-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl1.0.0-static-devel", rpm:"lib64openssl1.0.0-static-devel~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isrpmvuln(pkg:"lib64openssl-engines1.0.0", rpm:"lib64openssl-engines1.0.0~1.0.0a~1.8mdv2010.2", rls:"MNDK_2010.1"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1210_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,131 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for firefox USN-1210-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840756);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1210-1");
+ script_cve_id("CVE-2011-2995", "CVE-2011-2996", "CVE-2011-2999", "CVE-2011-3000", "CVE-2011-2372", "CVE-2011-3001");
+ script_name("Ubuntu Update for firefox USN-1210-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered
+ multiple memory vulnerabilities in the browser rendering engine. An
+ attacker could use these to possibly execute arbitrary code with the
+ privileges of the user invoking Firefox. (CVE-2011-2995, CVE-2011-2996)
+
+ Boris Zbarsky discovered that a frame named "location" could shadow the
+ window.location object unless a script in a page grabbed a reference to the
+ true object before the frame was created. This is in violation of the Same
+ Origin Policy. A malicious website could possibly use this to access
+ another website or the local file system. (CVE-2011-2999)
+
+ Mark Kaplan discovered an integer underflow in the SpiderMonkey JavaScript
+ engine. An attacker could potentially use this to crash Firefox.
+
+ Ian Graham discovered that when multiple Location headers were present,
+ Firefox would use the second one resulting in a possible CRLF injection
+ attack. CRLF injection issues can result in a wide variety of attacks, such
+ as XSS (Cross-Site Scripting) vulnerabilities, browser cache poisoning, and
+ cookie theft. (CVE-2011-3000)
+
+ Mariusz Mlynski discovered that if the user could be convinced to hold down
+ the enter key, a malicious website could potential pop up a download dialog
+ and the default open action would be selected. This would result in
+ potentially malicious content being run with privileges of the user
+ invoking Firefox. (CVE-2011-2372)
+
+ Affected Software/OS:
+ firefox on Ubuntu 10.10 ,
+ Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001427.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of firefox");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"firefox", ver:"3.6.23+build1+nobinonly-0ubuntu0.10.04.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"xulrunner-1.9.2", ver:"1.9.2.23+build1+nobinonly-0ubuntu0.10.04.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"firefox", ver:"3.6.23+build1+nobinonly-0ubuntu0.10.10.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"xulrunner-1.9.2", ver:"1.9.2.23+build1+nobinonly-0ubuntu0.10.10.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1213_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,133 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for thunderbird USN-1213-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840754);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1213-1");
+ script_cve_id("CVE-2011-2995", "CVE-2011-2996", "CVE-2011-2999", "CVE-2011-3000", "CVE-2011-2372");
+ script_name("Ubuntu Update for thunderbird USN-1213-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered
+ multiple memory vulnerabilities in the Gecko rendering engine. An
+ attacker could use these to possibly execute arbitrary code with the
+ privileges of the user invoking Thunderbird. (CVE-2011-2995, CVE-2011-2996)
+
+ Boris Zbarsky discovered that a frame named "location" could shadow the
+ window.location object unless a script in a page grabbed a reference to the
+ true object before the frame was created. This is in violation of the Same
+ Origin Policy. A malicious E-Mail could possibly use this to access the
+ local file system. (CVE-2011-2999)
+
+ Mark Kaplan discovered an integer underflow in the SpiderMonkey JavaScript
+ engine. An attacker could potentially use this to crash Thunderbird.
+
+ Ian Graham discovered that when multiple Location headers were present,
+ Thunderbird would use the second one resulting in a possible CRLF injection
+ attack. CRLF injection issues can result in a wide variety of attacks, such
+ as XSS (Cross-Site Scripting) vulnerabilities, browser cache poisoning, and
+ cookie theft. (CVE-2011-3000)
+
+ Mariusz Mlynski discovered that if the user could be convinced to hold down
+ the enter key, a malicious website or E-Mail could potential pop up a
+ download dialog and the default open action would be selected. This would
+ result in potentially malicious content being run with privileges of the
+ user invoking Thunderbird. (CVE-2011-2372)
+
+ Affected Software/OS:
+ thunderbird on Ubuntu 11.04 ,
+ Ubuntu 10.10 ,
+ Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001428.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of thunderbird");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"thunderbird", ver:"3.1.15+build1+nobinonly-0ubuntu0.10.10.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"thunderbird", ver:"3.1.15+build1+nobinonly-0ubuntu0.10.04.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+ if(isdpkgvuln(pkg:"thunderbird", ver:"3.1.15+build1+nobinonly-0ubuntu0.11.04.1", rls:"UBUNTU11.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1216_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,129 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ec2 USN-1216-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840761);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.1");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "1216-1");
+ script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4251", "CVE-2010-4805", "CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1577", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918");
+ script_name("Ubuntu Update for linux-ec2 USN-1216-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+ initialize structure memory. A local attacker could exploit this to read
+ portions of kernel stack memory, leading to a loss of privacy.
