[Openvas-nvts-commits] r585 - / scripts/2014

scm-commit at wald.intevation.org scm-commit at wald.intevation.org
Fri Jul 25 16:16:48 CEST 2014


Author: antu123
Date: 2014-07-25 16:16:47 +0200 (Fri, 25 Jul 2014)
New Revision: 585

Added:
   scripts/2014/gb_CESA-2014_0889_java_centos6.nasl
   scripts/2014/gb_CESA-2014_0890_java_centos5.nasl
   scripts/2014/gb_RHSA-2014_0889-01_java-1.7.0-openjdk.nasl
   scripts/2014/gb_RHSA-2014_0890-01_java-1.7.0-openjdk.nasl
   scripts/2014/gb_fedora_2014_7697_dpkg_fc20.nasl
   scripts/2014/gb_fedora_2014_7772_python_fc19.nasl
   scripts/2014/gb_fedora_2014_8035_python3_fc19.nasl
   scripts/2014/gb_fedora_2014_8099_lz4_fc20.nasl
   scripts/2014/gb_fedora_2014_8112_lz4_fc19.nasl
   scripts/2014/gb_fedora_2014_8208_libXfont_fc20.nasl
   scripts/2014/gb_fedora_2014_8218_ocsinventory_fc19.nasl
   scripts/2014/gb_fedora_2014_8227_ocsinventory_fc20.nasl
   scripts/2014/gb_fedora_2014_8331_transmission_fc20.nasl
   scripts/2014/gb_fedora_2014_8351_cups_fc20.nasl
   scripts/2014/gb_fedora_2014_8417_java-1.7.0-openjdk_fc20.nasl
   scripts/2014/gb_fedora_2014_8519_kernel_fc20.nasl
   scripts/2014/gb_suse_2014_0913_1.nasl
   scripts/2014/gb_ubuntu_USN_2277_1.nasl
   scripts/2014/gb_ubuntu_USN_2278_1.nasl
   scripts/2014/gb_ubuntu_USN_2279_1.nasl
   scripts/2014/gb_ubuntu_USN_2280_1.nasl
   scripts/2014/gb_ubuntu_USN_2281_1.nasl
   scripts/2014/gb_ubuntu_USN_2282_1.nasl
   scripts/2014/gb_ubuntu_USN_2283_1.nasl
   scripts/2014/gb_ubuntu_USN_2284_1.nasl
   scripts/2014/gb_ubuntu_USN_2285_1.nasl
   scripts/2014/gb_ubuntu_USN_2286_1.nasl
   scripts/2014/gb_ubuntu_USN_2287_1.nasl
   scripts/2014/gb_ubuntu_USN_2288_1.nasl
   scripts/2014/gb_ubuntu_USN_2289_1.nasl
   scripts/2014/gb_ubuntu_USN_2290_1.nasl
   scripts/2014/gb_ubuntu_USN_2291_1.nasl
   scripts/2014/gb_ubuntu_USN_2292_1.nasl
Modified:
   ChangeLog
Log:
Added new auto generated plugins.

Modified: ChangeLog
===================================================================
--- ChangeLog	2014-07-25 13:44:44 UTC (rev 584)
+++ ChangeLog	2014-07-25 14:16:47 UTC (rev 585)
@@ -1,3 +1,40 @@
+2014-07-25 Antu Sanadi <santu at secpod.com>
+
+	* scripts/2014/gb_CESA-2014_0889_java_centos6.nasl,
+	scripts/2014/gb_CESA-2014_0890_java_centos5.nasl,
+	scripts/2014/gb_fedora_2014_7697_dpkg_fc20.nasl,
+	scripts/2014/gb_fedora_2014_7772_python_fc19.nasl,
+	scripts/2014/gb_fedora_2014_8035_python3_fc19.nasl,
+	scripts/2014/gb_fedora_2014_8099_lz4_fc20.nasl,
+	scripts/2014/gb_fedora_2014_8112_lz4_fc19.nasl,
+	scripts/2014/gb_fedora_2014_8208_libXfont_fc20.nasl,
+	scripts/2014/gb_fedora_2014_8218_ocsinventory_fc19.nasl,
+	scripts/2014/gb_fedora_2014_8227_ocsinventory_fc20.nasl,
+	scripts/2014/gb_fedora_2014_8331_transmission_fc20.nasl,
+	scripts/2014/gb_fedora_2014_8351_cups_fc20.nasl,
+	scripts/2014/gb_fedora_2014_8417_java-1.7.0-openjdk_fc20.nasl,
+	scripts/2014/gb_fedora_2014_8519_kernel_fc20.nasl,
+	scripts/2014/gb_RHSA-2014_0889-01_java-1.7.0-openjdk.nasl,
+	scripts/2014/gb_RHSA-2014_0890-01_java-1.7.0-openjdk.nasl,
+	scripts/2014/gb_suse_2014_0913_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2277_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2278_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2279_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2280_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2281_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2282_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2283_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2284_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2285_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2286_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2287_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2288_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2289_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2290_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2291_1.nasl,
+	scripts/2014/gb_ubuntu_USN_2292_1.nasl:
+	Added new auto generated plugins.
