[Openvas-nvts-commits] r548 - / scripts scripts/2014

scm-commit at wald.intevation.org scm-commit at wald.intevation.org
Fri Jul 4 15:18:45 CEST 2014


Author: antu123
Date: 2014-07-04 15:18:45 +0200 (Fri, 04 Jul 2014)
New Revision: 548

Added:
   scripts/2014/gb_CESA-2014_0788_mod_wsgi_centos6.nasl
   scripts/2014/gb_CESA-2014_0790_dovecot_centos6.nasl
   scripts/2014/gb_RHSA-2014_0675-01_java-1.7.0-openjdk.nasl
   scripts/2014/gb_RHSA-2014_0678-02_kernel.nasl
   scripts/2014/gb_RHSA-2014_0679-01_openssl.nasl
   scripts/2014/gb_RHSA-2014_0680-01_openssl098e.nasl
   scripts/2014/gb_RHSA-2014_0684-01_gnutls.nasl
   scripts/2014/gb_RHSA-2014_0685-01_java-1.6.0-openjdk.nasl
   scripts/2014/gb_RHSA-2014_0686-01_tomcat.nasl
   scripts/2014/gb_RHSA-2014_0687-01_libtasn1.nasl
   scripts/2014/gb_RHSA-2014_0702-01_mariadb.nasl
   scripts/2014/gb_RHSA-2014_0703-01_json-c.nasl
   scripts/2014/gb_RHSA-2014_0704-01_qemu-kvm.nasl
   scripts/2014/gb_RHSA-2014_0786-01_kernel.nasl
   scripts/2014/gb_RHSA-2014_0788-01_mod_wsgi.nasl
   scripts/2014/gb_RHSA-2014_0790-01_dovecot.nasl
   scripts/2014/gb_fedora_2014_7274_tor_fc19.nasl
   scripts/2014/gb_fedora_2014_7296_tor_fc20.nasl
   scripts/2014/gb_fedora_2014_7359_wireshark_fc20.nasl
   scripts/2014/gb_fedora_2014_7408_xen_fc19.nasl
   scripts/2014/gb_fedora_2014_7413_rb_libtorrent_fc19.nasl
   scripts/2014/gb_fedora_2014_7423_xen_fc20.nasl
   scripts/2014/gb_fedora_2014_7446_openstack-neutron_fc20.nasl
   scripts/2014/gb_fedora_2014_7479_sos_fc20.nasl
   scripts/2014/gb_fedora_2014_7490_sos_fc19.nasl
   scripts/2014/gb_fedora_2014_7579_kdelibs_fc20.nasl
   scripts/2014/gb_fedora_2014_7594_zabbix_fc20.nasl
   scripts/2014/gb_fedora_2014_7603_zabbix_fc19.nasl
   scripts/2014/gb_fedora_2014_7672_samba_fc20.nasl
   scripts/2014/gb_fedora_2014_7676_gnupg_fc20.nasl
   scripts/2014/gb_fedora_2014_7715_python-simplejson_fc20.nasl
   scripts/2014/gb_fedora_2014_7765_php_fc20.nasl
   scripts/2014/gb_fedora_2014_7796_gnupg2_fc20.nasl
   scripts/2014/gb_fedora_2014_7797_gnupg2_fc19.nasl
   scripts/2014/gb_fedora_2014_7800_python_fc20.nasl
   scripts/2014/gb_fedora_2014_7863_kernel_fc20.nasl
   scripts/2014/gb_suse_2014_0840_1.nasl
   scripts/2014/gb_suse_2014_0856_1.nasl
   scripts/2014/gb_ubuntu_USN_2232_3.nasl
   scripts/2014/gb_ubuntu_USN_2253_1.nasl
   scripts/2014/gb_ubuntu_USN_2254_1.nasl
   scripts/2014/gb_ubuntu_USN_2254_2.nasl
   scripts/2014/gb_ubuntu_USN_2255_1.nasl
   scripts/2014/gb_ubuntu_USN_2256_1.nasl
   scripts/2014/gb_ubuntu_USN_2257_1.nasl
   scripts/2014/gb_ubuntu_USN_2258_1.nasl
   scripts/2014/gb_ubuntu_USN_2259_1.nasl
   scripts/2014/gb_ubuntu_USN_2260_1.nasl
   scripts/2014/gb_ubuntu_USN_2261_1.nasl
   scripts/2014/gb_ubuntu_USN_2262_1.nasl
   scripts/2014/gb_ubuntu_USN_2263_1.nasl
   scripts/2014/gb_ubuntu_USN_2264_1.nasl
Modified:
   ChangeLog
   scripts/gather-package-list.nasl
Log:
Added new auto generated plugins and Added RedHat7 support.

Modified: ChangeLog
===================================================================
--- ChangeLog	2014-07-04 12:15:46 UTC (rev 547)
+++ ChangeLog	2014-07-04 13:18:45 UTC (rev 548)
@@ -1,3 +1,62 @@
+2014-07-04 Antu Sanadi <santu at secpod.com>
+
+	* scripts/2014/gb_CESA-2014_0788_mod_wsgi_centos6.nasl,
+	scripts/2014/gb_CESA-2014_0790_dovecot_centos6.nasl,
+	scripts/2014/gb_fedora_2014_7274_tor_fc19.nasl,
+	scripts/2014/gb_fedora_2014_7296_tor_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7359_wireshark_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7408_xen_fc19.nasl,
+	scripts/2014/gb_fedora_2014_7413_rb_libtorrent_fc19.nasl,
+	scripts/2014/gb_fedora_2014_7423_xen_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7446_openstack-neutron_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7479_sos_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7490_sos_fc19.nasl,
+	scripts/2014/gb_fedora_2014_7579_kdelibs_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7594_zabbix_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7603_zabbix_fc19.nasl,
+	scripts/2014/gb_fedora_2014_7672_samba_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7676_gnupg_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7715_python-simplejson_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7765_php_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7796_gnupg2_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7797_gnupg2_fc19.nasl,
+	scripts/2014/gb_fedora_2014_7800_python_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7863_kernel_fc20.nasl,
+	scripts/2014/gb_RHSA-2014_0675-01_java-1.7.0-openjdk.nasl,
+	scripts/2014/gb_RHSA-2014_0678-02_kernel.nasl,
+	scripts/2014/gb_RHSA-2014_0679-01_openssl.nasl,
+	scripts/2014/gb_RHSA-2014_0680-01_openssl098e.nasl,
+	scripts/2014/gb_RHSA-2014_0684-01_gnutls.nasl,
+	scripts/2014/gb_RHSA-2014_0685-01_java-1.6.0-openjdk.nasl,
+	scripts/2014/gb_RHSA-2014_0686-01_tomcat.nasl,
+	scripts/2014/gb_RHSA-2014_0687-01_libtasn1.nasl,
+	scripts/2014/gb_RHSA-2014_0702-01_mariadb.nasl,
+	scripts/2014/gb_RHSA-2014_0703-01_json-c.nasl,
+	scripts/2014/gb_RHSA-2014_0704-01_qemu-kvm.nasl,
+	scripts/2014/gb_RHSA-2014_0786-01_kernel.nasl,
+	scripts/2014/gb_RHSA-2014_0788-01_mod_wsgi.nasl,
+	scripts/2014/gb_RHSA-2014_0790-01_dovecot.nasl,
+	scripts/2014/gb_suse_2014_0840_1.nasl,
+	scripts/2014/gb_suse_2014_0856_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2232_3.nasl,
+	scripts/2014/gb_ubuntu_USN_2253_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2254_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2254_2.nasl,
+	scripts/2014/gb_ubuntu_USN_2255_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2256_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2257_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2258_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2259_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2260_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2261_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2262_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2263_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2264_1.nasl:
+	Added new auto generated plugins.
+
+	* scripts/gather-package-list.nasl:
+	Added RedHat7 Support.
+
 2014-07-04 Jan-Oliver Wagner <jan-oliver.wagner at greenbone.net>
 
 	* scripts/ftpserver_detect_type_nd_version.nasl: Nicer formatting,

Added: scripts/2014/gb_CESA-2014_0788_mod_wsgi_centos6.nasl
===================================================================
--- scripts/2014/gb_CESA-2014_0788_mod_wsgi_centos6.nasl	                        (rev 0)
+++ scripts/2014/gb_CESA-2014_0788_mod_wsgi_centos6.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,122 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for mod_wsgi CESA-2014:0788 centos6 
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.881956");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 19:50:47 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0240", "CVE-2014-0242");
+  script_tag(name:"cvss_base", value:"6.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("CentOS Update for mod_wsgi CESA-2014:0788 centos6 ");
+
+  tag_insight = "The mod_wsgi adapter is an Apache module that provides a
+WSGI-compliant interface for hosting Python-based web applications within
+Apache.
+
+It was found that mod_wsgi did not properly drop privileges if the call to
+setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
+WSGI applications, a local user able to run a WSGI application could
+possibly use this flaw to escalate their privileges on the system.
+(CVE-2014-0240)
+
+Note: mod_wsgi is not intended to provide privilege separation for WSGI
+applications. Systems relying on mod_wsgi to limit or sandbox the
+privileges of mod_wsgi applications should migrate to a different solution
+with proper privilege separation.
+
+It was discovered that mod_wsgi could leak memory of a hosted web
+application via the 'Content-Type' header. A remote attacker could possibly
+use this flaw to disclose limited portions of the web application's memory.
+(CVE-2014-0242)
+
+Red Hat would like to thank Graham Dumpleton for reporting these issues.
+Upstream acknowledges Robert Kisteleki as the original reporter of
+CVE-2014-0240, and Buck Golemon as the original reporter of CVE-2014-0242.
+
+All mod_wsgi users are advised to upgrade to this updated package, which
+contains backported patches to correct these issues.
+";
+
+  tag_affected = "mod_wsgi on CentOS 6";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "CESA", value: "2014:0788");
+  script_xref(name: "URL" , value: "http://lists.centos.org/pipermail/centos-announce/2014-June/020389.html");
+  script_summary("Check for the Version of mod_wsgi");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:centos:centos", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS6")
+{
+
+  if ((res = isrpmvuln(pkg:"mod_wsgi", rpm:"mod_wsgi~3.2~6.el6_5", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_CESA-2014_0788_mod_wsgi_centos6.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_CESA-2014_0790_dovecot_centos6.nasl
===================================================================
--- scripts/2014/gb_CESA-2014_0790_dovecot_centos6.nasl	                        (rev 0)
+++ scripts/2014/gb_CESA-2014_0790_dovecot_centos6.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,134 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for dovecot CESA-2014:0790 centos6 
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.881957");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 19:55:11 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3430");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("CentOS Update for dovecot CESA-2014:0790 centos6 ");
+
+  tag_insight = "Dovecot is an IMAP server, written with security primarily in
+mind, for Linux and other UNIX-like systems. It also contains a small POP3
+server. It supports mail in both the maildir or mbox format. The SQL drivers
+and authentication plug-ins are provided as subpackages.
+
+It was discovered that Dovecot did not properly discard connections trapped
+in the SSL/TLS handshake phase. A remote attacker could use this flaw to
+cause a denial of service on an IMAP/POP3 server by exhausting the pool of
+available connections and preventing further, legitimate connections to the
+IMAP/POP3 server to be made. (CVE-2014-3430)
+
+All dovecot users are advised to upgrade to these updated packages, which
+contain a backported patch to correct this issue. After installing the
+updated packages, the dovecot service will be restarted automatically.
+";
+
+  tag_affected = "dovecot on CentOS 6";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "CESA", value: "2014:0790");
+  script_xref(name: "URL" , value: "http://lists.centos.org/pipermail/centos-announce/2014-June/020388.html");
+  script_summary("Check for the Version of dovecot");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:centos:centos", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS6")
+{
+
+  if ((res = isrpmvuln(pkg:"dovecot", rpm:"dovecot~2.0.9~7.el6_5.1", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-devel", rpm:"dovecot-devel~2.0.9~7.el6_5.1", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-mysql", rpm:"dovecot-mysql~2.0.9~7.el6_5.1", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-pgsql", rpm:"dovecot-pgsql~2.0.9~7.el6_5.1", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-pigeonhole", rpm:"dovecot-pigeonhole~2.0.9~7.el6_5.1", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_CESA-2014_0790_dovecot_centos6.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0675-01_java-1.7.0-openjdk.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0675-01_java-1.7.0-openjdk.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0675-01_java-1.7.0-openjdk.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,170 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for java-1.7.0-openjdk RHSA-2014:0675-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871187");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:43 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-0429", "CVE-2014-0446", "CVE-2014-0451", "CVE-2014-0452",
+                "CVE-2014-0453", "CVE-2014-0454", "CVE-2014-0455", "CVE-2014-0456",
+                "CVE-2014-0457", "CVE-2014-0458", "CVE-2014-0459", "CVE-2014-0460",
+                "CVE-2014-0461", "CVE-2014-1876", "CVE-2014-2397", "CVE-2014-2398",
+                "CVE-2014-2402", "CVE-2014-2403", "CVE-2014-2412", "CVE-2014-2413",
+                "CVE-2014-2414", "CVE-2014-2421", "CVE-2014-2423", "CVE-2014-2427",
+                "CVE-2013-5797");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("RedHat Update for java-1.7.0-openjdk RHSA-2014:0675-01");
+
+  tag_insight = "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
+Environment and the OpenJDK 7 Java Software Development Kit.
