[Openvas-nvts-commits] r564 - / scripts/2014

scm-commit at wald.intevation.org scm-commit at wald.intevation.org
Tue Jul 15 11:13:21 CEST 2014


Author: antu123
Date: 2014-07-15 11:13:21 +0200 (Tue, 15 Jul 2014)
New Revision: 564

Modified:
   ChangeLog
   scripts/2014/deb_2964.nasl
   scripts/2014/deb_2969.nasl
   scripts/2014/deb_2972.nasl
   scripts/2014/deb_2974.nasl
   scripts/2014/gb_ms14-039.nasl
   scripts/2014/gb_ms14-040.nasl
   scripts/2014/gb_ms14-041.nasl
   scripts/2014/gb_ms14-042.nasl
   scripts/2014/gb_ubuntu_USN_2253_1.nasl
   scripts/2014/gb_ubuntu_USN_2266_1.nasl
   scripts/2014/gb_ubuntu_USN_2267_1.nasl
   scripts/2014/gb_ubuntu_USN_2268_1.nasl
   scripts/2014/gb_ubuntu_USN_2269_1.nasl
   scripts/2014/gb_ubuntu_USN_2270_1.nasl
   scripts/2014/gb_ubuntu_USN_2271_1.nasl
   scripts/2014/gb_ubuntu_USN_2272_1.nasl
   scripts/2014/gb_ubuntu_USN_2274_1.nasl
Log:
Automatic update of cvss_base_vector, cvss_base, and risk_factor..

Modified: ChangeLog
===================================================================
--- ChangeLog	2014-07-15 06:41:18 UTC (rev 563)
+++ ChangeLog	2014-07-15 09:13:21 UTC (rev 564)
@@ -1,3 +1,32 @@
+2014-07-15 Antu Sanadi <santu at secpod.com>
+
+	Automatic update of cvss_base_vector and subsequently of cvss_base,
+	risk_factor and change of security message level (where necessary).
+
+	The update is based on computing the maximum CVSS base value of all
+	CVEs referenced by a NVT. In case the CVSS base value of the NVT is
+	not identical to the computed maximum, the CVSS base vector of the
+	respective CVE is applied for this NVT and all derived values are
+	changed accordingly.
+
+	* scripts/2014/gb_ubuntu_USN_2269_1.nasl,
+	  scripts/2014/gb_ubuntu_USN_2267_1.nasl,
+	  scripts/2014/gb_ubuntu_USN_2274_1.nasl,
+	  scripts/2014/gb_ms14-040.nasl,
+	  scripts/2014/gb_ubuntu_USN_2268_1.nasl,
+	  scripts/2014/deb_2972.nasl,
+	  scripts/2014/gb_ubuntu_USN_2253_1.nasl,
+	  scripts/2014/gb_ubuntu_USN_2272_1.nasl,
+	  scripts/2014/gb_ubuntu_USN_2270_1.nasl,
+	  scripts/2014/deb_2969.nasl,
+	  scripts/2014/gb_ubuntu_USN_2266_1.nasl,
+	  scripts/2014/gb_ms14-039.nasl,
+	  scripts/2014/deb_2974.nasl,
+	  scripts/2014/deb_2964.nasl,
+	  scripts/2014/gb_ms14-042.nasl,
+	  scripts/2014/gb_ubuntu_USN_2271_1.nasl,
+	  scripts/2014/gb_ms14-041.nasl: Update
+
 2014-07-15 Michael Meyer <michael.meyer at greenbone.net>
 
 	* scripts/ftpserver_detect_type_nd_version.nasl:

