[Openvas-commits] r13045 - in trunk/openvas-plugins: . scripts
scm-commit at wald.intevation.org
scm-commit at wald.intevation.org
Thu Mar 15 09:31:13 CET 2012
Author: antu123
Date: 2012-03-15 09:31:12 +0100 (Thu, 15 Mar 2012)
New Revision: 13045
Modified:
trunk/openvas-plugins/ChangeLog
trunk/openvas-plugins/scripts/secpod_ms12-017.nasl
trunk/openvas-plugins/scripts/secpod_ms12-018.nasl
trunk/openvas-plugins/scripts/secpod_ms12-019.nasl
trunk/openvas-plugins/scripts/secpod_ms12-020.nasl
trunk/openvas-plugins/scripts/secpod_ms12-021.nasl
trunk/openvas-plugins/scripts/secpod_ms12-022.nasl
Log:
Updated CVSS, Added CVSS base vector tag
Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog 2012-03-15 08:27:12 UTC (rev 13044)
+++ trunk/openvas-plugins/ChangeLog 2012-03-15 08:31:12 UTC (rev 13045)
@@ -1,3 +1,13 @@
+2012-03-15 Antu Sanadi <santu at secpod.com>
+
+ * scripts/secpod_ms12-017.nasl,
+ scripts/secpod_ms12-018.nasl,
+ scripts/secpod_ms12-019.nasl,
+ scripts/secpod_ms12-020.nasl,
+ scripts/secpod_ms12-021.nasl,
+ scripts/secpod_ms12-022.nasl:
+ Updated cvss_base, Added cvss_base_vector tag.
+
2012-03-14 Thomas Reinke <reinke at securityspace.com>
* scripts/deb_2292_1.nasl,
Modified: trunk/openvas-plugins/scripts/secpod_ms12-017.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms12-017.nasl 2012-03-15 08:27:12 UTC (rev 13044)
+++ trunk/openvas-plugins/scripts/secpod_ms12-017.nasl 2012-03-15 08:31:12 UTC (rev 13045)
@@ -30,8 +30,9 @@
script_version("$Revision$");
script_bugtraq_id(52374);
script_cve_id("CVE-2012-0006");
- script_tag(name:"cvss_base", value:"7.5");
- script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"5.0");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+ script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-14 08:31:02 +0530 (Wed, 14 Mar 2012)");
script_name("Microsoft Windows DNS Server Denial of Service Vulnerability (2647170)");
@@ -113,7 +114,7 @@
{
## Check for Dns.exe version
if(version_is_less(version:sysVer, test_version:"5.2.3790.4957")){
- security_hole(0);
+ security_warning(0);
}
exit(0);
}
@@ -124,6 +125,6 @@
## Check for Dns.exe version
if(version_is_less(version:sysVer, test_version:"6.0.6002.18557")||
version_in_range(version:sysVer, test_version:"6.0.6002.22000", test_version2:"6.0.6002.22762")){
- security_hole(0);
+ security_warning(0);
}
}
Modified: trunk/openvas-plugins/scripts/secpod_ms12-018.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms12-018.nasl 2012-03-15 08:27:12 UTC (rev 13044)
+++ trunk/openvas-plugins/scripts/secpod_ms12-018.nasl 2012-03-15 08:31:12 UTC (rev 13045)
@@ -30,7 +30,8 @@
script_version("$Revision$");
script_cve_id("CVE-2012-0157");
script_bugtraq_id(52317);
- script_tag(name:"cvss_base", value:"7.5");
+ script_tag(name:"cvss_base", value:"7.2");
+ script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-14 09:00:53 +0530 (Wed, 14 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_ms12-019.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms12-019.nasl 2012-03-15 08:27:12 UTC (rev 13044)
+++ trunk/openvas-plugins/scripts/secpod_ms12-019.nasl 2012-03-15 08:31:12 UTC (rev 13045)
@@ -30,8 +30,9 @@
script_version("$Revision$");
script_cve_id("CVE-2012-0156");
script_bugtraq_id(52332);
- script_tag(name:"cvss_base", value:"7.5");
- script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"4.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
+ script_tag(name:"risk_factor", value:"Medium");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-14 09:53:40 +0530 (Wed, 14 Mar 2012)");