+
+An input validation flaw was discovered in the medialib library in the 2D
+component. A specially crafted image could trigger Java Virtual Machine
+memory corruption when processed. A remote attacker, or an untrusted Java
+application or applet, could possibly use this flaw to execute arbitrary
+code with the privileges of the user running the Java Virtual Machine.
+(CVE-2014-0429)
+
+Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK.
+An untrusted Java application or applet could use these flaws to trigger
+Java Virtual Machine memory corruption and possibly bypass Java sandbox
+restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421)
+
+Multiple improper permission check issues were discovered in the Libraries
+component in OpenJDK. An untrusted Java application or applet could use
+these flaws to bypass Java sandbox restrictions. (CVE-2014-0457,
+CVE-2014-0455, CVE-2014-0461)
+
+Multiple improper permission check issues were discovered in the AWT,
+JAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK.
+An untrusted Java application or applet could use these flaws to bypass
+certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451,
+CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402,
+CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459)
+
+Multiple flaws were identified in the Java Naming and Directory Interface
+(JNDI) DNS client. These flaws could make it easier for a remote attacker
+to perform DNS spoofing attacks. (CVE-2014-0460)
+
+It was discovered that the JAXP component did not properly prevent access
+to arbitrary files when a SecurityManager was present. This flaw could
+cause a Java application using JAXP to leak sensitive information, or
+affect application availability. (CVE-2014-2403)
+
+It was discovered that the Security component in OpenJDK could leak some
+timing information when performing PKCS#1 unpadding. This could possibly
+lead to the disclosure of some information that was meant to be protected
+by encryption. (CVE-2014-0453)
+
+It was discovered that the fix for CVE-2013-5797 did not properly resolve
+input sanitization flaws in javadoc. When javadoc documentation was
+generated from an untrusted Java source code and hosted on a domain not
+controlled by the code author, these issues could make it easier to perform
+cross-site scripting (XSS) attacks. (CVE-2014-2398)
+
+An insecure temporary file use flaw was found in the way the unpack200
+utility ... 
+
+  Description truncated, for more information please check the Reference URL";
+
+  tag_affected = "java-1.7.0-openjdk on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0675-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00018.html");
+  script_summary("Check for the Version of java-1.7.0-openjdk");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.55~2.4.7.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-debuginfo", rpm:"java-1.7.0-openjdk-debuginfo~1.7.0.55~2.4.7.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-devel", rpm:"java-1.7.0-openjdk-devel~1.7.0.55~2.4.7.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-headless", rpm:"java-1.7.0-openjdk-headless~1.7.0.55~2.4.7.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0675-01_java-1.7.0-openjdk.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0678-02_kernel.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0678-02_kernel.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0678-02_kernel.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,194 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for kernel RHSA-2014:0678-02
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871184");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:52 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-0196");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for kernel RHSA-2014:0678-02");
+
+  tag_insight = "The kernel packages contain the Linux kernel, the core of any Linux
+operating system.
+
+* A race condition flaw, leading to heap-based buffer overflows, was found
+in the way the Linux kernel's N_TTY line discipline (LDISC) implementation
+handled concurrent processing of echo output and TTY write operations
+originating from user space when the underlying TTY driver was PTY.
+An unprivileged, local user could use this flaw to crash the system or,
+potentially, escalate their privileges on the system. (CVE-2014-0196,
+Important)
+
+All kernel users are advised to upgrade to these updated packages, which
+contain a backported patch to correct this issue. The system must be
+rebooted for this update to take effect.
+";
+
+  tag_affected = "kernel on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0678-02");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00019.html");
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"kernel-abi-whitelists", rpm:"kernel-abi-whitelists~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debuginfo-common-x86_64", rpm:"kernel-debuginfo-common-x86_64~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-tools", rpm:"kernel-tools~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-tools-debuginfo", rpm:"kernel-tools-debuginfo~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-tools-libs", rpm:"kernel-tools-libs~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"perf", rpm:"perf~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"perf-debuginfo", rpm:"perf-debuginfo~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"python-perf-debuginfo", rpm:"python-perf-debuginfo~3.10.0~123.1.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_RHSA-2014_0678-02_kernel.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0679-01_openssl.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0679-01_openssl.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0679-01_openssl.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,164 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for openssl RHSA-2014:0679-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871183");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:53 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2010-5298", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for openssl RHSA-2014:0679-01");
+
+  tag_insight = "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
+and Transport Layer Security (TLS v1) protocols, as well as a
+full-strength, general purpose cryptography library.
+
+It was found that OpenSSL clients and servers could be forced, via a
+specially crafted handshake packet, to use weak keying material for
+communication. A man-in-the-middle attacker could use this flaw to decrypt
+and modify traffic between a client and a server. (CVE-2014-0224)
+
+Note: In order to exploit this flaw, both the server and the client must be
+using a vulnerable version of OpenSSL  the server must be using OpenSSL
+version 1.0.1 and above, and the client must be using any version of
+OpenSSL. For more information about this flaw, refer to:
+https://access.redhat.com/site/articles/904433
+
+A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS
+packet fragments. A remote attacker could possibly use this flaw to execute
+arbitrary code on a DTLS client or server. (CVE-2014-0195)
+
+Multiple flaws were found in the way OpenSSL handled read and write buffers
+when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or
+server using OpenSSL could crash or unexpectedly drop connections when
+processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
+
+A denial of service flaw was found in the way OpenSSL handled certain DTLS
+ServerHello requests. A specially crafted DTLS handshake packet could cause
+a DTLS client using OpenSSL to crash. (CVE-2014-0221)
+
+A NULL pointer dereference flaw was found in the way OpenSSL performed
+anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially
+crafted handshake packet could cause a TLS/SSL client that has the
+anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
+
+Red Hat would like to thank the OpenSSL project for reporting these issues.
+Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter
+of CVE-2014-0224, Jri Aedla as the original reporter of CVE-2014-0195,
+Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix
+Grbert and Ivan Fratri of Google as the original reporters of
+CVE-2014-3470.
+
+All OpenSSL users are advised to upgrade to these updated packages, which
+contain backported patches to correct these issues. For the update to take
+effect, all services linked to the OpenSSL library (such as httpd and other
+SSL-enabled services) must be restarted or the system rebooted.
+
+4. Solution:
+
+Before applying this update, make sure all previously released errata
+relevant to your s ... 
+
+  Description truncated, for more information please check the Reference URL";
+
+  tag_affected = "openssl on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0679-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00020.html");
+  script_summary("Check for the Version of openssl");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"openssl", rpm:"openssl~1.0.1e~34.el7_0.3", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"openssl-debuginfo", rpm:"openssl-debuginfo~1.0.1e~34.el7_0.3", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"openssl-devel", rpm:"openssl-devel~1.0.1e~34.el7_0.3", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"openssl-libs", rpm:"openssl-libs~1.0.1e~34.el7_0.3", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0679-01_openssl.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0680-01_openssl098e.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0680-01_openssl098e.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0680-01_openssl098e.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,172 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for openssl098e RHSA-2014:0680-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871188");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:46 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-0224");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for openssl098e RHSA-2014:0680-01");
+
+  tag_insight = "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
+and Transport Layer Security (TLS v1) protocols, as well as a
+full-strength, general purpose cryptography library.
+
+It was found that OpenSSL clients and servers could be forced, via a
+specially crafted handshake packet, to use weak keying material for
+communication. A man-in-the-middle attacker could use this flaw to decrypt
+and modify traffic between a client and a server. (CVE-2014-0224)
+
+Note: In order to exploit this flaw, both the server and the client must be
+using a vulnerable version of OpenSSL  the server must be using OpenSSL
+version 1.0.1 and above, and the client must be using any version of
+OpenSSL. For more information about this flaw, refer to:
+https://access.redhat.com/site/articles/904433
+
+Red Hat would like to thank the OpenSSL project for reporting this issue.
+Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter
+of this issue.
+
+All OpenSSL users are advised to upgrade to these updated packages, which
+contain a backported patch to correct this issue. For the update to take
+effect, all services linked to the OpenSSL library (such as httpd and other
+SSL-enabled services) must be restarted or the system rebooted.
+
+4. Solution:
+
+Before applying this update, make sure all previously released errata
+relevant to your system have been applied.
+
+This update is available via the Red Hat Network. Details on how to
+use the Red Hat Network to apply this update are available at
+https://access.redhat.com/site/articles/11258
+
+5. Bugs fixed (https://bugzilla.redhat.com):
+
+1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability
+
+6. Package List:
+
+Red Hat Enterprise Linux Client (v. 7):
+
+Source:
+openssl098e-0.9.8e-29.el7_0.2.src.rpm
+
+x86_64:
+openssl098e-0.9.8e-29.el7_0.2.i686.rpm
+openssl098e-0.9.8e-29.el7_0.2.x86_64.rpm
+openssl098e-debuginfo-0.9.8e-29.el7_0.2.i686.rpm
+openssl098e-debuginfo-0.9.8e-29.el7_0.2.x86_64.rpm
+
+Red Hat Enterprise Linux ComputeNode (v. 7):
+
+Source:
+openssl098e-0.9.8e-29.el7_0.2.src.rpm
+
+x86_64:
+openssl098e-0.9.8e-29.el7_0.2.i686.rpm
+openssl098e-0.9.8e-29.el7_0.2.x86_64.rpm
+openssl098e-debuginfo-0.9.8e-29.el7_0.2.i686.rpm
+openssl098e-debuginfo-0.9.8e-29.el7_0.2.x86_64.rpm
+
+Red Hat Enterprise Linux Server (v. 7):
+
+Source:
+openssl098e-0.9.8e-29.el7_0.2.src.rpm
+
+ppc64:
+openssl098e-0.9.8e-29.el7_0.2.ppc.rpm
+openssl098e-0.9.8e-29.el7_0.2.p ... 
+
+  Description truncated, for more information please check the Reference URL";
+
+  tag_affected = "openssl098e on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0680-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00021.html");
+  script_summary("Check for the Version of openssl098e");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"openssl098e", rpm:"openssl098e~0.9.8e~29.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"openssl098e-debuginfo", rpm:"openssl098e-debuginfo~0.9.8e~29.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0680-01_openssl098e.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0684-01_gnutls.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0684-01_gnutls.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0684-01_gnutls.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,147 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for gnutls RHSA-2014:0684-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871186");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:45 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-3465", "CVE-2014-3466");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for gnutls RHSA-2014:0684-01");
+
+  tag_insight = "The GnuTLS library provides support for cryptographic algorithms and for
+protocols such as Transport Layer Security (TLS).
+
+A flaw was found in the way GnuTLS parsed session IDs from ServerHello
+messages of the TLS/SSL handshake. A malicious server could use this flaw
+to send an excessively long session ID value, which would trigger a buffer
+overflow in a connecting TLS/SSL client application using GnuTLS, causing
+the client application to crash or, possibly, execute arbitrary code.
+(CVE-2014-3466)
+
+A NULL pointer dereference flaw was found in the way GnuTLS parsed X.509
+certificates. A specially crafted certificate could cause a server or
+client application using GnuTLS to crash. (CVE-2014-3465)
+
+Red Hat would like to thank GnuTLS upstream for reporting these issues.
+Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original
+reporter of CVE-2014-3466.
+
+Users of GnuTLS are advised to upgrade to these updated packages, which
+correct these issues. For the update to take effect, all applications
+linked to the GnuTLS library must be restarted.
+";
+
+  tag_affected = "gnutls on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0684-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00022.html");
+  script_summary("Check for the Version of gnutls");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"gnutls", rpm:"gnutls~3.1.18~9.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"gnutls-c++", rpm:"gnutls-c++~3.1.18~9.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"gnutls-dane", rpm:"gnutls-dane~3.1.18~9.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"gnutls-debuginfo", rpm:"gnutls-debuginfo~3.1.18~9.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"gnutls-devel", rpm:"gnutls-devel~3.1.18~9.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"gnutls-utils", rpm:"gnutls-utils~3.1.18~9.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0684-01_gnutls.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0685-01_java-1.6.0-openjdk.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0685-01_java-1.6.0-openjdk.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0685-01_java-1.6.0-openjdk.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,162 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for java-1.6.0-openjdk RHSA-2014:0685-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871191");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:51 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-0429", "CVE-2014-0446", "CVE-2014-0451", "CVE-2014-0452",
+                "CVE-2014-0453", "CVE-2014-0456", "CVE-2014-0457", "CVE-2014-0458",
+                "CVE-2014-0460", "CVE-2014-0461", "CVE-2014-1876", "CVE-2014-2397",
+                "CVE-2014-2398", "CVE-2014-2403", "CVE-2014-2412", "CVE-2014-2414",
+                "CVE-2014-2421", "CVE-2014-2423", "CVE-2014-2427", "CVE-2013-5797");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("RedHat Update for java-1.6.0-openjdk RHSA-2014:0685-01");
+
+  tag_insight = "The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime
+Environment and the OpenJDK 6 Java Software Development Kit.
+
+An input validation flaw was discovered in the medialib library in the 2D
+component. A specially crafted image could trigger Java Virtual Machine
+memory corruption when processed. A remote attacker, or an untrusted Java
+application or applet, could possibly use this flaw to execute arbitrary
+code with the privileges of the user running the Java Virtual Machine.
+(CVE-2014-0429)
+
+Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK.