+ (CVE-2010-4076, CVE-2010-4077)
+
+ Alex Shi and Eric Dumazet discovered that the network stack did not
+ correctly handle packet backlogs. A remote attacker could exploit this by
+ sending a large amount of network traffic to cause the system to run out of
+ memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)
+
+ It was discovered that the /proc filesystem did not correctly handle
+ permission changes when programs executed. A local attacker could hold open
+ files to examine details about programs running with higher privileges,
+ potentially increasing the chances of exploiting additional
+ vulnerabilities. (CVE-2011-1020)
+
+ Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+ handle certain fields. If a system was running with Rose enabled, a remote
+ attacker could send specially crafted traffic to gain root privileges.
+ (CVE-2011-1493)
+
+ Timo Warns discovered that the GUID partition parsing routines did not
+ correctly validate certain structures. A local attacker with physical
+ access could plug in a specially crafted block device to crash the system,
+ leading to a denial of service. (CVE-2011-1577)
+
+ Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+ correctly validate certain requests. A local attacker could exploit this to
+ consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+
+ Vasiliy Kulikov discovered that taskstats listeners were not correctly
+ handled. A local attacker could expoit this to exhaust memory and CPU
+ resources, leading to a denial of service. (CVE-2011-2484)
+
+ It was discovered that Bluetooth l2cap and rfcomm did not correctly
+ initialize structures. A local attacker could exploit this to read portions
+ of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+
+ Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+ correctly check the length of memory copies. If this hardware was
+ available, a local attacker could exploit this to crash the system or gain
+ root privileges. (CVE-2011-2700)
+
+ Herbert Xu discovered that certain fields were incorrectly handled when
+ Generic Receive Offload (CVE-2011-2723)
+
+ The performance counter subsystem did not correctly handle certain
+ counters. A local attacker could exploit this to crash the system, leading
+ to a denial of service. (CVE-2011-2918)
+
+ Affected Software/OS:
+ linux-ec2 on Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001426.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of linux-ec2");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-318-ec2", ver:"2.6.32-318.38", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1217_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,110 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for puppet USN-1217-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840757);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "1217-1");
+ script_cve_id("CVE-2011-3848");
+ script_name("Ubuntu Update for puppet USN-1217-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Kristian Erik Hermansen discovered a directory traversal vulnerability in
+ the SSLFile indirection base class. A remote attacker could exploit this to
+ overwrite files with the privileges of the Puppet Master.
+
+ Affected Software/OS:
+ puppet on Ubuntu 11.04 ,
+ Ubuntu 10.10 ,
+ Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001429.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of puppet");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"puppet-common", ver:"2.6.1-0ubuntu2.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"puppet-common", ver:"0.25.4-2ubuntu6.2", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+ if(isdpkgvuln(pkg:"puppet-common", ver:"2.6.4-2ubuntu2.2", rls:"UBUNTU11.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1218_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,207 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-1218-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840760);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"6.1");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "1218-1");
+ script_cve_id("CVE-2010-4076", "CVE-2010-4077", "CVE-2010-4251", "CVE-2010-4805", "CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1577", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2492", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918");
+ script_name("Ubuntu Update for linux USN-1218-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Dan Rosenberg discovered that multiple terminal ioctls did not correctly
+ initialize structure memory. A local attacker could exploit this to read
+ portions of kernel stack memory, leading to a loss of privacy.