+
 2014-07-25 Veerendra G.G <veerendragg at secpod.com>
 
 	* scripts/mantis_detect.nasl:

Added: scripts/2014/gb_CESA-2014_0889_java_centos6.nasl
===================================================================
--- scripts/2014/gb_CESA-2014_0889_java_centos6.nasl	                        (rev 0)
+++ scripts/2014/gb_CESA-2014_0889_java_centos6.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,167 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for java CESA-2014:0889 centos6 
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.881963");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 14:56:24 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-2483", "CVE-2014-2490", "CVE-2014-4209", "CVE-2014-4216",
+                "CVE-2014-4218", "CVE-2014-4219", "CVE-2014-4221", "CVE-2014-4223",
+                "CVE-2014-4244", "CVE-2014-4252", "CVE-2014-4262", "CVE-2014-4263",
+                "CVE-2014-4266");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("CentOS Update for java CESA-2014:0889 centos6 ");
+
+  tag_insight = "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java
+Runtime Environment and the OpenJDK 7 Java Software Development Kit.
+
+It was discovered that the Hotspot component in OpenJDK did not properly
+verify bytecode from the class files. An untrusted Java application or
+applet could possibly use these flaws to bypass Java sandbox restrictions.
+(CVE-2014-4216, CVE-2014-4219)
+
+A format string flaw was discovered in the Hotspot component event logger
+in OpenJDK. An untrusted Java application or applet could use this flaw to
+crash the Java Virtual Machine or, potentially, execute arbitrary code with
+the privileges of the Java Virtual Machine. (CVE-2014-2490)
+
+Multiple improper permission check issues were discovered in the Libraries
+component in OpenJDK. An untrusted Java application or applet could use
+these flaws to bypass Java sandbox restrictions. (CVE-2014-4223,
+CVE-2014-4262, CVE-2014-2483)
+
+Multiple flaws were discovered in the JMX, Libraries, Security, and
+Serviceability components in OpenJDK. An untrusted Java application or
+applet could use these flaws to bypass certain Java sandbox restrictions.
+(CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266)
+
+It was discovered that the RSA algorithm in the Security component in
+OpenJDK did not sufficiently perform blinding while performing operations
+that were using private keys. An attacker able to measure timing
+differences of those operations could possibly leak information about the
+used keys. (CVE-2014-4244)
+
+The Diffie-Hellman (DH) key exchange algorithm implementation in the
+Security component in OpenJDK failed to validate public DH parameters
+properly. This could cause OpenJDK to accept and use weak parameters,
+allowing an attacker to recover the negotiated key. (CVE-2014-4263)
+
+The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat
+Product Security.
+
+Note: If the web browser plug-in provided by the icedtea-web package was
+installed, the issues exposed via Java applets could have been exploited
+without user interaction if a user visited a malicious website.
+
+All users of java-1.7.0-openjdk are advised to upgrade to these updated
+packages, which resolve these issues. All running instances of OpenJDK Java
+must be restarted for the update to take effect.