+An untrusted Java application or applet could use these flaws to trigger
+Java Virtual Machine memory corruption and possibly bypass Java sandbox
+restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421)
+
+Multiple improper permission check issues were discovered in the Libraries
+component in OpenJDK. An untrusted Java application or applet could use
+these flaws to bypass Java sandbox restrictions. (CVE-2014-0457,
+CVE-2014-0461)
+
+Multiple improper permission check issues were discovered in the AWT,
+JAX-WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java
+application or applet could use these flaws to bypass certain Java sandbox
+restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423,
+CVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427)
+
+Multiple flaws were identified in the Java Naming and Directory Interface
+(JNDI) DNS client. These flaws could make it easier for a remote attacker
+to perform DNS spoofing attacks. (CVE-2014-0460)
+
+It was discovered that the JAXP component did not properly prevent access
+to arbitrary files when a SecurityManager was present. This flaw could
+cause a Java application using JAXP to leak sensitive information, or
+affect application availability. (CVE-2014-2403)
+
+It was discovered that the Security component in OpenJDK could leak some
+timing information when performing PKCS#1 unpadding. This could possibly
+lead to the disclosure of some information that was meant to be protected
+by encryption. (CVE-2014-0453)
+
+It was discovered that the fix for CVE-2013-5797 did not properly resolve
+input sanitization flaws in javadoc. When javadoc documentation was
+generated from an untrusted Java source code and hosted on a domain not
+controlled by the code author, these issues could make it easier to perform
+cross-site scripting (XSS) attacks. (CVE-2014-2398)
+
+An insecure temporary file use flaw was found in the way the unpack200
+utility created log files. A local attacker could possibly use this flaw to
+perform a symbolic l ... 
+
+  Description truncated, for more information please check the Reference URL";
+
+  tag_affected = "java-1.6.0-openjdk on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0685-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00023.html");
+  script_summary("Check for the Version of java-1.6.0-openjdk");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk", rpm:"java-1.6.0-openjdk~1.6.0.0~6.1.13.3.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-debuginfo", rpm:"java-1.6.0-openjdk-debuginfo~1.6.0.0~6.1.13.3.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-devel", rpm:"java-1.6.0-openjdk-devel~1.6.0.0~6.1.13.3.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0685-01_java-1.6.0-openjdk.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0686-01_tomcat.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0686-01_tomcat.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0686-01_tomcat.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,159 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for tomcat RHSA-2014:0686-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871181");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:44 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2013-4286", "CVE-2013-4322", "CVE-2014-0186", "CVE-2012-3544");
+  script_tag(name:"cvss_base", value:"5.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:N");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for tomcat RHSA-2014:0686-01");
+
+  tag_insight = "Apache Tomcat is a servlet container for the Java Servlet and JavaServer
+Pages (JSP) technologies.
+
+It was found that a fix for a previous security flaw introduced a
+regression that could cause a denial of service in Tomcat 7. A remote
+attacker could use this flaw to consume an excessive amount of CPU on the
+Tomcat server by sending a specially crafted request to that server.
+(CVE-2014-0186)
+
+It was found that when Tomcat 7 processed a series of HTTP requests in
+which at least one request contained either multiple content-length
+headers, or one content-length header with a chunked transfer-encoding
+header, Tomcat would incorrectly handle the request. A remote attacker
+could use this flaw to poison a web cache, perform cross-site scripting
+(XSS) attacks, or obtain sensitive information from other requests.
+(CVE-2013-4286)
+
+It was discovered that the fix for CVE-2012-3544 did not properly resolve a
+denial of service flaw in the way Tomcat 7 processed chunk extensions and
+trailing headers in chunked requests. A remote attacker could use this flaw
+to send an excessively long request that, when processed by Tomcat, could
+consume network bandwidth, CPU, and memory on the Tomcat server. Note that
+chunked transfer encoding is enabled by default. (CVE-2013-4322)
+
+All Tomcat 7 users are advised to upgrade to these updated packages, which
+contain backported patches to correct these issues. Tomcat must be
+restarted for this update to take effect.
+";
+
+  tag_affected = "tomcat on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0686-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00024.html");
+  script_summary("Check for the Version of tomcat");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"tomcat", rpm:"tomcat~7.0.42~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"tomcat-admin-webapps", rpm:"tomcat-admin-webapps~7.0.42~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"tomcat-el", rpm:"tomcat-el~2.2~api~7.0.42~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"tomcat-jsp", rpm:"tomcat-jsp~2.2~api~7.0.42~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"tomcat-lib", rpm:"tomcat-lib~7.0.42~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"tomcat-servlet", rpm:"tomcat-servlet~3.0~api~7.0.42~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"tomcat-webapps", rpm:"tomcat-webapps~7.0.42~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0686-01_tomcat.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0687-01_libtasn1.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0687-01_libtasn1.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0687-01_libtasn1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,132 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for libtasn1 RHSA-2014:0687-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871190");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:47 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-3467", "CVE-2014-3468", "CVE-2014-3469");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for libtasn1 RHSA-2014:0687-01");
+
+  tag_insight = "The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing
+and structures management, and Distinguished Encoding Rules (DER) encoding
+and decoding functions.
+
+It was discovered that the asn1_get_bit_der() function of the libtasn1
+library incorrectly reported the length of ASN.1-encoded data. Specially
+crafted ASN.1 input could cause an application using libtasn1 to perform
+an out-of-bounds access operation, causing the application to crash or,
+possibly, execute arbitrary code. (CVE-2014-3468)
+
+Multiple incorrect buffer boundary check issues were discovered in
+libtasn1. Specially crafted ASN.1 input could cause an application using
+libtasn1 to crash. (CVE-2014-3467)
+
+Multiple NULL pointer dereference flaws were found in libtasn1's
+asn1_read_value() function. Specially crafted ASN.1 input could cause an
+application using libtasn1 to crash, if the application used the
+aforementioned function in a certain way. (CVE-2014-3469)
+
+Red Hat would like to thank GnuTLS upstream for reporting these issues.
+
+All libtasn1 users are advised to upgrade to these updated packages, which
+correct these issues. For the update to take effect, all applications
+linked to the libtasn1 library must be restarted.
+";
+
+  tag_affected = "libtasn1 on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0687-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00025.html");
+  script_summary("Check for the Version of libtasn1");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"libtasn1", rpm:"libtasn1~3.3~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"libtasn1-debuginfo", rpm:"libtasn1-debuginfo~3.3~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"libtasn1-devel", rpm:"libtasn1-devel~3.3~5.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0687-01_libtasn1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0702-01_mariadb.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0702-01_mariadb.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0702-01_mariadb.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,149 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for mariadb RHSA-2014:0702-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871182");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:49 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-0384", "CVE-2014-2419", "CVE-2014-2430", "CVE-2014-2431",
+                "CVE-2014-2432", "CVE-2014-2436", "CVE-2014-2438", "CVE-2014-2440");
+  script_tag(name:"cvss_base", value:"6.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for mariadb RHSA-2014:0702-01");
+
+  tag_insight = "MariaDB is a multi-user, multi-threaded SQL database server that is binary
+compatible with MySQL.
+
+This update fixes several vulnerabilities in the MariaDB database server.
+Information about these flaws can be found on the Oracle Critical Patch
+Update Advisory page, listed in the References section. (CVE-2014-2436,
+CVE-2014-2440, CVE-2014-0384, CVE-2014-2419, CVE-2014-2430, CVE-2014-2431,
+CVE-2014-2432, CVE-2014-2438)
+
+These updated packages upgrade MariaDB to version 5.5.37. Refer to the
+MariaDB Release Notes listed in the References section for a complete list
+of changes.
+
+All MariaDB users should upgrade to these updated packages, which correct
+these issues. After installing this update, the MariaDB server daemon
+(mysqld) will be restarted automatically.
+";
+
+  tag_affected = "mariadb on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0702-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00026.html");
+  script_summary("Check for the Version of mariadb");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"mariadb", rpm:"mariadb~5.5.37~1.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"mariadb-bench", rpm:"mariadb-bench~5.5.37~1.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"mariadb-debuginfo", rpm:"mariadb-debuginfo~5.5.37~1.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"mariadb-devel", rpm:"mariadb-devel~5.5.37~1.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"mariadb-libs", rpm:"mariadb-libs~5.5.37~1.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"mariadb-server", rpm:"mariadb-server~5.5.37~1.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"mariadb-test", rpm:"mariadb-test~5.5.37~1.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0702-01_mariadb.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0703-01_json-c.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0703-01_json-c.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0703-01_json-c.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,125 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for json-c RHSA-2014:0703-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871185");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:50 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2013-6370", "CVE-2013-6371");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("RedHat Update for json-c RHSA-2014:0703-01");
+
+  tag_insight = "JSON-C implements a reference counting object model that allows you to
+easily construct JSON objects in C, output them as JSON-formatted strings,
+and parse JSON-formatted strings back into the C representation of
+JSON objects.
+
+Multiple buffer overflow flaws were found in the way the json-c library
+handled long strings in JSON documents. An attacker able to make an
+application using json-c parse excessively large JSON input could cause the
+application to crash. (CVE-2013-6370)
+
+A denial of service flaw was found in the implementation of hash arrays in
+json-c. An attacker could use this flaw to make an application using json-c
+consume an excessive amount of CPU time by providing a specially crafted
+JSON document that triggers multiple hash function collisions. To mitigate
+this issue, json-c now uses a different hash function and randomization to
+reduce the chance of an attacker successfully causing intentional
+collisions. (CVE-2013-6371)
+
+These issues were discovered by Florian Weimer of the Red Hat Product
+Security Team.
+
+All json-c users are advised to upgrade to these updated packages, which
+contain backported patches to correct these issues.
+";
+
+  tag_affected = "json-c on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0703-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00027.html");
+  script_summary("Check for the Version of json-c");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"json-c", rpm:"json-c~0.11~4.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"json-c-debuginfo", rpm:"json-c-debuginfo~0.11~4.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_RHSA-2014_0703-01_json-c.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0704-01_qemu-kvm.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0704-01_qemu-kvm.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0704-01_qemu-kvm.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,176 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for qemu-kvm RHSA-2014:0704-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871189");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-04 16:48:48 +0530 (Fri, 04 Jul 2014)");
+  script_cve_id("CVE-2014-2894");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for qemu-kvm RHSA-2014:0704-01");
+
+  tag_insight = "KVM (Kernel-based Virtual Machine) is a full virtualization solution for
+Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide a
+user-space component to run virtual machines using KVM.
+
+An out-of-bounds memory access flaw was found in the way QEMU's IDE device
+driver handled the execution of SMART EXECUTE OFFLINE commands.
+A privileged guest user could use this flaw to corrupt QEMU process memory
+on the host, which could potentially result in arbitrary code execution on
+the host with the privileges of the QEMU process. (CVE-2014-2894)
+
+This update also fixes the following bugs:
+
+* Prior to this update, a bug in the migration code caused the following
+error on specific machine types: after a Red Hat Enterprise Linux 6.5 guest
+was migrated from a Red Hat Enterprise Linux 6.5 host to a Red Hat
+Enterprise Linux 7.0 host and then restarted, the boot failed and the guest
+automatically restarted. Thus, the guest entered an endless loop. With this
+update, the migration code has been fixed and the Red Hat Enterprise Linux
+6.5 guests migrated in the aforementioned scenario now boot properly.
+(BZ#1091322)
+
+* Due to a regression bug in the iSCSI driver, the qemu-kvm process
+terminated unexpectedly with a segmentation fault when the 'write same'
+command was executed in guest mode under the iSCSI protocol. This update
+fixes the regression and the 'write same' command now functions in guest
+mode under iSCSI as intended. (BZ#1090978)
+
+* Due to a mismatch in interrupt request (IRQ) routing, migration of a Red
+Hat Enterprise Linux 6.5 guest from a Red Hat Enterprise Linux 6.5 host to
+a Red Hat Enterprise Linux 7.0 host could produce a call trace.
+This happened if memory ballooning and a Universal Host Control Interface
+(UHCI) device were used at the same time on certain machine types.
+With this patch, the IRQ routing mismatch has been amended and the
+described migration now proceeds as expected. (BZ#1090981)
+
+* Previously, an internal error prevented KVM from executing a CPU hot plug
+on a Red Hat Enterprise Linux 7 guest running on a Red Hat Enterprise Linux
+7 host. This update addresses the internal error and CPU hot plugging in
+the described scenario now functions correctly. (BZ#1094820)
+
+All qemu-kvm users are advised to upgrade to these updated packages, which
+contain backported patches to correct these issues. After installing this
+update, shut down all running virtual machines. Once all virtual machines
+have shut down, start them again for this update to take effect.
+";
+
+  tag_affected = "qemu-kvm on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0704-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00028.html");
+  script_summary("Check for the Version of qemu-kvm");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"libcacard", rpm:"libcacard~1.5.3~60.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"qemu-guest-agent", rpm:"qemu-guest-agent~1.5.3~60.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"qemu-img", rpm:"qemu-img~1.5.3~60.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"qemu-kvm", rpm:"qemu-kvm~1.5.3~60.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"qemu-kvm-common", rpm:"qemu-kvm-common~1.5.3~60.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"qemu-kvm-debuginfo", rpm:"qemu-kvm-debuginfo~1.5.3~60.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"qemu-kvm-tools", rpm:"qemu-kvm-tools~1.5.3~60.el7_0.2", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_RHSA-2014_0704-01_qemu-kvm.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0786-01_kernel.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0786-01_kernel.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0786-01_kernel.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,233 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for kernel RHSA-2014:0786-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871193");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 23:01:59 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0206", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2568",
+                "CVE-2014-2851", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for kernel RHSA-2014:0786-01");
+
+  tag_insight = "The kernel packages contain the Linux kernel, the core of any Linux
+operating system.