+ (CVE-2010-4076, CVE-2010-4077)
+
+ Alex Shi and Eric Dumazet discovered that the network stack did not
+ correctly handle packet backlogs. A remote attacker could exploit this by
+ sending a large amount of network traffic to cause the system to run out of
+ memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)
+
+ It was discovered that the /proc filesystem did not correctly handle
+ permission changes when programs executed. A local attacker could hold open
+ files to examine details about programs running with higher privileges,
+ potentially increasing the chances of exploiting additional
+ vulnerabilities. (CVE-2011-1020)
+
+ Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
+ handle certain fields. If a system was running with Rose enabled, a remote
+ attacker could send specially crafted traffic to gain root privileges.
+ (CVE-2011-1493)
+
+ Timo Warns discovered that the GUID partition parsing routines did not
+ correctly validate certain structures. A local attacker with physical
+ access could plug in a specially crafted block device to crash the system,
+ leading to a denial of service. (CVE-2011-1577)
+
+ Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+ correctly validate certain requests. A local attacker could exploit this to
+ consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+
+ Vasiliy Kulikov discovered that taskstats listeners were not correctly
+ handled. A local attacker could expoit this to exhaust memory and CPU
+ resources, leading to a denial of service. (CVE-2011-2484)
+
+ It was discovered that Bluetooth l2cap and rfcomm did not correctly
+ initialize structures. A local attacker could exploit this to read portions
+ of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)
+
+ Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+ correctly check the length of memory copies. If this hardware was
+ available, a local attacker could exploit this to crash the system or gain
+ root privileges. (CVE-2011-2700)
+
+ Herbert Xu discovered that certain fields were incorrectly handled when
+ Generic Receive Offload (CVE-2011-2723)
+
+ The performance counter subsystem did not correctly handle certain
+ counters. A local attacker could exploit this to crash the system, leading
+ to a denial of service. (CVE-2011-2918)
+
+ Affected Software/OS:
+ linux on Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001430.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of linux");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-386", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-generic", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-generic-pae", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-ia64", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-lpia", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-powerpc", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-powerpc-smp", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-powerpc64-smp", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-preempt", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-server", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-sparc64", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-sparc64-smp", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-versatile", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.32-34-virtual", ver:"2.6.32-34.77", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1219_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,147 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-backport-maverick USN-1219-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840762);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"8.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1219-1");
+ script_cve_id("CVE-2011-1576", "CVE-2011-1776", "CVE-2011-1833", "CVE-2011-2213", "CVE-2011-2497", "CVE-2011-2699", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2918", "CVE-2011-2928", "CVE-2011-3191");
+ script_name("Ubuntu Update for linux-lts-backport-maverick USN-1219-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Ryan Sweat discovered that the kernel incorrectly handled certain VLAN
+ packets. On some systems, a remote attacker could send specially crafted
+ traffic to crash the system, leading to a denial of service.
+ (CVE-2011-1576)
+
+ Timo Warns discovered that the EFI GUID partition table was not correctly
+ parsed. A physically local attacker that could insert mountable devices
+ could exploit this to crash the system or possibly gain root privileges.
+ (CVE-2011-1776)
+
+ Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not
+ correctly check the origin of mount points. A local attacker could exploit
+ this to trick the system into unmounting arbitrary mount points, leading to
+ a denial of service. (CVE-2011-1833)
+
+ Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+ correctly validate certain requests. A local attacker could exploit this to
+ consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+
+ Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
+ certain L2CAP requests. If a system was using Bluetooth, a remote attacker
+ could send specially crafted traffic to crash the system or gain root
+ privileges. (CVE-2011-2497)
+
+ Fernando Gont discovered that the IPv6 stack used predictable fragment
+ identification numbers. A remote attacker could exploit this to exhaust
+ network resources, leading to a denial of service. (CVE-2011-2699)
+
+ Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+ correctly check the length of memory copies. If this hardware was
+ available, a local attacker could exploit this to crash the system or gain
+ root privileges. (CVE-2011-2700)
+
+ Herbert Xu discovered that certain fields were incorrectly handled when
+ Generic Receive Offload (CVE-2011-2723)
+
+ The performance counter subsystem did not correctly handle certain
+ counters. A local attacker could exploit this to crash the system, leading
+ to a denial of service. (CVE-2011-2918)
+
+ Time Warns discovered that long symlinks were incorrectly handled on Be
+ filesystems. A local attacker could exploit this with a malformed Be
+ filesystem and crash the system, leading to a denial of service.