+";
+
+  tag_affected = "java on CentOS 6";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "CESA", value: "2014:0889");
+  script_xref(name: "URL" , value: "http://lists.centos.org/pipermail/centos-announce/2014-July/020413.html");
+  script_summary("Check for the Version of java");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:centos:centos", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS6")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.65~2.5.1.2.el6_5", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-demo", rpm:"java-1.7.0-openjdk-demo~1.7.0.65~2.5.1.2.el6_5", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-devel", rpm:"java-1.7.0-openjdk-devel~1.7.0.65~2.5.1.2.el6_5", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-javadoc", rpm:"java-1.7.0-openjdk-javadoc~1.7.0.65~2.5.1.2.el6_5", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-src", rpm:"java-1.7.0-openjdk-src~1.7.0.65~2.5.1.2.el6_5", rls:"CentOS6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_CESA-2014_0889_java_centos6.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_CESA-2014_0890_java_centos5.nasl
===================================================================
--- scripts/2014/gb_CESA-2014_0890_java_centos5.nasl	                        (rev 0)
+++ scripts/2014/gb_CESA-2014_0890_java_centos5.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,163 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# CentOS Update for java CESA-2014:0890 centos5 
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.881962");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 14:28:16 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-2483", "CVE-2014-2490", "CVE-2014-4209", "CVE-2014-4216",
+                "CVE-2014-4218", "CVE-2014-4219", "CVE-2014-4221", "CVE-2014-4223",
+                "CVE-2014-4244", "CVE-2014-4252", "CVE-2014-4262", "CVE-2014-4263",
+                "CVE-2014-4266");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("CentOS Update for java CESA-2014:0890 centos5");
+
+  tag_insight = "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java
+Runtime Environment and the OpenJDK 7 Java Software Development Kit.
+
+It was discovered that the Hotspot component in OpenJDK did not properly
+verify bytecode from the class files. An untrusted Java application or
+applet could possibly use these flaws to bypass Java sandbox restrictions.
+(CVE-2014-4216, CVE-2014-4219)
+
+A format string flaw was discovered in the Hotspot component event logger
+in OpenJDK. An untrusted Java application or applet could use this flaw to
+crash the Java Virtual Machine or, potentially, execute arbitrary code with
+the privileges of the Java Virtual Machine. (CVE-2014-2490)
+
+Multiple improper permission check issues were discovered in the Libraries
+component in OpenJDK. An untrusted Java application or applet could use
+these flaws to bypass Java sandbox restrictions. (CVE-2014-4223,
+CVE-2014-4262, CVE-2014-2483)
+
+Multiple flaws were discovered in the JMX, Libraries, Security, and
+Serviceability components in OpenJDK. An untrusted Java application or
+applet could use these flaws to bypass certain Java sandbox restrictions.
+(CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266)
+
+It was discovered that the RSA algorithm in the Security component in
+OpenJDK did not sufficiently perform blinding while performing operations
+that were using private keys. An attacker able to measure timing
+differences of those operations could possibly leak information about the
+used keys. (CVE-2014-4244)
+
+The Diffie-Hellman (DH) key exchange algorithm implementation in the
+Security component in OpenJDK failed to validate public DH parameters
+properly. This could cause OpenJDK to accept and use weak parameters,
+allowing an attacker to recover the negotiated key. (CVE-2014-4263)
+
+The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat
+Product Security.
+
+All users of java-1.7.0-openjdk are advised to upgrade to these updated
+packages, which resolve these issues. All running instances of OpenJDK Java
+must be restarted for the update to take effect.
+";
+
+  tag_affected = "java on CentOS 5";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "CESA", value: "2014:0890");
+  script_xref(name: "URL" , value: "http://lists.centos.org/pipermail/centos-announce/2014-July/020414.html");
+  script_summary("Check for the Version of java");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("CentOS Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:centos:centos", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "CentOS5")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.65~2.5.1.2.el5_10", rls:"CentOS5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-demo", rpm:"java-1.7.0-openjdk-demo~1.7.0.65~2.5.1.2.el5_10", rls:"CentOS5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-devel", rpm:"java-1.7.0-openjdk-devel~1.7.0.65~2.5.1.2.el5_10", rls:"CentOS5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-javadoc", rpm:"java-1.7.0-openjdk-javadoc~1.7.0.65~2.5.1.2.el5_10", rls:"CentOS5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-src", rpm:"java-1.7.0-openjdk-src~1.7.0.65~2.5.1.2.el5_10", rls:"CentOS5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_CESA-2014_0890_java_centos5.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0889-01_java-1.7.0-openjdk.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0889-01_java-1.7.0-openjdk.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0889-01_java-1.7.0-openjdk.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,196 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for java-1.7.0-openjdk RHSA-2014:0889-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871202");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 19:20:22 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-2483", "CVE-2014-2490", "CVE-2014-4209", "CVE-2014-4216",
+                "CVE-2014-4218", "CVE-2014-4219", "CVE-2014-4221", "CVE-2014-4223",
+                "CVE-2014-4244", "CVE-2014-4252", "CVE-2014-4262", "CVE-2014-4263",
+                "CVE-2014-4266");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("RedHat Update for java-1.7.0-openjdk RHSA-2014:0889-01");
+
+  tag_insight = "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
+Environment and the OpenJDK 7 Java Software Development Kit.