script_name("Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)");
@@ -111,7 +112,7 @@
## Check for D3d10_1.dll version
if(version_is_less(version:sysVer, test_version:"7.0.6002.18582") ||
version_in_range(version:sysVer, test_version:"7.0.6002.22000", test_version2:"7.0.6002.22796")){
- security_hole(0);
+ security_warning(0);
}
exit(0);
}
@@ -131,6 +132,6 @@
version_in_range(version:dllVer, test_version:"6.1.7600.20000", test_version2:"6.1.7600.21147")||
version_in_range(version:dllVer, test_version:"6.1.7601.17000", test_version2:"6.1.7601.17775")||
version_in_range(version:dllVer, test_version:"6.1.7601.21000", test_version2:"6.1.7601.21919")){
- security_hole(0);
+ security_warning(0);
}
}
Modified: trunk/openvas-plugins/scripts/secpod_ms12-020.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms12-020.nasl 2012-03-15 08:27:12 UTC (rev 13044)
+++ trunk/openvas-plugins/scripts/secpod_ms12-020.nasl 2012-03-15 08:31:12 UTC (rev 13045)
@@ -30,7 +30,8 @@
script_version("$Revision$");
script_cve_id("CVE-2012-0002", "CVE-2012-0152");
script_bugtraq_id(52353, 52354);
- script_tag(name:"cvss_base", value:"10.0");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"Critical");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-14 09:43:49 +0530 (Wed, 14 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_ms12-021.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms12-021.nasl 2012-03-15 08:27:12 UTC (rev 13044)
+++ trunk/openvas-plugins/scripts/secpod_ms12-021.nasl 2012-03-15 08:31:12 UTC (rev 13045)
@@ -30,7 +30,8 @@
script_version("$Revision$");
script_cve_id("CVE-2012-0008");
script_bugtraq_id(52329);
- script_tag(name:"cvss_base", value:"6.6");
+ script_tag(name:"cvss_base", value:"6.9");
+ script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"risk_factor", value:"High");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-14 10:10:10 +0530 (Wed, 14 Mar 2012)");
Modified: trunk/openvas-plugins/scripts/secpod_ms12-022.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms12-022.nasl 2012-03-15 08:27:12 UTC (rev 13044)
+++ trunk/openvas-plugins/scripts/secpod_ms12-022.nasl 2012-03-15 08:31:12 UTC (rev 13045)
@@ -30,13 +30,14 @@
script_version("$Revision$");
script_cve_id("CVE-2012-0016");
script_bugtraq_id(52375);
- script_tag(name:"cvss_base", value:"7.5");
- script_tag(name:"risk_factor", value:"High");
+ script_tag(name:"cvss_base", value:"9.3");
+ script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+ script_tag(name:"risk_factor", value:"Critical");
script_tag(name:"last_modification", value:"$Date$");
script_tag(name:"creation_date", value:"2012-03-14 10:53:40 +0530 (Wed, 14 Mar 2012)");
script_name("Microsoft Expression Design Remote Code Execution Vulnerability (2651018)");
desc = "
- Overview: This host has important security update missing according to
+ Overview: This host has moderate security update missing according to
Microsoft Bulletin MS12-022.
Vulnerability Insight:
@@ -49,7 +50,7 @@
Successful exploitation could allow remote attackers to execute arbitrary
code on the target system.
- Impact Level: System/Application
+ Impact Level: System
Affected Software/OS:
Microsoft Expression Design
@@ -109,6 +110,7 @@
path = dllPath;
}
+
## Get the version of GraphicsCore.dll file
dllVer = fetch_file_version(sysPath:path, file_name:"GraphicsCore.dll");
if(dllVer)
More information about the Openvas-commits
mailing list