+ (CVE-2011-2928)
+
+ Darren Lavender discovered that the CIFS client incorrectly handled certain
+ large values. A remote attacker with a malicious server could exploit this
+ to crash the system or possibly execute arbitrary code as the root user.
+ (CVE-2011-3191)
+
+ Affected Software/OS:
+ linux-lts-backport-maverick on Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001431.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of linux-lts-backport-maverick");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-30-generic-pae", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-30-server", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-30-virtual", ver:"2.6.35-30.60~lucid1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1220_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,120 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ti-omap4 USN-1220-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840758);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"8.3");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1220-1");
+ script_cve_id("CVE-2011-1576", "CVE-2011-1776", "CVE-2011-2213", "CVE-2011-2497", "CVE-2011-2700", "CVE-2011-2723", "CVE-2011-2928", "CVE-2011-3188", "CVE-2011-3191");
+ script_name("Ubuntu Update for linux-ti-omap4 USN-1220-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Ryan Sweat discovered that the kernel incorrectly handled certain VLAN
+ packets. On some systems, a remote attacker could send specially crafted
+ traffic to crash the system, leading to a denial of service.
+ (CVE-2011-1576)
+
+ Timo Warns discovered that the EFI GUID partition table was not correctly
+ parsed. A physically local attacker that could insert mountable devices
+ could exploit this to crash the system or possibly gain root privileges.
+ (CVE-2011-1776)
+
+ Dan Rosenberg discovered that the IPv4 diagnostic routines did not
+ correctly validate certain requests. A local attacker could exploit this to
+ consume CPU resources, leading to a denial of service. (CVE-2011-2213)
+
+ Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
+ certain L2CAP requests. If a system was using Bluetooth, a remote attacker
+ could send specially crafted traffic to crash the system or gain root
+ privileges. (CVE-2011-2497)
+
+ Mauro Carvalho Chehab discovered that the si4713 radio driver did not
+ correctly check the length of memory copies. If this hardware was
+ available, a local attacker could exploit this to crash the system or gain
+ root privileges. (CVE-2011-2700)
+
+ Herbert Xu discovered that certain fields were incorrectly handled when
+ Generic Receive Offload (CVE-2011-2723)
+
+ Time Warns discovered that long symlinks were incorrectly handled on Be
+ filesystems. A local attacker could exploit this with a malformed Be
+ filesystem and crash the system, leading to a denial of service.
+ (CVE-2011-2928)
+
+ Dan Kaminsky discovered that the kernel incorrectly handled random sequence
+ number generation. An attacker could use this flaw to possibly predict
+ sequence numbers and inject packets. (CVE-2011-3188)
+
+ Darren Lavender discovered that the CIFS client incorrectly handled certain
+ large values. A remote attacker with a malicious server could exploit this
+ to crash the system or possibly execute arbitrary code as the root user.
+ (CVE-2011-3191)
+
+ Affected Software/OS:
+ linux-ti-omap4 on Ubuntu 10.10
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001432.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of linux-ti-omap4");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"linux-image-2.6.35-903-omap4", ver:"2.6.35-903.25", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1221_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,130 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for mutt USN-1221-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840755);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"5.8");
+ script_tag(name:"risk_factor", value:"High");
+ script_xref(name: "USN", value: "1221-1");
+ script_cve_id("CVE-2011-1429");
+ script_name("Ubuntu Update for mutt USN-1221-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ It was discovered that mutt incorrectly verified the hostname in an SSL
+ certificate. An attacker could trick mutt into trusting a rogue SMTPS,
+ IMAPS, or POP3S server's certificate, which was signed by a trusted certificate
+ authority, to perform a man-in-the-middle attack.