+
+It was discovered that the Hotspot component in OpenJDK did not properly
+verify bytecode from the class files. An untrusted Java application or
+applet could possibly use these flaws to bypass Java sandbox restrictions.
+(CVE-2014-4216, CVE-2014-4219)
+
+A format string flaw was discovered in the Hotspot component event logger
+in OpenJDK. An untrusted Java application or applet could use this flaw to
+crash the Java Virtual Machine or, potentially, execute arbitrary code with
+the privileges of the Java Virtual Machine. (CVE-2014-2490)
+
+Multiple improper permission check issues were discovered in the Libraries
+component in OpenJDK. An untrusted Java application or applet could use
+these flaws to bypass Java sandbox restrictions. (CVE-2014-4223,
+CVE-2014-4262, CVE-2014-2483)
+
+Multiple flaws were discovered in the JMX, Libraries, Security, and
+Serviceability components in OpenJDK. An untrusted Java application or
+applet could use these flaws to bypass certain Java sandbox restrictions.
+(CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266)
+
+It was discovered that the RSA algorithm in the Security component in
+OpenJDK did not sufficiently perform blinding while performing operations
+that were using private keys. An attacker able to measure timing
+differences of those operations could possibly leak information about the
+used keys. (CVE-2014-4244)
+
+The Diffie-Hellman (DH) key exchange algorithm implementation in the
+Security component in OpenJDK failed to validate public DH parameters
+properly. This could cause OpenJDK to accept and use weak parameters,
+allowing an attacker to recover the negotiated key. (CVE-2014-4263)
+
+The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat
+Product Security.
+
+Note: If the web browser plug-in provided by the icedtea-web package was
+installed, the issues exposed via Java applets could have been exploited
+without user interaction if a user visited a malicious website.
+
+All users of java-1.7.0-openjdk are advised to upgrade to these updated
+packages, which resolve these issues. All running instances of OpenJDK Java
+must be restarted for the update to take effect.
+";
+
+  tag_affected = "java-1.7.0-openjdk on Red Hat Enterprise Linux Desktop (v. 6),
+  Red Hat Enterprise Linux Server (v. 6),
+  Red Hat Enterprise Linux Server (v. 7),
+  Red Hat Enterprise Linux Workstation (v. 6)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0889-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-July/msg00028.html");
+  script_summary("Check for the Version of java-1.7.0-openjdk");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_7")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.65~2.5.1.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-debuginfo", rpm:"java-1.7.0-openjdk-debuginfo~1.7.0.65~2.5.1.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-devel", rpm:"java-1.7.0-openjdk-devel~1.7.0.65~2.5.1.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-headless", rpm:"java-1.7.0-openjdk-headless~1.7.0.65~2.5.1.2.el7_0", rls:"RHENT_7")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "RHENT_6")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.65~2.5.1.2.el6_5", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-debuginfo", rpm:"java-1.7.0-openjdk-debuginfo~1.7.0.65~2.5.1.2.el6_5", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-devel", rpm:"java-1.7.0-openjdk-devel~1.7.0.65~2.5.1.2.el6_5", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-javadoc", rpm:"java-1.7.0-openjdk-javadoc~1.7.0.65~2.5.1.2.el6_5", rls:"RHENT_6")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0889-01_java-1.7.0-openjdk.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_RHSA-2014_0890-01_java-1.7.0-openjdk.nasl
===================================================================
--- scripts/2014/gb_RHSA-2014_0890-01_java-1.7.0-openjdk.nasl	                        (rev 0)
+++ scripts/2014/gb_RHSA-2014_0890-01_java-1.7.0-openjdk.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,169 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# RedHat Update for java-1.7.0-openjdk RHSA-2014:0890-01
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.871201");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 18:52:17 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-2483", "CVE-2014-2490", "CVE-2014-4209", "CVE-2014-4216",
+                "CVE-2014-4218", "CVE-2014-4219", "CVE-2014-4221", "CVE-2014-4223",
+                "CVE-2014-4244", "CVE-2014-4252", "CVE-2014-4262", "CVE-2014-4263",
+                "CVE-2014-4266");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("RedHat Update for java-1.7.0-openjdk RHSA-2014:0890-01");
+
+  tag_insight = "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
+Environment and the OpenJDK 7 Java Software Development Kit.