+
+* A flaw was found in the way the Linux kernel's futex subsystem handled
+the requeuing of certain Priority Inheritance (PI) futexes. A local,
+unprivileged user could use this flaw to escalate their privileges on the
+system. (CVE-2014-3153, Important)
+
+* A use-after-free flaw was found in the way the ping_init_sock() function
+of the Linux kernel handled the group_info reference counter. A local,
+unprivileged user could use this flaw to crash the system or, potentially,
+escalate their privileges on the system. (CVE-2014-2851, Important)
+
+* Use-after-free and information leak flaws were found in the way the
+Linux kernel's floppy driver processed the FDRAWCMD IOCTL command. A local
+user with write access to /dev/fdX could use these flaws to escalate their
+privileges on the system. (CVE-2014-1737, CVE-2014-1738, Important)
+
+* It was found that the aio_read_events_ring() function of the Linux
+kernel's Asynchronous I/O (AIO) subsystem did not properly sanitize the AIO
+ring head received from user space. A local, unprivileged user could use
+this flaw to disclose random parts of the (physical) memory belonging to
+the kernel and/or other processes. (CVE-2014-0206, Moderate)
+
+* An out-of-bounds memory access flaw was found in the Netlink Attribute
+extension of the Berkeley Packet Filter (BPF) interpreter functionality in
+the Linux kernel's networking implementation. A local, unprivileged user
+could use this flaw to crash the system or leak kernel memory to user space
+via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145,
+Moderate)
+
+* An information leak flaw was found in the way the skb_zerocopy() function
+copied socket buffers (skb) that are backed by user-space buffers (for
+example vhost-net and Xen netback), potentially allowing an attacker to
+read data from those buffers. (CVE-2014-2568, Low)
+
+Red Hat would like to thank Kees Cook of Google for reporting
+CVE-2014-3153 and Matthew Daley for reporting CVE-2014-1737 and
+CVE-2014-1738. Google acknowledges Pinkie Pie as the original reporter of
+CVE-2014-3153. The CVE-2014-0206 issue was discovered by Mateusz Guzik of
+Red Hat.
+
+This update also fixes the following bugs:
+
+* Due to incorrect calculation of Tx statistics in the qlcninc driver,
+running the 'ethtool -S ethX' command could trigger memory corruption.
+As a consequence, running the sosreport tool, that uses this command,
+resulted in a kernel panic. The problem has been fixed by correcting the
+said statistics calculation. (BZ#1104972)
+
+* When an attempt to create a file on  ...
+
+  Description truncated, for more information please check the Reference URL";
+
+  tag_affected = "kernel on Red Hat Enterprise Linux Server (v. 7)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0786-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00046.html");
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"kernel-abi-whitelists", rpm:"kernel-abi-whitelists~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debuginfo-common-x86_64", rpm:"kernel-debuginfo-common-x86_64~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-tools", rpm:"kernel-tools~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-tools-debuginfo", rpm:"kernel-tools-debuginfo~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-tools-libs", rpm:"kernel-tools-libs~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"perf", rpm:"perf~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"perf-debuginfo", rpm:"perf-debuginfo~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"python-perf-debuginfo", rpm:"python-perf-debuginfo~3.10.0~123.4.2.el7", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0786-01_kernel.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0788-01_mod_wsgi.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0788-01_mod_wsgi.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0788-01_mod_wsgi.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,128 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for mod_wsgi RHSA-2014:0788-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871194");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 23:19:30 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0240", "CVE-2014-0242");
+  script_tag(name:"cvss_base", value:"6.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("RedHat Update for mod_wsgi RHSA-2014:0788-01");
+
+  tag_insight = "The mod_wsgi adapter is an Apache module that provides a WSGI-compliant
+interface for hosting Python-based web applications within Apache.
+
+It was found that mod_wsgi did not properly drop privileges if the call to
+setuid() failed. If mod_wsgi was set up to allow unprivileged users to run
+WSGI applications, a local user able to run a WSGI application could
+possibly use this flaw to escalate their privileges on the system.
+(CVE-2014-0240)
+
+Note: mod_wsgi is not intended to provide privilege separation for WSGI
+applications. Systems relying on mod_wsgi to limit or sandbox the
+privileges of mod_wsgi applications should migrate to a different solution
+with proper privilege separation.
+
+It was discovered that mod_wsgi could leak memory of a hosted web
+application via the 'Content-Type' header. A remote attacker could possibly
+use this flaw to disclose limited portions of the web application's memory.
+(CVE-2014-0242)
+
+Red Hat would like to thank Graham Dumpleton for reporting these issues.
+Upstream acknowledges Robert Kisteleki as the original reporter of
+CVE-2014-0240, and Buck Golemon as the original reporter of CVE-2014-0242.
+
+All mod_wsgi users are advised to upgrade to this updated package, which
+contains backported patches to correct these issues.
+";
+
+  tag_affected = "mod_wsgi on Red Hat Enterprise Linux Server (v. 6),
+  Red Hat Enterprise Linux Workstation (v. 6)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0788-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00051.html");
+  script_summary("Check for the Version of mod_wsgi");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_6")
+{
+
+  if ((res = isrpmvuln(pkg:"mod_wsgi", rpm:"mod_wsgi~3.2~6.el6_5", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"mod_wsgi-debuginfo", rpm:"mod_wsgi-debuginfo~3.2~6.el6_5", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0788-01_mod_wsgi.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0790-01_dovecot.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0790-01_dovecot.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0790-01_dovecot.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,174 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for dovecot RHSA-2014:0790-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871195");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 23:23:58 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3430");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("RedHat Update for dovecot RHSA-2014:0790-01");
+
+  tag_insight = "Dovecot is an IMAP server, written with security primarily in mind, for
+Linux and other UNIX-like systems. It also contains a small POP3 server.
+It supports mail in both the maildir or mbox format. The SQL drivers and
+authentication plug-ins are provided as subpackages.
+
+It was discovered that Dovecot did not properly discard connections trapped
+in the SSL/TLS handshake phase. A remote attacker could use this flaw to
+cause a denial of service on an IMAP/POP3 server by exhausting the pool of
+available connections and preventing further, legitimate connections to the
+IMAP/POP3 server to be made. (CVE-2014-3430)
+
+All dovecot users are advised to upgrade to these updated packages, which
+contain a backported patch to correct this issue. After installing the
+updated packages, the dovecot service will be restarted automatically.
+";
+
+  tag_affected = "dovecot on Red Hat Enterprise Linux Server (v. 6),
+  Red Hat Enterprise Linux Server (v. 7),
+  Red Hat Enterprise Linux Workstation (v. 6)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0790-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-June/msg00053.html");
+  script_summary("Check for the Version of dovecot");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"dovecot", rpm:"dovecot~2.2.10~4.el7_0.1", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-debuginfo", rpm:"dovecot-debuginfo~2.2.10~4.el7_0.1", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-mysql", rpm:"dovecot-mysql~2.2.10~4.el7_0.1", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-pgsql", rpm:"dovecot-pgsql~2.2.10~4.el7_0.1", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-pigeonhole", rpm:"dovecot-pigeonhole~2.2.10~4.el7_0.1", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "RHENT_6")
+{
+
+  if ((res = isrpmvuln(pkg:"dovecot", rpm:"dovecot~2.0.9~7.el6_5.1", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-debuginfo", rpm:"dovecot-debuginfo~2.0.9~7.el6_5.1", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-mysql", rpm:"dovecot-mysql~2.0.9~7.el6_5.1", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-pgsql", rpm:"dovecot-pgsql~2.0.9~7.el6_5.1", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"dovecot-pigeonhole", rpm:"dovecot-pigeonhole~2.0.9~7.el6_5.1", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0790-01_dovecot.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7274_tor_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7274_tor_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7274_tor_fc19.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,111 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for tor FEDORA-2014-7274
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867931");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:46:19 +0530 (Tue, 01 Jul 2014)");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for tor FEDORA-2014-7274");
+
+  tag_insight = "Tor is a connection-based low-latency anonymous communication system.
+
+Applications connect to the local Tor proxy using the SOCKS protocol. The
+local proxy chooses a path through a set of relays, in which each relay
+knows its predecessor and successor, but no others. Traffic flowing down
+the circuit is unwrapped by a symmetric key at each relay, which reveals
+the downstream relay.
+
+Warnings: Tor does no protocol cleaning.  That means there is a danger
+that application protocols and associated programs can be induced to
+reveal information about the initiator. Tor depends on Privoxy and
+similar protocol cleaners to solve this problem. This is alpha code,
+and is even more likely than released code to have anonymity-spoiling
+bugs. The present network is very small -- this further reduces the
+strength of the anonymity provided. Tor is not presently suitable for
+high-stakes anonymity.
+";
+
+  tag_affected = "tor on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7274");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134806.html");
+  script_summary("Check for the Version of tor");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"tor", rpm:"tor~0.2.4.22~2.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7274_tor_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7296_tor_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7296_tor_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7296_tor_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,111 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for tor FEDORA-2014-7296
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867927");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:18:21 +0530 (Tue, 01 Jul 2014)");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for tor FEDORA-2014-7296");
+
+  tag_insight = "Tor is a connection-based low-latency anonymous communication system.
+
+Applications connect to the local Tor proxy using the SOCKS protocol. The
+local proxy chooses a path through a set of relays, in which each relay
+knows its predecessor and successor, but no others. Traffic flowing down
+the circuit is unwrapped by a symmetric key at each relay, which reveals
+the downstream relay.
+
+Warnings: Tor does no protocol cleaning.  That means there is a danger
+that application protocols and associated programs can be induced to
+reveal information about the initiator. Tor depends on Privoxy and
+similar protocol cleaners to solve this problem. This is alpha code,
+and is even more likely than released code to have anonymity-spoiling
+bugs. The present network is very small -- this further reduces the
+strength of the anonymity provided. Tor is not presently suitable for
+high-stakes anonymity.
+";
+
+  tag_affected = "tor on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7296");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134809.html");
+  script_summary("Check for the Version of tor");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"tor", rpm:"tor~0.2.4.22~2.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7296_tor_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7359_wireshark_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7359_wireshark_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7359_wireshark_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,102 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for wireshark FEDORA-2014-7359
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867933");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:54:54 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-4020");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for wireshark FEDORA-2014-7359");
+
+  tag_insight = "Wireshark is a network traffic analyzer for Unix-ish operating systems.
+
+This package lays base for libpcap, a packet capture and filtering
+library, contains command-line utilities, contains plugins and
+documentation for wireshark. A graphical user interface is packaged
+separately to GTK+ package.
+";
+
+  tag_affected = "wireshark on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7359");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134701.html");
+  script_summary("Check for the Version of wireshark");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"wireshark", rpm:"wireshark~1.10.7~3.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_fedora_2014_7359_wireshark_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7408_xen_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7408_xen_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7408_xen_fc19.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,108 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for xen FEDORA-2014-7408
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867938");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 16:20:59 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3967", "CVE-2014-3968", "CVE-2014-3124", "CVE-2014-2599",
+                "CVE-2013-6885", "CVE-2013-2212", "CVE-2014-1950", "CVE-2014-1891",
+                "CVE-2014-1892", "CVE-2014-1893", "CVE-2014-1894", "CVE-2014-1895",
+                "CVE-2014-1896", "CVE-2014-1666", "CVE-2014-1642", "CVE-2013-6400",
+                "CVE-2013-4553", "CVE-2013-4554", "CVE-2013-6375", "CVE-2013-4551",
+                "CVE-2013-4494", "CVE-2013-4416", "CVE-2013-4368", "CVE-2013-4369",
+                "CVE-2013-4370", "CVE-2013-4371", "CVE-2013-4375", "CVE-2013-4355",
+                "CVE-2013-4361", "CVE-2013-1442", "CVE-2013-4329", "CVE-2013-1918",
+                "CVE-2013-1432", "CVE-2013-2211", "CVE-2013-2194", "CVE-2013-2195",
+                "CVE-2013-2196");
+  script_tag(name:"cvss_base", value:"8.3");
+  script_tag(name:"cvss_base_vector", value:"AV:A/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Fedora Update for xen FEDORA-2014-7408");
+
+  tag_insight = "This package contains the XenD daemon and xm command line
+tools, needed to manage virtual machines running under the
+Xen hypervisor
+";
+
+  tag_affected = "xen on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7408");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134739.html");
+  script_summary("Check for the Version of xen");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"xen", rpm:"xen~4.2.4~5.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7408_xen_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7413_rb_libtorrent_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7413_rb_libtorrent_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7413_rb_libtorrent_fc19.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,101 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for rb_libtorrent FEDORA-2014-7413
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867942");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 19:50:19 +0530 (Tue, 01 Jul 2014)");
+  script_tag(name:"cvss_base", value:"5.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:N");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for rb_libtorrent FEDORA-2014-7413");
+
+  tag_insight = "rb_libtorrent is a C++ library that aims to be a good alternative to all
+the other BitTorrent implementations around. It is a library and not a full
+featured client, although it comes with a few working example clients.
+
+Its main goals are to be very efficient (in terms of CPU and memory usage) as
+well as being very easy to use both as a user and developer.