+
+ Affected Software/OS:
+ mutt on Ubuntu 11.04 ,
+ Ubuntu 10.10 ,
+ Ubuntu 10.04 LTS
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001433.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of mutt");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU10.10")
+{
+
+ if(isdpkgvuln(pkg:"mutt", ver:"1.5.20-9ubuntu2.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mutt-patched", ver:"1.5.20-9ubuntu2.1", rls:"UBUNTU10.10"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+ if(isdpkgvuln(pkg:"mutt", ver:"1.5.20-7ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mutt-patched", ver:"1.5.20-7ubuntu1.1", rls:"UBUNTU10.04 LTS"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
+
+
+if(release == "UBUNTU11.04")
+{
+
+ if(isdpkgvuln(pkg:"mutt", ver:"1.5.21-2ubuntu3.1", rls:"UBUNTU11.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ if(isdpkgvuln(pkg:"mutt-patched", ver:"1.5.21-2ubuntu3.1", rls:"UBUNTU11.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
Added: trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl 2011-09-30 13:58:03 UTC (rev 11722)
+++ trunk/openvas-plugins/scripts/gb_ubuntu_USN_1222_1.nasl 2011-09-30 14:02:57 UTC (rev 11723)
@@ -0,0 +1,117 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for firefox USN-1222-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+ script_id(840759);
+ script_version("$Revision$: 1.0");
+ script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"risk_factor", value:"Critical");
+ script_xref(name: "USN", value: "1222-1");
+ script_cve_id("CVE-2011-2995", "CVE-2011-2997", "CVE-2011-2999", "CVE-2011-3000", "CVE-2011-2372", "CVE-2011-3001", "CVE-2011-3002", "CVE-2011-3003", "CVE-2011-3005", "CVE-2011-3232", "CVE-2011-3004");
+ script_name("Ubuntu Update for firefox USN-1222-1");
+ desc = "
+
+ Vulnerability Insight:
+
+ Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight,
+ Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and
+ Marcia Knous discovered multiple memory vulnerabilities in the browser
+ rendering engine. An attacker could use these to possibly execute arbitrary
+ code with the privileges of the user invoking Firefox. (CVE-2011-2995,
+ CVE-2011-2997)
+
+ Boris Zbarsky discovered that a frame named "location" could shadow the
+ window.location object unless a script in a page grabbed a reference to the
+ true object before the frame was created. This is in violation of the Same
+ Origin Policy. A malicious website could possibly use this to access
+ another website or the local file system. (CVE-2011-2999)
+
+ Ian Graham discovered that when multiple Location headers were present,
+ Firefox would use the second one resulting in a possible CRLF injection
+ attack. CRLF injection issues can result in a wide variety of attacks, such
+ as XSS (Cross-Site Scripting) vulnerabilities, browser cache poisoning, and
+ cookie theft. (CVE-2011-3000)
+
+ Mariusz Mlynski discovered that if the user could be convinced to hold down
+ the enter key, a malicious website could potential pop up a download dialog
+ and the default open action would be selected or lead to the installation
+ of an arbitrary add-on. This would result in potentially malicious content
+ being run with privileges of the user invoking Firefox. (CVE-2011-2372,
+ CVE-2011-3001)
+
+ Michael Jordon and Ben Hawkes discovered flaws in WebGL. If a user were
+ tricked into opening a malicious page, an attacker could cause the browser
+ to crash. (CVE-2011-3002, CVE-2011-3003)
+
+ It was discovered that Firefox did not properly free memory when processing
+ ogg files. If a user were tricked into opening a malicious page, an
+ attacker could cause the browser to crash. (CVE-2011-3005)
+
+ David Rees and Aki Helin discovered a problems in the JavaScript engine. An
+ attacker could exploit this to crash the browser or potentially escalate
+ privileges within the browser. (CVE-2011-3232)
+
+ Affected Software/OS:
+ firefox on Ubuntu 11.04
+
+ Fix: Please Install the Updated Packages.
+
+ References:
+ https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001434.html
+
+ ";
+
+ script_description(desc);
+ script_summary("Check for the Version of firefox");
+ script_category(ACT_GATHER_INFO);
+ script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
+ script_family("Ubuntu Local Security Checks");
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/release");
+ exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+include("revisions-lib.inc");
+
+release = get_kb_item("ssh/login/release");
+
+if(release == NULL){
+ exit(0);
+}
+
+if(release == "UBUNTU11.04")
+{
+
+ if(isdpkgvuln(pkg:"firefox", ver:"7.0.1+build1+nobinonly-0ubuntu0.11.04.1", rls:"UBUNTU11.04"))
+ {
+ security_hole(0);
+ exit(0);
+ }
+
+ exit(0);
+}
\ No newline at end of file
More information about the Openvas-commits
mailing list