+
+It was discovered that the Hotspot component in OpenJDK did not properly
+verify bytecode from the class files. An untrusted Java application or
+applet could possibly use these flaws to bypass Java sandbox restrictions.
+(CVE-2014-4216, CVE-2014-4219)
+
+A format string flaw was discovered in the Hotspot component event logger
+in OpenJDK. An untrusted Java application or applet could use this flaw to
+crash the Java Virtual Machine or, potentially, execute arbitrary code with
+the privileges of the Java Virtual Machine. (CVE-2014-2490)
+
+Multiple improper permission check issues were discovered in the Libraries
+component in OpenJDK. An untrusted Java application or applet could use
+these flaws to bypass Java sandbox restrictions. (CVE-2014-4223,
+CVE-2014-4262, CVE-2014-2483)
+
+Multiple flaws were discovered in the JMX, Libraries, Security, and
+Serviceability components in OpenJDK. An untrusted Java application or
+applet could use these flaws to bypass certain Java sandbox restrictions.
+(CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266)
+
+It was discovered that the RSA algorithm in the Security component in
+OpenJDK did not sufficiently perform blinding while performing operations
+that were using private keys. An attacker able to measure timing
+differences of those operations could possibly leak information about the
+used keys. (CVE-2014-4244)
+
+The Diffie-Hellman (DH) key exchange algorithm implementation in the
+Security component in OpenJDK failed to validate public DH parameters
+properly. This could cause OpenJDK to accept and use weak parameters,
+allowing an attacker to recover the negotiated key. (CVE-2014-4263)
+
+The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat
+Product Security.
+
+All users of java-1.7.0-openjdk are advised to upgrade to these updated
+packages, which resolve these issues. All running instances of OpenJDK Java
+must be restarted for the update to take effect.
+";
+
+  tag_affected = "java-1.7.0-openjdk on Red Hat Enterprise Linux (v. 5 server)";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "RHSA", value: "2014:0890-01");
+  script_xref(name: "URL" , value: "https://www.redhat.com/archives/rhsa-announce/2014-July/msg00027.html");
+  script_summary("Check for the Version of java-1.7.0-openjdk");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Red Hat Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:redhat:enterprise_linux", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "RHENT_5")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.65~2.5.1.2.el5_10", rls:"RHENT_5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-debuginfo", rpm:"java-1.7.0-openjdk-debuginfo~1.7.0.65~2.5.1.2.el5_10", rls:"RHENT_5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-demo", rpm:"java-1.7.0-openjdk-demo~1.7.0.65~2.5.1.2.el5_10", rls:"RHENT_5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-devel", rpm:"java-1.7.0-openjdk-devel~1.7.0.65~2.5.1.2.el5_10", rls:"RHENT_5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-javadoc", rpm:"java-1.7.0-openjdk-javadoc~1.7.0.65~2.5.1.2.el5_10", rls:"RHENT_5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk-src", rpm:"java-1.7.0-openjdk-src~1.7.0.65~2.5.1.2.el5_10", rls:"RHENT_5")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_RHSA-2014_0890-01_java-1.7.0-openjdk.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7697_dpkg_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7697_dpkg_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7697_dpkg_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,107 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for dpkg FEDORA-2014-7697
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867985");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:47:29 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-3864", "CVE-2014-3865", "CVE-2014-0471");
+  script_tag(name:"cvss_base", value:"6.4");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for dpkg FEDORA-2014-7697");
+
+  tag_insight = "This package contains the tools (including dpkg-source) required
+to unpack, build and upload Debian source packages.