+";
+
+  tag_affected = "rb_libtorrent on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7413");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134705.html");
+  script_summary("Check for the Version of rb_libtorrent");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"rb_libtorrent", rpm:"rb_libtorrent~0.16.8~2.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7413_rb_libtorrent_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7423_xen_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7423_xen_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7423_xen_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,103 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for xen FEDORA-2014-7423
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867940");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 19:07:02 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3967", "CVE-2014-3968", "CVE-2014-3124", "CVE-2014-2599",
+                "CVE-2013-2212", "CVE-2014-1950", "CVE-2014-1891", "CVE-2014-1892",
+                "CVE-2014-1893", "CVE-2014-1894", "CVE-2014-1895", "CVE-2014-1896",
+                "CVE-2014-1666", "CVE-2014-1642", "CVE-2013-6400", "CVE-2013-6885",
+                "CVE-2013-4553", "CVE-2013-4554", "CVE-2013-6375");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:A/AC:H/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for xen FEDORA-2014-7423");
+
+  tag_insight = "This package contains the XenD daemon and xm command line
+tools, needed to manage virtual machines running under the
+Xen hypervisor
+";
+
+  tag_affected = "xen on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7423");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134710.html");
+  script_summary("Check for the Version of xen");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"xen", rpm:"xen~4.3.2~5.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7423_xen_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7446_openstack-neutron_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7446_openstack-neutron_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7446_openstack-neutron_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,103 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for openstack-neutron FEDORA-2014-7446
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867926");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:16:12 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-4167");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:P/I:P/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for openstack-neutron FEDORA-2014-7446");
+
+  tag_insight = "Neutron is a virtual network service for Openstack. Just like
+OpenStack Nova provides an API to dynamically request and configure
+virtual servers, Neutron provides an API to dynamically request and
+configure virtual networks. These networks connect 'interfaces' from
+other OpenStack services (e.g., virtual NICs from Nova VMs). The
+Neutron API supports extensions to provide advanced network
+capabilities (e.g., QoS, ACLs, network monitoring, etc.)
+";
+
+  tag_affected = "openstack-neutron on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7446");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134740.html");
+  script_summary("Check for the Version of openstack-neutron");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"openstack-neutron", rpm:"openstack-neutron~2013.2.3~9.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7446_openstack-neutron_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7479_sos_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7479_sos_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7479_sos_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,100 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for sos FEDORA-2014-7479
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867924");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:11:54 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0246");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for sos FEDORA-2014-7479");
+
+  tag_insight = "Sos is a set of tools that gathers information about system
+hardware and configuration. The information can then be used for
+diagnostic purposes and debugging. Sos is commonly used to help
+support technicians and developers.
+";
+
+  tag_affected = "sos on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7479");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134751.html");
+  script_summary("Check for the Version of sos");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"sos", rpm:"sos~3.1~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7479_sos_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7490_sos_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7490_sos_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7490_sos_fc19.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,100 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for sos FEDORA-2014-7490
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867941");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 19:48:09 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0246");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for sos FEDORA-2014-7490");
+
+  tag_insight = "Sos is a set of tools that gathers information about system
+hardware and configuration. The information can then be used for
+diagnostic purposes and debugging. Sos is commonly used to help
+support technicians and developers.
+";
+
+  tag_affected = "sos on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7490");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134780.html");
+  script_summary("Check for the Version of sos");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"sos", rpm:"sos~3.1~1.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7490_sos_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7579_kdelibs_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7579_kdelibs_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7579_kdelibs_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,97 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for kdelibs FEDORA-2014-7579
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867935");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:59:13 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3494");
+  script_tag(name:"cvss_base", value:"7.9");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:C/I:C/A:N");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for kdelibs FEDORA-2014-7579");
+
+  tag_insight = "Libraries for KDE 4.
+";
+
+  tag_affected = "kdelibs on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7579");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/134961.html");
+  script_summary("Check for the Version of kdelibs");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"kdelibs", rpm:"kdelibs~4.12.5~4.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7579_kdelibs_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7594_zabbix_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7594_zabbix_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7594_zabbix_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,110 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for zabbix FEDORA-2014-7594
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867937");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 16:16:41 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3005", "CVE-2013-6824");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for zabbix FEDORA-2014-7594");
+
+  tag_insight = "Zabbix is software that monitors numerous parameters of a network and the
+health and integrity of servers. Zabbix uses a flexible notification mechanism
+that allows users to configure e-mail based alerts for virtually any event.
+This allows a fast reaction to server problems. Zabbix offers excellent
+reporting and data visualization features based on the stored data.
+This makes Zabbix ideal for capacity planning.
+
+Zabbix supports both polling and trapping. All Zabbix reports and statistics,
+as well as configuration parameters are accessed through a web-based front end.
+A web-based front end ensures that the status of your network and the health of
+your servers can be assessed from any location. Properly configured, Zabbix can
+play an important role in monitoring IT infrastructure. This is equally true
+for small organizations with a few servers and for large companies with a
+multitude of servers.
+";
+
+  tag_affected = "zabbix on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7594");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134885.html");
+  script_summary("Check for the Version of zabbix");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"zabbix", rpm:"zabbix~2.0.12~3.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7594_zabbix_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7603_zabbix_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7603_zabbix_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7603_zabbix_fc19.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,110 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for zabbix FEDORA-2014-7603
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867932");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:46:19 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3005", "CVE-2013-6824", "CVE-2013-5743", "CVE-2012-6086");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for zabbix FEDORA-2014-7603");
+
+  tag_insight = "Zabbix is software that monitors numerous parameters of a network and the
+health and integrity of servers. Zabbix uses a flexible notification mechanism
+that allows users to configure e-mail based alerts for virtually any event.
+This allows a fast reaction to server problems. Zabbix offers excellent
+reporting and data visualization features based on the stored data.
+This makes Zabbix ideal for capacity planning.
+
+Zabbix supports both polling and trapping. All Zabbix reports and statistics,
+as well as configuration parameters are accessed through a web-based front end.
+A web-based front end ensures that the status of your network and the health of
+your servers can be assessed from any location. Properly configured, Zabbix can
+play an important role in monitoring IT infrastructure. This is equally true
+for small organizations with a few servers and for large companies with a
+multitude of servers.
+";
+
+  tag_affected = "zabbix on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7603");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134909.html");
+  script_summary("Check for the Version of zabbix");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"zabbix", rpm:"zabbix~2.0.12~3.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7603_zabbix_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7672_samba_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7672_samba_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7672_samba_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,98 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for samba FEDORA-2014-7672
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867936");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 16:01:22 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0178", "CVE-2014-0244", "CVE-2014-3493", "CVE-2013-4496",
+                "CVE-2013-6442", "CVE-2013-4408", "CVE-2012-6150");
+  script_tag(name:"cvss_base", value:"8.3");
+  script_tag(name:"cvss_base_vector", value:"AV:A/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Fedora Update for samba FEDORA-2014-7672");
+
+  tag_insight = "Samba is the standard Windows interoperability suite of programs for Linux and Unix.
+";
+
+  tag_affected = "samba on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7672");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html");
+  script_summary("Check for the Version of samba");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"samba", rpm:"samba~4.1.9~3.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7672_samba_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7676_gnupg_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7676_gnupg_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7676_gnupg_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,102 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gnupg FEDORA-2014-7676
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867934");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:57:04 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2013-4576");
+  script_tag(name:"cvss_base", value:"2.1");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:N/A:N");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for gnupg FEDORA-2014-7676");
+
+  tag_insight = "GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and
+creating digital signatures. GnuPG has advanced key management
+capabilities and is compliant with the proposed OpenPGP Internet
+standard described in RFC2440. Since GnuPG doesn't use any patented
+algorithm, it is not compatible with any version of PGP2 (PGP2.x uses
+only IDEA for symmetric-key encryption, which is patented worldwide).
+";
+
+  tag_affected = "gnupg on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7676");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134805.html");
+  script_summary("Check for the Version of gnupg");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"gnupg", rpm:"gnupg~1.4.17~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7676_gnupg_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7715_python-simplejson_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7715_python-simplejson_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7715_python-simplejson_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,111 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for python-simplejson FEDORA-2014-7715
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867943");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 19:50:20 +0530 (Tue, 01 Jul 2014)");
+  script_tag(name:"cvss_base", value:"5.5");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:S/C:P/I:P/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for python-simplejson FEDORA-2014-7715");
+
+  tag_insight = "simplejson is a simple, fast, complete, correct and extensible JSON
+http://json.org encoder and decoder for Python 2.5+. It is pure Python code
+with no dependencies, but includes an optional C extension for a serious speed
+boost.
+
+The encoder may be subclassed to provide serialization in any kind of
+situation, without any special support by the objects to be serialized
+(somewhat like pickle).
+
+The decoder can handle incoming JSON strings of any specified encoding (UTF-8
+by default).
+
+simplejson is the externally maintained development version of the json library
+included with Python 2.6 and Python 3.0, but maintains backwards compatibility
+with Python 2.5.  It gets updated more regularly than the json module in the
+python stdlib.
+";
+
+  tag_affected = "python-simplejson on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7715");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134761.html");
+  script_summary("Check for the Version of python-simplejson");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"python-simplejson", rpm:"python-simplejson~3.5.3~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7715_python-simplejson_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7765_php_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7765_php_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7765_php_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,107 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for php FEDORA-2014-7765
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867930");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:24:50 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3981", "CVE-2014-0207", "CVE-2014-3478", "CVE-2014-3479",
+                "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-4049", "CVE-2014-3515",
+                "CVE-2014-0185", "CVE-2013-6420");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for php FEDORA-2014-7765");
+
+  tag_insight = "PHP is an HTML-embedded scripting language. PHP attempts to make it
+easy for developers to write dynamically generated web pages. PHP also
+offers built-in database integration for several commercial and
+non-commercial database management systems, so writing a
+database-enabled webpage with PHP is fairly simple. The most common
+use of PHP coding is probably as a replacement for CGI scripts.
+
+The php package contains the module (often referred to as mod_php)
+which adds support for the PHP language to Apache HTTP Server.
+";
+
+  tag_affected = "php on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7765");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134876.html");
+  script_summary("Check for the Version of php");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"php", rpm:"php~5.5.14~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7765_php_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7796_gnupg2_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7796_gnupg2_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7796_gnupg2_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,106 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gnupg2 FEDORA-2014-7796
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867925");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:14:03 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-4617");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for gnupg2 FEDORA-2014-7796");
+
+  tag_insight = "GnuPG is GNU's tool for secure communication and data storage.  It can
+be used to encrypt data and to create digital signatures.  It includes
+an advanced key management facility and is compliant with the proposed
+OpenPGP Internet standard as described in RFC2440 and the S/MIME
+standard as described by several RFCs.
+
+GnuPG 2.0 is a newer version of GnuPG with additional support for
+S/MIME.  It has a different design philosophy that splits
+functionality up into several modules. The S/MIME and smartcard functionality
+is provided by the gnupg2-smime package.
+";
+
+  tag_affected = "gnupg2 on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7796");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134860.html");
+  script_summary("Check for the Version of gnupg2");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"gnupg2", rpm:"gnupg2~2.0.24~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7796_gnupg2_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7797_gnupg2_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7797_gnupg2_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7797_gnupg2_fc19.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,106 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for gnupg2 FEDORA-2014-7797
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867928");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:18:21 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-4617", "CVE-2013-4402");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for gnupg2 FEDORA-2014-7797");
+
+  tag_insight = "GnuPG is GNU's tool for secure communication and data storage.  It can
+be used to encrypt data and to create digital signatures.  It includes
+an advanced key management facility and is compliant with the proposed
+OpenPGP Internet standard as described in RFC2440 and the S/MIME
+standard as described by several RFCs.
+
+GnuPG 2.0 is a newer version of GnuPG with additional support for
+S/MIME.  It has a different design philosophy that splits
+functionality up into several modules. The S/MIME and smartcard functionality
+is provided by the gnupg2-smime package.
+";
+
+  tag_affected = "gnupg2 on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7797");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/134960.html");
+  script_summary("Check for the Version of gnupg2");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"gnupg2", rpm:"gnupg2~2.0.24~1.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_fedora_2014_7797_gnupg2_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7800_python_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7800_python_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7800_python_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,112 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for python FEDORA-2014-7800
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867929");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 15:22:41 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-4616");
+  script_tag(name:"cvss_base", value:"6.6");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:S/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for python FEDORA-2014-7800");
+
+  tag_insight = "Python is an interpreted, interactive, object-oriented programming
+language often compared to Tcl, Perl, Scheme or Java. Python includes
+modules, classes, exceptions, very high level dynamic data types and
+dynamic typing. Python supports interfaces to many system calls and
+libraries, as well as to various windowing systems (X11, Motif, Tk,
+Mac and MFC).
+
+Programmers can write new built-in modules for Python in C or C++.
+Python can be used as an extension language for applications that need
+a programmable interface.
+
+Note that documentation for Python is provided in the python-docs
+package.
+
+This package provides the 'python' executable  most of the actual
+implementation is within the 'python-libs' package.
+";
+
+  tag_affected = "python on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7800");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134903.html");
+  script_summary("Check for the Version of python");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"python", rpm:"python~2.7.5~13.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7800_python_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7863_kernel_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7863_kernel_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7863_kernel_fc20.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,109 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for kernel FEDORA-2014-7863
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867939");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 17:40:40 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0206", "CVE-2014-4508", "CVE-2014-4014", "CVE-2014-3153",
+                "CVE-2014-3940", "CVE-2014-3917", "CVE-2014-3144", "CVE-2014-3145",
+                "CVE-2014-1738", "CVE-2014-1737", "CVE-2014-0181", "CVE-2014-0196",
+                "CVE-2014-3122", "CVE-2014-2851", "CVE-2014-0155", "CVE-2014-2678",
+                "CVE-2014-2580", "CVE-2014-0077", "CVE-2014-0055", "CVE-2014-2568",
+                "CVE-2014-0131", "CVE-2014-2523", "CVE-2014-2309", "CVE-2014-0100",
+                "CVE-2014-0101", "CVE-2014-0049", "CVE-2014-0102", "CVE-2014-2039",
+                "CVE-2014-0069", "CVE-2014-1874", "CVE-2014-1446", "CVE-2014-1438",
+                "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6376", "CVE-2013-6368",
+                "CVE-2013-6367", "CVE-2014-4667", "CVE-2014-4608", "CVE-2014-4611");
+  script_tag(name:"cvss_base", value:"7.4");
+  script_tag(name:"cvss_base_vector", value:"AV:A/AC:M/Au:S/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for kernel FEDORA-2014-7863");
+
+  tag_insight = "The kernel package contains the Linux kernel (vmlinuz), the core of any
+Linux operating system.  The kernel handles the basic functions
+of the operating system: memory allocation, process allocation, device
+input and output, etc.