Modified: scripts/2014/deb_2964.nasl
===================================================================
--- scripts/2014/deb_2964.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/deb_2964.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -72,9 +72,9 @@
     script_tag(name: "check_type", value:"authenticated package test");
     script_tag(name: "last_modification", value:"$Date$");
     script_tag(name: "creation_date", value:"2014-06-21 00:00:00 +0200 (Sat, 21 Jun 2014)");
-    script_tag(name: "cvss_base", value:"10.0");
-    script_tag(name: "cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
-    script_tag(name: "risk_factor", value:"Critical");
+    script_tag(name:"cvss_base", value:"5.0");
+    script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
+    script_tag(name:"risk_factor", value:"Medium");
 
     script_description(desc);
     script_xref(name: "URL", value: "http://www.debian.org/security/2014/dsa-2964.html");

Modified: scripts/2014/deb_2969.nasl
===================================================================
--- scripts/2014/deb_2969.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/deb_2969.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -75,9 +75,9 @@
     script_tag(name: "check_type", value:"authenticated package test");
     script_tag(name: "last_modification", value:"$Date$");
     script_tag(name: "creation_date", value:"2014-06-27 00:00:00 +0200 (Fri, 27 Jun 2014)");
-    script_tag(name: "cvss_base", value:"10.0");
-    script_tag(name: "cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
-    script_tag(name: "risk_factor", value:"Critical");
+    script_tag(name:"cvss_base", value:"5.0");
+    script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+    script_tag(name:"risk_factor", value:"Medium");
 
     script_description(desc);
     script_xref(name: "URL", value: "http://www.debian.org/security/2014/dsa-2969.html");


Property changes on: scripts/2014/deb_2969.nasl
___________________________________________________________________
Modified: svn:keywords
   - Revision Date Id Author
   + Author Revision Date Id

Modified: scripts/2014/deb_2972.nasl
===================================================================
--- scripts/2014/deb_2972.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/deb_2972.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -67,9 +67,9 @@
     script_tag(name: "check_type", value:"authenticated package test");
     script_tag(name: "last_modification", value:"$Date$");
     script_tag(name: "creation_date", value:"2014-07-06 00:00:00 +0200 (Sun, 06 Jul 2014)");
-    script_tag(name: "cvss_base", value:"10.0");
-    script_tag(name: "cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
-    script_tag(name: "risk_factor", value:"Critical");
+    script_tag(name:"cvss_base", value:"6.9");
+    script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
+    script_tag(name:"risk_factor", value:"High");
 
     script_description(desc);
     script_xref(name: "URL", value: "http://www.debian.org/security/2014/dsa-2972.html");

Modified: scripts/2014/deb_2974.nasl
===================================================================
--- scripts/2014/deb_2974.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/deb_2974.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -105,9 +105,9 @@
     script_tag(name: "check_type", value:"authenticated package test");
     script_tag(name: "last_modification", value:"$Date$");
     script_tag(name: "creation_date", value:"2014-07-08 00:00:00 +0200 (Tue, 08 Jul 2014)");
-    script_tag(name: "cvss_base", value:"10.0");
-    script_tag(name: "cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
-    script_tag(name: "risk_factor", value:"Critical");
+    script_tag(name:"cvss_base", value:"7.5");
+    script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+    script_tag(name:"risk_factor", value:"High");
 
     script_description(desc);
     script_xref(name: "URL", value: "http://www.debian.org/security/2014/dsa-2974.html");


Property changes on: scripts/2014/deb_2974.nasl
___________________________________________________________________
Modified: svn:keywords
   - Revision Date Id Author
   + Author Revision Date Id

Modified: scripts/2014/gb_ms14-039.nasl
===================================================================
--- scripts/2014/gb_ms14-039.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ms14-039.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -32,8 +32,8 @@
   script_version("$Revision$");
   script_cve_id("CVE-2014-2781");
   script_bugtraq_id(68397);
-  script_tag(name:"cvss_base", value:"7.2");
-  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"cvss_base", value:"7.6");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-09 08:30:57 +0530 (Wed, 09 Jul 2014)");