+
+This package also contains the programs dpkg which used to handle the
+installation and removal of packages on a Debian system.
+
+This package also contains dselect, an interface for managing the
+installation and removal of packages on the system.
+
+dpkg and dselect will certainly be non-functional on a rpm-based system
+because packages dependencies will likely be unmet.
+";
+
+  tag_affected = "dpkg on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7697");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135616.html");
+  script_summary("Check for the Version of dpkg");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"dpkg", rpm:"dpkg~1.16.15~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_7697_dpkg_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_7772_python_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_7772_python_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_7772_python_fc19.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,112 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for python FEDORA-2014-7772
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867987");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 14:23:39 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4616", "CVE-2013-4238");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for python FEDORA-2014-7772");
+
+  tag_insight = "Python is an interpreted, interactive, object-oriented programming
+language often compared to Tcl, Perl, Scheme or Java. Python includes
+modules, classes, exceptions, very high level dynamic data types and
+dynamic typing. Python supports interfaces to many system calls and
+libraries, as well as to various windowing systems (X11, Motif, Tk,
+Mac and MFC).
+
+Programmers can write new built-in modules for Python in C or C++.
+Python can be used as an extension language for applications that need
+a programmable interface.
+
+Note that documentation for Python is provided in the python-docs
+package.
+
+This package provides the 'python' executable  most of the actual
+implementation is within the 'python-libs' package.
+";
+
+  tag_affected = "python on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-7772");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135433.html");
+  script_summary("Check for the Version of python");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"python", rpm:"python~2.7.5~13.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_fedora_2014_7772_python_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8035_python3_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8035_python3_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8035_python3_fc19.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,100 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for python3 FEDORA-2014-8035
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867978");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:28:02 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4616", "CVE-2013-4238");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for python3 FEDORA-2014-8035");
+
+  tag_insight = "Python 3 is a new version of the language that is incompatible with the 2.x
+line of releases. The language is mostly the same, but many details, especially
+how built-in objects like dictionaries and strings work, have changed
+considerably, and a lot of deprecated features have finally been removed.
+";
+
+  tag_affected = "python3 on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8035");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135423.html");
+  script_summary("Check for the Version of python3");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"python3", rpm:"python3~3.3.2~9.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_fedora_2014_8035_python3_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8099_lz4_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8099_lz4_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8099_lz4_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,99 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for lz4 FEDORA-2014-8099
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867988");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 14:27:57 +0530 (Mon, 21 Jul 2014)");
+  script_tag(name:"cvss_base", value:"4.1");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:S/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for lz4 FEDORA-2014-8099");
+
+  tag_insight = "LZ4 is an extremely fast loss-less compression algorithm, providing compression
+speed at 400 MB/s per core, scalable with multi-core CPU. It also features
+an extremely fast decoder, with speed in multiple GB/s per core, typically
+reaching RAM speed limits on multi-core systems.
+";
+
+  tag_affected = "lz4 on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8099");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135477.html");
+  script_summary("Check for the Version of lz4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"lz4-r119", rpm:"lz4-r119~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8099_lz4_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8112_lz4_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8112_lz4_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8112_lz4_fc19.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,99 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for lz4 FEDORA-2014-8112
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867981");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:36:41 +0530 (Mon, 21 Jul 2014)");
+  script_tag(name:"cvss_base", value:"4.1");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:S/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for lz4 FEDORA-2014-8112");
+
+  tag_insight = "LZ4 is an extremely fast loss-less compression algorithm, providing compression
+speed at 400 MB/s per core, scalable with multi-core CPU. It also features
+an extremely fast decoder, with speed in multiple GB/s per core, typically
+reaching RAM speed limits on multi-core systems.
+";
+
+  tag_affected = "lz4 on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8112");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135464.html");
+  script_summary("Check for the Version of lz4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"lz4-r119", rpm:"lz4-r119~1.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8112_lz4_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8208_libXfont_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8208_libXfont_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8208_libXfont_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,97 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for libXfont FEDORA-2014-8208
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867982");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:36:41 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-0209", "CVE-2014-0210", "CVE-2014-0211", "CVE-2013-6462");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Fedora Update for libXfont FEDORA-2014-8208");
+
+  tag_insight = "X.Org X11 libXfont runtime library
+";
+
+  tag_affected = "libXfont on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8208");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135401.html");
+  script_summary("Check for the Version of libXfont");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"libXfont", rpm:"libXfont~1.4.8~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8208_libXfont_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8218_ocsinventory_fc19.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8218_ocsinventory_fc19.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8218_ocsinventory_fc19.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,107 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for ocsinventory FEDORA-2014-8218
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867977");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:25:52 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4722");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for ocsinventory FEDORA-2014-8218");
+
+  tag_insight = "Open Computer and Software Inventory Next Generation is an application
+designed to help a network or system administrator keep track of the
+computers configuration and software that are installed on the network.