+";
+
+  tag_affected = "kernel on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7863");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134894.html");
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~3.14.9~200.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7863_kernel_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_suse_2014_0840_1.nasl
===================================================================
--- scripts/2014/gb_suse_2014_0840_1.nasl	                        (rev 0)
+++ scripts/2014/gb_suse_2014_0840_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,1372 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# SuSE Update for kernel openSUSE-SU-2014:0840-1 (kernel)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.850594");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 21:04:32 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2013-7339", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2678",
+                "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3144", "CVE-2014-3145",
+                "CVE-2014-3153");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("SuSE Update for kernel openSUSE-SU-2014:0840-1 (kernel)");
+
+  tag_insight = "
+  The Linux kernel was updated to fix security issues and bugs.
+
+  Security issues fixed: CVE-2014-3153: The futex_requeue function in
+  kernel/futex.c in the Linux kernel did not ensure that calls have two
+  different futex addresses, which allowed local users to gain privileges
+  via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter
+  modification.
+
+  CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST
+  extension implementations in the sk_run_filter function in
+  net/core/filter.c in the Linux kernel did not check whether a certain
+  length value is sufficiently large, which allowed local users to cause a
+  denial of service (integer underflow and system crash) via crafted BPF
+  instructions. NOTE: the affected code was moved to the __skb_get_nlattr
+  and __skb_get_nlattr_nest functions before the vulnerability was announced.
+
+  CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in the
+  sk_run_filter function in net/core/filter.c in the Linux kernel used the
+  reverse order in a certain subtraction, which allowed local users to cause
+  a denial of service (over-read and system crash) via crafted BPF
+  instructions. NOTE: the affected code was moved to the
+  __skb_get_nlattr_nest function before the vulnerability was announced.
+
+  CVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable
+  buffers are disabled, did not properly validate packet lengths, which
+  allowed guest OS users to cause a denial of service (memory corruption and
+  host OS crash) or possibly gain privileges on the host OS via crafted
+  packets, related to the handle_rx and get_rx_bufs functions.
+
+  CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the
+  vhost-net subsystem in the Linux kernel package did not properly handle
+  vhost_get_vq_desc errors, which allowed guest OS users to cause a denial
+  of service (host OS crash) via unspecified vectors.
+
+  CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the
+  Linux kernel allowed local users to cause a denial of service (NULL
+  pointer dereference and system crash) or possibly have unspecified other
+  impact via a bind system call for an RDS socket on a system that lacks RDS
+  transports.
+
+  CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the
+  Linux kernel allowed local users to cause a denial of service (NULL
+  pointer dereference and system crash) or possibly have unspecified other
+  impact via a bind system call for an RDS socket on a system that lacks RDS
+  transports.
+
+  CVE-2014-2851: Integer overflow in the ping_init_sock function in
+  net/ipv4/ping.c in ...
+
+  Description truncated, for more information please check the Reference URL";
+
+  tag_affected = "kernel on openSUSE 13.1";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "openSUSE-SU", value: "2014:0840_1");
+  script_xref(name: "URL" , value: "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00029.html");
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("SuSE Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:novell:opensuse", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "openSUSE13.1")
+{
+
+  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-base-debuginfo", rpm:"kernel-debug-base-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-devel-debuginfo", rpm:"kernel-debug-devel-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop", rpm:"kernel-desktop~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-base", rpm:"kernel-desktop-base~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-base-debuginfo", rpm:"kernel-desktop-base-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-debuginfo", rpm:"kernel-desktop-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-debugsource", rpm:"kernel-desktop-debugsource~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-devel", rpm:"kernel-desktop-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-devel-debuginfo", rpm:"kernel-desktop-devel-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2", rpm:"kernel-ec2~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-base", rpm:"kernel-ec2-base~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-base-debuginfo", rpm:"kernel-ec2-base-debuginfo~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-debuginfo", rpm:"kernel-ec2-debuginfo~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-debugsource", rpm:"kernel-ec2-debugsource~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-devel", rpm:"kernel-ec2-devel~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-devel-debuginfo", rpm:"kernel-ec2-devel-debuginfo~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-base-debuginfo", rpm:"kernel-trace-base-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-debuginfo", rpm:"kernel-trace-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-debugsource", rpm:"kernel-trace-debugsource~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-devel", rpm:"kernel-trace-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-devel-debuginfo", rpm:"kernel-trace-devel-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-devel", rpm:"kernel-vanilla-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-devel-debuginfo", rpm:"kernel-vanilla-devel-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-base-debuginfo", rpm:"kernel-xen-base-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-debugsource", rpm:"kernel-xen-debugsource~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-devel-debuginfo", rpm:"kernel-xen-devel-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop", rpm:"cloop~2.639~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-debuginfo", rpm:"cloop-debuginfo~2.639~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-debugsource", rpm:"cloop-debugsource~2.639~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-default", rpm:"cloop-kmp-default~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-default-debuginfo", rpm:"cloop-kmp-default-debuginfo~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-desktop", rpm:"cloop-kmp-desktop~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-desktop-debuginfo", rpm:"cloop-kmp-desktop-debuginfo~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-xen", rpm:"cloop-kmp-xen~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-xen-debuginfo", rpm:"cloop-kmp-xen-debuginfo~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash", rpm:"crash~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-debuginfo", rpm:"crash-debuginfo~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-debugsource", rpm:"crash-debugsource~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-devel", rpm:"crash-devel~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-doc", rpm:"crash-doc~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-eppic", rpm:"crash-eppic~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-eppic-debuginfo", rpm:"crash-eppic-debuginfo~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-gcore", rpm:"crash-gcore~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-gcore-debuginfo", rpm:"crash-gcore-debuginfo~7.0.2~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-default", rpm:"crash-kmp-default~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-default-debuginfo", rpm:"crash-kmp-default-debuginfo~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-desktop", rpm:"crash-kmp-desktop~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-desktop-debuginfo", rpm:"crash-kmp-desktop-debuginfo~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-xen", rpm:"crash-kmp-xen~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-xen-debuginfo", rpm:"crash-kmp-xen-debuginfo~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-debugsource", rpm:"hdjmod-debugsource~1.28~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-default", rpm:"hdjmod-kmp-default~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-default-debuginfo", rpm:"hdjmod-kmp-default-debuginfo~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-desktop", rpm:"hdjmod-kmp-desktop~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-desktop-debuginfo", rpm:"hdjmod-kmp-desktop-debuginfo~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-xen", rpm:"hdjmod-kmp-xen~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-xen-debuginfo", rpm:"hdjmod-kmp-xen-debuginfo~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset", rpm:"ipset~6.21.1~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-debuginfo", rpm:"ipset-debuginfo~6.21.1~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-debugsource", rpm:"ipset-debugsource~6.21.1~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-devel", rpm:"ipset-devel~6.21.1~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-default", rpm:"ipset-kmp-default~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-default-debuginfo", rpm:"ipset-kmp-default-debuginfo~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-desktop", rpm:"ipset-kmp-desktop~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-desktop-debuginfo", rpm:"ipset-kmp-desktop-debuginfo~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-xen", rpm:"ipset-kmp-xen~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-xen-debuginfo", rpm:"ipset-kmp-xen-debuginfo~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget", rpm:"iscsitarget~1.4.20.3~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-debuginfo", rpm:"iscsitarget-debuginfo~1.4.20.3~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-debugsource", rpm:"iscsitarget-debugsource~1.4.20.3~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-default", rpm:"iscsitarget-kmp-default~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-default-debuginfo", rpm:"iscsitarget-kmp-default-debuginfo~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-desktop", rpm:"iscsitarget-kmp-desktop~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-desktop-debuginfo", rpm:"iscsitarget-kmp-desktop-debuginfo~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-xen", rpm:"iscsitarget-kmp-xen~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-xen-debuginfo", rpm:"iscsitarget-kmp-xen-debuginfo~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-base-debuginfo", rpm:"kernel-default-base-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-devel", rpm:"kernel-default-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-devel-debuginfo", rpm:"kernel-default-devel-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~3.11.10~17.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"libipset3", rpm:"libipset3~6.21.1~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"libipset3-debuginfo", rpm:"libipset3-debuginfo~6.21.1~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper", rpm:"ndiswrapper~1.58~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-debuginfo", rpm:"ndiswrapper-debuginfo~1.58~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-debugsource", rpm:"ndiswrapper-debugsource~1.58~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-kmp-default", rpm:"ndiswrapper-kmp-default~1.58_k3.11.10_17~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-kmp-default-debuginfo", rpm:"ndiswrapper-kmp-default-debuginfo~1.58_k3.11.10_17~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-kmp-desktop", rpm:"ndiswrapper-kmp-desktop~1.58_k3.11.10_17~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-kmp-desktop-debuginfo", rpm:"ndiswrapper-kmp-desktop-debuginfo~1.58_k3.11.10_17~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock", rpm:"pcfclock~0.44~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-debuginfo", rpm:"pcfclock-debuginfo~0.44~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-debugsource", rpm:"pcfclock-debugsource~0.44~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-kmp-default", rpm:"pcfclock-kmp-default~0.44_k3.11.10_17~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-kmp-default-debuginfo", rpm:"pcfclock-kmp-default-debuginfo~0.44_k3.11.10_17~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-kmp-desktop", rpm:"pcfclock-kmp-desktop~0.44_k3.11.10_17~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-kmp-desktop-debuginfo", rpm:"pcfclock-kmp-desktop-debuginfo~0.44_k3.11.10_17~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"python-virtualbox", rpm:"python-virtualbox~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"python-virtualbox-debuginfo", rpm:"python-virtualbox-debuginfo~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-debugsource-20130607", rpm:"vhba-kmp-debugsource-20130607~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-default-20130607_k3.11.10_17", rpm:"vhba-kmp-default-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-default-debuginfo-20130607_k3.11.10_17", rpm:"vhba-kmp-default-debuginfo-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-desktop-20130607_k3.11.10_17", rpm:"vhba-kmp-desktop-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-desktop-debuginfo-20130607_k3.11.10_17", rpm:"vhba-kmp-desktop-debuginfo-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-xen-20130607_k3.11.10_17", rpm:"vhba-kmp-xen-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-xen-debuginfo-20130607_k3.11.10_17", rpm:"vhba-kmp-xen-debuginfo-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox", rpm:"virtualbox~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-debuginfo", rpm:"virtualbox-debuginfo~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-debugsource", rpm:"virtualbox-debugsource~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-devel", rpm:"virtualbox-devel~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-kmp-default", rpm:"virtualbox-guest-kmp-default~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-kmp-default-debuginfo", rpm:"virtualbox-guest-kmp-default-debuginfo~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-kmp-desktop", rpm:"virtualbox-guest-kmp-desktop~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-kmp-desktop-debuginfo", rpm:"virtualbox-guest-kmp-desktop-debuginfo~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-tools", rpm:"virtualbox-guest-tools~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-tools-debuginfo", rpm:"virtualbox-guest-tools-debuginfo~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-x11", rpm:"virtualbox-guest-x11~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-x11-debuginfo", rpm:"virtualbox-guest-x11-debuginfo~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-host-kmp-default", rpm:"virtualbox-host-kmp-default~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-host-kmp-default-debuginfo", rpm:"virtualbox-host-kmp-default-debuginfo~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-host-kmp-desktop", rpm:"virtualbox-host-kmp-desktop~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-host-kmp-desktop-debuginfo", rpm:"virtualbox-host-kmp-desktop-debuginfo~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-qt", rpm:"virtualbox-qt~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-qt-debuginfo", rpm:"virtualbox-qt-debuginfo~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-websrv", rpm:"virtualbox-websrv~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-websrv-debuginfo", rpm:"virtualbox-websrv-debuginfo~4.2.18~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-debugsource", rpm:"xen-debugsource~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-devel", rpm:"xen-devel~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-kmp-default", rpm:"xen-kmp-default~4.3.2_01_k3.11.10_17~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-kmp-default-debuginfo", rpm:"xen-kmp-default-debuginfo~4.3.2_01_k3.11.10_17~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-kmp-desktop", rpm:"xen-kmp-desktop~4.3.2_01_k3.11.10_17~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-kmp-desktop-debuginfo", rpm:"xen-kmp-desktop-debuginfo~4.3.2_01_k3.11.10_17~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-libs", rpm:"xen-libs~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-libs-debuginfo", rpm:"xen-libs-debuginfo~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-tools-domU", rpm:"xen-tools-domU~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-tools-domU-debuginfo", rpm:"xen-tools-domU-debuginfo~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons", rpm:"xtables-addons~2.3~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-debuginfo", rpm:"xtables-addons-debuginfo~2.3~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-debugsource", rpm:"xtables-addons-debugsource~2.3~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-default", rpm:"xtables-addons-kmp-default~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-default-debuginfo", rpm:"xtables-addons-kmp-default-debuginfo~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-desktop", rpm:"xtables-addons-kmp-desktop~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-desktop-debuginfo", rpm:"xtables-addons-kmp-desktop-debuginfo~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-xen", rpm:"xtables-addons-kmp-xen~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-xen-debuginfo", rpm:"xtables-addons-kmp-xen-debuginfo~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~3.11.10~17.6", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-source-vanilla", rpm:"kernel-source-vanilla~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen", rpm:"xen~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-doc-html", rpm:"xen-doc-html~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-libs-32bit", rpm:"xen-libs-32bit~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-libs-debuginfo-32bit", rpm:"xen-libs-debuginfo-32bit~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-tools", rpm:"xen-tools~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-tools-debuginfo", rpm:"xen-tools-debuginfo~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-xend-tools", rpm:"xen-xend-tools~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-xend-tools-debuginfo", rpm:"xen-xend-tools-debuginfo~4.3.2_01~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-base-debuginfo", rpm:"kernel-pae-base-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-debuginfo", rpm:"kernel-pae-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-debugsource", rpm:"kernel-pae-debugsource~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-devel", rpm:"kernel-pae-devel~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-devel-debuginfo", rpm:"kernel-pae-devel-debuginfo~3.11.10~17.