Modified: scripts/2014/gb_ms14-040.nasl
===================================================================
--- scripts/2014/gb_ms14-040.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ms14-040.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -32,8 +32,8 @@
   script_version("$Revision$");
   script_cve_id("CVE-2014-1767");
   script_bugtraq_id(68394);
-  script_tag(name:"cvss_base", value:"6.8");
-  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
+  script_tag(name:"cvss_base", value:"7.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-09 09:19:40 +0530 (Wed, 09 Jul 2014)");

Modified: scripts/2014/gb_ms14-041.nasl
===================================================================
--- scripts/2014/gb_ms14-041.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ms14-041.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -32,8 +32,8 @@
   script_version("$Revision$");
   script_cve_id("CVE-2014-2780");
   script_bugtraq_id(68392);
-  script_tag(name:"cvss_base", value:"6.6");
-  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:S/C:C/I:C/A:C");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-09 08:09:40 +0530 (Wed, 09 Jul 2014)");

Modified: scripts/2014/gb_ms14-042.nasl
===================================================================
--- scripts/2014/gb_ms14-042.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ms14-042.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -32,9 +32,9 @@
   script_version("$Revision$");
   script_cve_id("CVE-2014-2814");
   script_bugtraq_id(68393);
-  script_tag(name:"cvss_base", value:"6.8");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:C");
-  script_tag(name:"risk_factor", value:"High");
+  script_tag(name:"cvss_base", value:"4.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-09 15:14:23 +0530 (Wed, 09 Jul 2014)");
   script_name("Microsoft Windows Service Bus Denial of Service Vulnerability (2972621)");

Modified: scripts/2014/gb_ubuntu_USN_2253_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2253_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2253_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,9 +33,9 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-01 21:33:25 +0530 (Tue, 01 Jul 2014)");
   script_cve_id("CVE-2014-0247");
-  script_tag(name:"cvss_base", value:"6.8");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
-  script_tag(name:"risk_factor", value:"High");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
   script_name("Ubuntu Update for libreoffice USN-2253-1");
 
   tag_insight = "It was discovered that LibreOffice unconditionally executed

Modified: scripts/2014/gb_ubuntu_USN_2266_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2266_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2266_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 16:06:32 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux USN-2266-1");
 

Modified: scripts/2014/gb_ubuntu_USN_2267_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2267_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2267_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 16:10:49 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux-ec2 USN-2267-1");
 

Modified: scripts/2014/gb_ubuntu_USN_2268_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2268_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2268_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 16:04:23 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux USN-2268-1");
 

Modified: scripts/2014/gb_ubuntu_USN_2269_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2269_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2269_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 15:55:47 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux-lts-quantal USN-2269-1");
 

Modified: scripts/2014/gb_ubuntu_USN_2270_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2270_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2270_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 15:53:38 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux-lts-raring USN-2270-1");
 

Modified: scripts/2014/gb_ubuntu_USN_2271_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2271_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2271_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 15:57:55 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux-lts-saucy USN-2271-1");
 

Modified: scripts/2014/gb_ubuntu_USN_2272_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2272_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2272_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 16:02:14 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux-lts-trusty USN-2272-1");
 

Modified: scripts/2014/gb_ubuntu_USN_2274_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2274_1.nasl	2014-07-15 06:41:18 UTC (rev 563)
+++ scripts/2014/gb_ubuntu_USN_2274_1.nasl	2014-07-15 09:13:21 UTC (rev 564)
@@ -33,8 +33,8 @@
   script_tag(name:"last_modification", value:"$Date$");
   script_tag(name:"creation_date", value:"2014-07-07 16:08:40 +0530 (Mon, 07 Jul 2014)");
   script_cve_id("CVE-2014-4699");
-  script_tag(name:"cvss_base", value:"7.5");
-  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"cvss_base", value:"6.9");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
   script_tag(name:"risk_factor", value:"High");
   script_name("Ubuntu Update for linux USN-2274-1");
 



More information about the Openvas-nvts-commits mailing list