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-pae", rpm:"cloop-kmp-pae~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"cloop-kmp-pae-debuginfo", rpm:"cloop-kmp-pae-debuginfo~2.639_k3.11.10_17~11.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-pae", rpm:"crash-kmp-pae~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"crash-kmp-pae-debuginfo", rpm:"crash-kmp-pae-debuginfo~7.0.2_k3.11.10_17~2.10.9", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-pae", rpm:"hdjmod-kmp-pae~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"hdjmod-kmp-pae-debuginfo", rpm:"hdjmod-kmp-pae-debuginfo~1.28_k3.11.10_17~16.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-pae", rpm:"ipset-kmp-pae~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ipset-kmp-pae-debuginfo", rpm:"ipset-kmp-pae-debuginfo~6.21.1_k3.11.10_17~2.14.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-pae", rpm:"iscsitarget-kmp-pae~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"iscsitarget-kmp-pae-debuginfo", rpm:"iscsitarget-kmp-pae-debuginfo~1.4.20.3_k3.11.10_17~13.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-kmp-pae", rpm:"ndiswrapper-kmp-pae~1.58_k3.11.10_17~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"ndiswrapper-kmp-pae-debuginfo", rpm:"ndiswrapper-kmp-pae-debuginfo~1.58_k3.11.10_17~10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-kmp-pae", rpm:"pcfclock-kmp-pae~0.44_k3.11.10_17~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"pcfclock-kmp-pae-debuginfo", rpm:"pcfclock-kmp-pae-debuginfo~0.44_k3.11.10_17~258.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-pae-20130607_k3.11.10_17", rpm:"vhba-kmp-pae-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"vhba-kmp-pae-debuginfo-20130607_k3.11.10_17", rpm:"vhba-kmp-pae-debuginfo-20130607_k3.11.10_17~2.11.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-kmp-pae", rpm:"virtualbox-guest-kmp-pae~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-guest-kmp-pae-debuginfo", rpm:"virtualbox-guest-kmp-pae-debuginfo~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-host-kmp-pae", rpm:"virtualbox-host-kmp-pae~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"virtualbox-host-kmp-pae-debuginfo", rpm:"virtualbox-host-kmp-pae-debuginfo~4.2.18_k3.11.10_17~2.15.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-kmp-pae", rpm:"xen-kmp-pae~4.3.2_01_k3.11.10_17~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xen-kmp-pae-debuginfo", rpm:"xen-kmp-pae-debuginfo~4.3.2_01_k3.11.10_17~18.2", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-pae", rpm:"xtables-addons-kmp-pae~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"xtables-addons-kmp-pae-debuginfo", rpm:"xtables-addons-kmp-pae-debuginfo~2.3_k3.11.10_17~2.10.1", rls:"openSUSE13.1")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_suse_2014_0840_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_suse_2014_0856_1.nasl
===================================================================
--- scripts/2014/gb_suse_2014_0856_1.nasl	                        (rev 0)
+++ scripts/2014/gb_suse_2014_0856_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,489 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# SuSE Update for kernel openSUSE-SU-2014:0856-1 (kernel)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.850593");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 20:48:43 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2013-7339", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2678",
+                "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3153");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("SuSE Update for kernel openSUSE-SU-2014:0856-1 (kernel)");
+
+  tag_insight = "
+  The Linux kernel was updated to fix security issues and bugs:
+
+  Security issues fixed: CVE-2014-3153: The futex_requeue function in
+  kernel/futex.c in the Linux kernel did not ensure that calls have two
+  different futex addresses, which allowed local users to gain privileges
+  via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter
+  modification.
+
+  CVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable
+  buffers are disabled, did not properly validate packet lengths, which
+  allowed guest OS users to cause a denial of service (memory corruption and
+  host OS crash) or possibly gain privileges on the host OS via crafted
+  packets, related to the handle_rx and get_rx_bufs functions.
+
+  CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the
+  vhost-net subsystem in the Linux kernel package did not properly handle
+  vhost_get_vq_desc errors, which allowed guest OS users to cause a denial
+  of service (host OS crash) via unspecified vectors.
+
+  CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the
+  Linux kernel allowed local users to cause a denial of service (NULL
+  pointer dereference and system crash) or possibly have unspecified other
+  impact via a bind system call for an RDS socket on a system that lacks RDS
+  transports.
+
+  CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the
+  Linux kernel allowed local users to cause a denial of service (NULL
+  pointer dereference and system crash) or possibly have unspecified other
+  impact via a bind system call for an RDS socket on a system that lacks RDS
+  transports.
+
+  CVE-2014-2851: Integer overflow in the ping_init_sock function in
+  net/ipv4/ping.c in the Linux kernel allowed local users to cause a denial
+  of service (use-after-free and system crash) or possibly gain privileges
+  via a crafted application that leverages an improperly managed reference
+  counter.
+
+  CVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the Linux
+  kernel did not properly consider which pages must be locked, which allowed
+  local users to cause a denial of service (system crash) by triggering a
+  memory-usage pattern that requires removal of page-table mappings.
+
+  Bugs fixed:
+  - memcg: deprecate memory.force_empty knob (bnc#878274).";
+
+  tag_affected = "kernel on openSUSE 12.3";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "openSUSE-SU", value: "2014:0856_1");
+  script_xref(name: "URL" , value: "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00000.html");
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("SuSE Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:novell:opensuse", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "openSUSE12.3")
+{
+
+  if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-base-debuginfo", rpm:"kernel-default-base-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-devel", rpm:"kernel-default-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-default-devel-debuginfo", rpm:"kernel-default-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-base-debuginfo", rpm:"kernel-debug-base-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-debug-devel-debuginfo", rpm:"kernel-debug-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop", rpm:"kernel-desktop~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-base", rpm:"kernel-desktop-base~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-base-debuginfo", rpm:"kernel-desktop-base-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-debuginfo", rpm:"kernel-desktop-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-debugsource", rpm:"kernel-desktop-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-devel", rpm:"kernel-desktop-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-desktop-devel-debuginfo", rpm:"kernel-desktop-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2", rpm:"kernel-ec2~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-base", rpm:"kernel-ec2-base~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-base-debuginfo", rpm:"kernel-ec2-base-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-debuginfo", rpm:"kernel-ec2-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-debugsource", rpm:"kernel-ec2-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-devel", rpm:"kernel-ec2-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-ec2-devel-debuginfo", rpm:"kernel-ec2-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-base-debuginfo", rpm:"kernel-trace-base-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-debuginfo", rpm:"kernel-trace-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-debugsource", rpm:"kernel-trace-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-devel", rpm:"kernel-trace-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-trace-devel-debuginfo", rpm:"kernel-trace-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-devel", rpm:"kernel-vanilla-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-vanilla-devel-debuginfo", rpm:"kernel-vanilla-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-base-debuginfo", rpm:"kernel-xen-base-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-debugsource", rpm:"kernel-xen-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-xen-devel-debuginfo", rpm:"kernel-xen-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~3.7.10~1.36.2", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-source-vanilla", rpm:"kernel-source-vanilla~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-base-debuginfo", rpm:"kernel-pae-base-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-debuginfo", rpm:"kernel-pae-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-debugsource", rpm:"kernel-pae-debugsource~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-devel", rpm:"kernel-pae-devel~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"kernel-pae-devel-debuginfo", rpm:"kernel-pae-devel-debuginfo~3.7.10~1.36.1", rls:"openSUSE12.3")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_suse_2014_0856_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2232_3.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2232_3.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2232_3.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,163 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for openssl USN-2232-3
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841867");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 21:24:39 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0224", "CVE-2014-0195", "CVE-2014-0221", "CVE-2014-3470");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for openssl USN-2232-3");
+
+  tag_insight = "USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix
+for CVE-2014-0224 caused a regression for certain applications that use
+renegotiation, such as PostgreSQL. This update fixes the problem.
+
+Original advisory details:
+
+J&#252 ri Aedla discovered that OpenSSL incorrectly handled invalid DTLS
+fragments. A remote attacker could use this issue to cause OpenSSL to
+crash, resulting in a denial of service, or possibly execute arbitrary
+code. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and
+Ubuntu 14.04 LTS. (CVE-2014-0195)
+Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. A
+remote attacker could use this issue to cause OpenSSL to crash, resulting
+in a denial of service. (CVE-2014-0221)
+KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain
+handshakes. A remote attacker could use this flaw to perform a
+man-in-the-middle attack and possibly decrypt and modify traffic.
+(CVE-2014-0224)
+Felix Gr&#246 bert and Ivan Fratri&#263  discovered that OpenSSL incorrectly handled
+anonymous ECDH ciphersuites. A remote attacker could use this issue to
+cause OpenSSL to crash, resulting in a denial of service. This issue only
+affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS.
+(CVE-2014-3470)";
+
+  tag_affected = "openssl on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS ,
+  Ubuntu 10.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2232-3");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002559.html");
+  script_summary("Check for the Version of openssl");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libssl1.0.0:i386", ver:"1.0.1f-1ubuntu2.4", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libssl1.0.0", ver:"1.0.1-4ubuntu5.16", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libssl0.9.8", ver:"0.9.8k-7ubuntu8.19", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"libssl1.0.0:i386", ver:"1.0.1e-3ubuntu1.6", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2232_3.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2253_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2253_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2253_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,97 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for libreoffice USN-2253-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841868");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 21:33:25 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0247");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for libreoffice USN-2253-1");
+
+  tag_insight = "It was discovered that LibreOffice unconditionally executed
+certain VBA macros, contrary to user expectations.";
+
+  tag_affected = "libreoffice on Ubuntu 14.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2253-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002557.html");
+  script_summary("Check for the Version of libreoffice");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libreoffice-core", ver:"1:4.2.4-0ubuntu2", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2253_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2254_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2254_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2254_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,219 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for php5 USN-2254-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841878");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:39:43 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0185", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-4049");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for php5 USN-2254-1");
+
+  tag_insight = "Christian Hoffmann discovered that the PHP FastCGI Process
+Manager (FPM) set incorrect permissions on the UNIX socket. A local attacker
+could use this issue to possibly elevate their privileges. This issue only
+affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0185)
+
+Francisco Alonso discovered that the PHP Fileinfo component incorrectly
+handled certain CDF documents. A remote attacker could use this issue to
+cause PHP to hang or crash, resulting in a denial of service.
+(CVE-2014-0237, CVE-2014-0238)
+
+Stefan Esser discovered that PHP incorrectly handled DNS TXT records. A
+remote attacker could use this issue to cause PHP to crash, resulting in a
+denial of service, or possibly execute arbitrary code. (CVE-2014-4049)";
+
+  tag_affected = "php5 on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS ,
+  Ubuntu 10.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2254-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002558.html");
+  script_summary("Check for the Version of php5");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.5.9+dfsg-1ubuntu4.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.5.9+dfsg-1ubuntu4.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.5.9+dfsg-1ubuntu4.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-fpm", ver:"5.5.9+dfsg-1ubuntu4.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.3.10-1ubuntu3.12", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.3.10-1ubuntu3.12", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.3.10-1ubuntu3.12", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-fpm", ver:"5.3.10-1ubuntu3.12", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.3.2-1ubuntu4.25", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.3.2-1ubuntu4.25", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.3.2-1ubuntu4.25", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"libapache2-mod-php5", ver:"5.5.3+dfsg-1ubuntu2.4", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cgi", ver:"5.5.3+dfsg-1ubuntu2.4", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-cli", ver:"5.5.3+dfsg-1ubuntu2.4", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"php5-fpm", ver:"5.5.3+dfsg-1ubuntu2.4", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2254_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2254_2.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2254_2.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2254_2.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,129 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for php5 USN-2254-2
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841875");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:22:18 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0185", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-4049");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for php5 USN-2254-2");
+
+  tag_insight = "USN-2254-1 fixed vulnerabilities in PHP. The fix for
+CVE-2014-0185 further restricted the permissions on the PHP FastCGI Process
+Manager (FPM) UNIX socket. This update grants socket access to the www-data
+user and group so installations and documentation relying on the previous
+socket permissions will continue to function.
+
+Original advisory details:
+
+Christian Hoffmann discovered that the PHP FastCGI Process Manager (FPM)
+set incorrect permissions on the UNIX socket. A local attacker could use
+this issue to possibly elevate their privileges. This issue only affected
+Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0185)
+Francisco Alonso discovered that the PHP Fileinfo component incorrectly
+handled certain CDF documents. A remote attacker could use this issue to
+cause PHP to hang or crash, resulting in a denial of service.
+(CVE-2014-0237, CVE-2014-0238)
+Stefan Esser discovered that PHP incorrectly handled DNS TXT records. A
+remote attacker could use this issue to cause PHP to crash, resulting in a
+denial of service, or possibly execute arbitrary code. (CVE-2014-4049)";
+
+  tag_affected = "php5 on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2254-2");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002560.html");
+  script_summary("Check for the Version of php5");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"php5-fpm", ver:"5.5.9+dfsg-1ubuntu4.2", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"php5-fpm", ver:"5.5.3+dfsg-1ubuntu2.5", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2254_2.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2255_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2255_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2255_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,125 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for neutron USN-2255-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841869");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 21:35:34 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2013-6433", "CVE-2014-0187", "CVE-2014-4167");
+  script_tag(name:"cvss_base", value:"9.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Ubuntu Update for neutron USN-2255-1");
+
+  tag_insight = "Darragh O'Reilly discovered that the Ubuntu packaging for
+OpenStack Neutron did not properly set up its sudo configuration. If a
+different flaw was found in OpenStack Neutron, this vulnerability could be used
+to escalate privileges. (CVE-2013-6433)
+
+Stephen Ma and Christoph Thiel discovered that the openvswitch-agent in
+OpenStack Neutron did not properly perform input validation when creating
+security group rules when specifying --remote-ip-prefix. A remote
+authenticated attacker could exploit this to prevent application of
+additional rules. (CVE-2014-0187)
+
+Thiago Martins discovered that OpenStack Neutron would inappropriately
+apply SNAT rules to IPv6 subnets when using the L3-agent. A remote
+authenticated attacker could exploit this to prevent floating IPv4
+addresses from being attached throughout the cloud. (CVE-2014-4167)";
+
+  tag_affected = "neutron on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2255-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002561.html");
+  script_summary("Check for the Version of neutron");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"python-neutron", ver:"1:2014.1-0ubuntu1.3", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"python-neutron", ver:"1:2013.2.3-0ubuntu1.5", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2255_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2256_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2256_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2256_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,102 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for swift USN-2256-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841872");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:09:12 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3497");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for swift USN-2256-1");
+
+  tag_insight = "John Dickinson discovered that Swift did not properly quote
+the WWW-Authenticate header value. If a user were tricked into navigating to a
+malicious Swift URL, an attacker could conduct cross-site scripting
+attacks. With cross-site scripting vulnerabilities, if a user were tricked
+into viewing server output during a crafted server request, a remote
+attacker could exploit this to modify the contents, or steal confidential
+data, within the same domain.";
+
+  tag_affected = "swift on Ubuntu 14.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2256-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002562.html");
+  script_summary("Check for the Version of swift");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"python-swift", ver:"1.13.1-0ubuntu1.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2256_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2257_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2257_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2257_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,160 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for samba USN-2257-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841871");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:00:30 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0178", "CVE-2014-0239", "CVE-2014-0244", "CVE-2014-3493");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for samba USN-2257-1");
+
+  tag_insight = "Christof Schmitt discovered that Samba incorrectly initialized
+a certain response field when vfs shadow copy was enabled. A remote
+authenticated attacker could use this issue to possibly obtain sensitive
+information. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS.
+(CVE-2014-0178)
+
+It was discovered that the Samba internal DNS server incorrectly handled QR
+fields when processing incoming DNS messages. A remote attacker could use
+this issue to cause Samba to consume resources, resulting in a denial of
+service. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0239)
+
+Daniel Berteaud discovered that the Samba NetBIOS name service daemon
+incorrectly handled certain malformed packets. A remote attacker could use
+this issue to cause Samba to consume resources, resulting in a denial of
+service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and
+Ubuntu 14.04 LTS. (CVE-2014-0244)
+
+Simon Arlott discovered that Samba incorrectly handled certain unicode path
+names. A remote authenticated attacker could use this issue to cause Samba
+to stop responding, resulting in a denial of service. (CVE-2014-3493)";
+
+  tag_affected = "samba on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS ,
+  Ubuntu 10.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2257-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002563.html");
+  script_summary("Check for the Version of samba");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"samba", ver:"2:4.1.6+dfsg-1ubuntu2.14.04.2", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"samba", ver:"2:3.6.3-2ubuntu2.11", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"samba", ver:"2:3.4.7~dfsg-1ubuntu3.15", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"samba", ver:"2:3.6.18-1ubuntu3.3", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2257_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2258_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2258_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2258_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,168 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for gnupg USN-2258-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841877");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:37:34 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-4617");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for gnupg USN-2258-1");
+
+  tag_insight = "Jean-Ren&#233  Reinhard, Olivier Levillain and Florian Maury
+discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or
+automated system were tricked into processing a specially-crafted message, GnuPG
+could consume resources, resulting in a denial of service.";
+
+  tag_affected = "gnupg on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS ,
+  Ubuntu 10.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2258-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002564.html");
+  script_summary("Check for the Version of gnupg");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"gnupg", ver:"1.4.16-1ubuntu2.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"gnupg2", ver:"2.0.22-3ubuntu1.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"gnupg", ver:"1.4.11-3ubuntu2.6", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"gnupg2", ver:"2.0.17-2ubuntu2.12.04.4", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"gnupg", ver:"1.4.10-2ubuntu1.6", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"gnupg2", ver:"2.0.14-1ubuntu1.7", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"gnupg", ver:"1.4.14-1ubuntu2.2", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"gnupg2", ver:"2.0.20-1ubuntu3.1", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2258_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2259_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2259_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2259_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,142 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-2259-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841874");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:15:43 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145");
+  script_tag(name:"cvss_base", value:"4.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux USN-2259-1");
+
+  tag_insight = "Salva Peir&#243  discovered an information leak in the Linux
+kernel's media- device driver. A local attacker could exploit this flaw to
+obtain sensitive information from kernel memory. (CVE-2014-1739)
+
+A bounds check error was discovered in the socket filter subsystem of the
+Linux kernel. A local user could exploit this flaw to cause a denial of
+service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)";
+
+  tag_affected = "linux on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2259-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002565.html");
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-65-generic", ver:"3.2.0-65.98", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-65-generic-pae", ver:"3.2.0-65.98", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-65-highbank", ver:"3.2.0-65.98", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-65-omap", ver:"3.2.0-65.98", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-65-powerpc-smp", ver:"3.2.0-65.98", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-65-powerpc64-smp", ver:"3.2.0-65.98", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-65-virtual", ver:"3.2.0-65.98", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2259_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2260_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2260_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2260_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,137 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-trusty USN-2260-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841870");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 21:42:04 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-0196", "CVE-2014-3153", "CVE-2014-1738", "CVE-2014-1737",
+                "CVE-2014-0077", "CVE-2014-2568", "CVE-2014-2851", "CVE-2014-3122");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for linux-lts-trusty USN-2260-1");
+
+  tag_insight = "A flaw was discovered in the Linux kernel's pseudo tty (pty)
+device. An unprivileged user could exploit this flaw to cause a denial of
+service (system crash) or potentially gain administrator privileges.
+(CVE-2014-0196)
+
+Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An
+unprivileged local user could exploit this flaw to cause a denial of
+service (system crash) or gain administrative privileges. (CVE-2014-3153)
+
+Matthew Daley reported an information leak in the floppy disk driver of the
+Linux kernel. An unprivileged local user could exploit this flaw to obtain
+potentially sensitive information from kernel memory. (CVE-2014-1738)
+
+Matthew Daley reported a flaw in the handling of ioctl commands by the
+floppy disk driver in the Linux kernel. An unprivileged local user could
+exploit this flaw to gain administrative privileges if the floppy disk
+module is loaded. (CVE-2014-1737)
+
+A flaw was discovered in the handling of network packets when mergeable
+buffers are disabled for virtual machines in the Linux kernel. Guest OS
+users may exploit this flaw to cause a denial of service (host OS crash) or
+possibly gain privilege on the host OS. (CVE-2014-0077)
+
+An information leak was discovered in the netfilter subsystem of the Linux
+kernel. An attacker could exploit this flaw to obtain sensitive information
+from kernel memory. (CVE-2014-2568)
+
+A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
+local user could exploit this flaw to cause a denial of service (system
+crash) or possibly gain privileges via a crafted application.
+(CVE-2014-2851)
+
+Sasha Levin reported a bug in the Linux kernel's virtual memory management
+subsystem. An unprivileged local user could exploit this flaw to cause a
+denial of service (system crash). (CVE-2014-3122)";
+
+  tag_affected = "linux-lts-trusty on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2260-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002566.html");
+  script_summary("Check for the Version of linux-lts-trusty");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-30-generic", ver:"3.13.0-30.54~precise2", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-30-generic-lpae", ver:"3.13.0-30.54~precise2", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2260_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2261_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2261_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2261_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,112 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-saucy USN-2261-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841879");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:48:26 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145");
+  script_tag(name:"cvss_base", value:"4.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux-lts-saucy USN-2261-1");
+
+  tag_insight = "Salva Peir&#243  discovered an information leak in the Linux
+kernel's media- device driver. A local attacker could exploit this flaw to
+obtain sensitive information from kernel memory. (CVE-2014-1739)
+
+A bounds check error was discovered in the socket filter subsystem of the
+Linux kernel. A local user could exploit this flaw to cause a denial of
+service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)";
+
+  tag_affected = "linux-lts-saucy on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2261-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002567.html");
+  script_summary("Check for the Version of linux-lts-saucy");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-24-generic", ver:"3.11.0-24.41~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-24-generic-lpae", ver:"3.11.0-24.41~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2261_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2262_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2262_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2262_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,102 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-quantal USN-2262-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841873");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:11:20 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-3144", "CVE-2014-3145");
+  script_tag(name:"cvss_base", value:"4.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux-lts-quantal USN-2262-1");
+
+  tag_insight = "A bounds check error was discovered in the socket filter
+subsystem of the Linux kernel. A local user could exploit this flaw to cause a
+denial of service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)";
+
+  tag_affected = "linux-lts-quantal on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2262-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002568.html");
+  script_summary("Check for the Version of linux-lts-quantal");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.5.0-52-generic", ver:"3.5.0-52.78~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2262_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2263_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2263_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2263_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,106 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ti-omap4 USN-2263-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841876");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:30:58 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145");
+  script_tag(name:"cvss_base", value:"4.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux-ti-omap4 USN-2263-1");
+
+  tag_insight = "Salva Peir&#243  discovered an information leak in the Linux
+kernel's media-device driver. A local attacker could exploit this flaw to obtain
+sensitive information from kernel memory. (CVE-2014-1739)
+
+A bounds check error was discovered in the socket filter subsystem of the
+Linux kernel. A local user could exploit this flaw to cause a denial of
+service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)";
+
+  tag_affected = "linux-ti-omap4 on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2263-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002569.html");
+  script_summary("Check for the Version of linux-ti-omap4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-1450-omap4", ver:"3.2.0-1450.69", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2263_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2264_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2264_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2264_1.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -0,0 +1,112 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-2264-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841880");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-01 22:55:02 +0530 (Tue, 01 Jul 2014)");
+  script_cve_id("CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145");
+  script_tag(name:"cvss_base", value:"4.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux USN-2264-1");
+
+  tag_insight = "Salva Peir&#243  discovered an information leak in the Linux
+kernel's media- device driver. A local attacker could exploit this flaw to
+obtain sensitive information from kernel memory. (CVE-2014-1739)
+
+A bounds check error was discovered in the socket filter subsystem of the
+Linux kernel. A local user could exploit this flaw to cause a denial of
+service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)";
+
+  tag_affected = "linux on Ubuntu 13.10";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2264-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002570.html");
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-24-generic", ver:"3.11.0-24.41", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-24-generic-lpae", ver:"3.11.0-24.41", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2264_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Modified: scripts/gather-package-list.nasl
===================================================================
--- scripts/gather-package-list.nasl	2014-07-04 12:15:46 UTC (rev 547)
+++ scripts/gather-package-list.nasl	2014-07-04 13:18:45 UTC (rev 548)
@@ -130,6 +130,7 @@
     "RHENT_4",    "cpe:/o:redhat:enterprise_linux:4",
     "RHENT_5",    "cpe:/o:redhat:enterprise_linux:5",
     "RHENT_6",    "cpe:/o:redhat:enterprise_linux:6",
+    "RHENT_7",    "cpe:/o:redhat:enterprise_linux:7",
 
     # Mandriva/Mandrake
     "MNDK_7.2",     "cpe:/o:mandrakesoft:mandrake_linux:7.2",
@@ -536,6 +537,13 @@
     register_detected_os(os:rls, oskey:"RHENT_6");
     exit(0);
 }
+if(egrep(pattern:"Red Hat Enterprise.*release 7[ .]", string:rls)) {
+    buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};\n'");
+    set_kb_item(name: "ssh/login/rpms", value: ";" + buf);
+    log_message(port:port, data:string("We are able to login and detect that you are running ", rls));
+    register_detected_os(os:rls, oskey:"RHENT_7");
+    exit(0);
+}
 
 if("Mandriva Linux Enterprise Server release 5.0" >< rls) {
     buf = ssh_cmd(socket:sock, cmd:"/bin/rpm -qa --qf '%{NAME}~%{VERSION}~%{RELEASE};'");


Property changes on: scripts/gather-package-list.nasl
___________________________________________________________________
Modified: svn:keywords
   - Revision Date Id
   + Author Revision Date Id



More information about the Openvas-nvts-commits mailing list