+
+OCS Inventory is also able to detect all active devices on your network,
+such as switch, router, network printer and unattended devices.
+
+OCS Inventory NG includes package deployment feature on client computers.
+
+ocsinventory is a meta-package that will install the communication server,
+the administration console and the database server (MySQL).
+";
+
+  tag_affected = "ocsinventory on Fedora 19";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8218");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135546.html");
+  script_summary("Check for the Version of ocsinventory");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC19")
+{
+
+  if ((res = isrpmvuln(pkg:"ocsinventory", rpm:"ocsinventory~2.0.5~8.fc19", rls:"FC19")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8218_ocsinventory_fc19.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8227_ocsinventory_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8227_ocsinventory_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8227_ocsinventory_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,107 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for ocsinventory FEDORA-2014-8227
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867979");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:32:23 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4722");
+  script_tag(name:"cvss_base", value:"4.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Fedora Update for ocsinventory FEDORA-2014-8227");
+
+  tag_insight = "Open Computer and Software Inventory Next Generation is an application
+designed to help a network or system administrator keep track of the
+computers configuration and software that are installed on the network.
+
+OCS Inventory is also able to detect all active devices on your network,
+such as switch, router, network printer and unattended devices.
+
+OCS Inventory NG includes package deployment feature on client computers.
+
+ocsinventory is a meta-package that will install the communication server,
+the administration console and the database server (MySQL).
+";
+
+  tag_affected = "ocsinventory on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8227");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135525.html");
+  script_summary("Check for the Version of ocsinventory");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"ocsinventory", rpm:"ocsinventory~2.0.5~8.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8227_ocsinventory_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8331_transmission_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8331_transmission_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8331_transmission_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,99 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for transmission FEDORA-2014-8331
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867984");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:45:21 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4909");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for transmission FEDORA-2014-8331");
+
+  tag_insight = "Transmission is a free, lightweight BitTorrent client. It features a
+simple, intuitive interface on top on an efficient, cross-platform
+back-end.
+";
+
+  tag_affected = "transmission on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8331");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135539.html");
+  script_summary("Check for the Version of transmission");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"transmission", rpm:"transmission~2.84~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8331_transmission_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8351_cups_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8351_cups_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8351_cups_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,100 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for cups FEDORA-2014-8351
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867980");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:34:32 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-3537");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Fedora Update for cups FEDORA-2014-8351");
+
+  tag_insight = "CUPS printing system provides a portable printing layer for
+UNIX operating systems. It has been developed by Apple Inc.
+to promote a standard printing solution for all UNIX vendors and users.
+CUPS provides the System V and Berkeley command-line interfaces.
+";
+
+  tag_affected = "cups on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8351");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html");
+  script_summary("Check for the Version of cups");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.7.4~1.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8351_cups_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8417_java-1.7.0-openjdk_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8417_java-1.7.0-openjdk_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8417_java-1.7.0-openjdk_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,96 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for java-1.7.0-openjdk FEDORA-2014-8417
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867983");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:45:21 +0530 (Mon, 21 Jul 2014)");
+  script_tag(name:"cvss_base", value:"9.3");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Fedora Update for java-1.7.0-openjdk FEDORA-2014-8417");
+
+  tag_insight = "The OpenJDK runtime environment.
+";
+
+  tag_affected = "java-1.7.0-openjdk on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8417");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135489.html");
+  script_summary("Check for the Version of java-1.7.0-openjdk");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.65~2.5.1.2.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8417_java-1.7.0-openjdk_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_fedora_2014_8519_kernel_fc20.nasl
===================================================================
--- scripts/2014/gb_fedora_2014_8519_kernel_fc20.nasl	                        (rev 0)
+++ scripts/2014/gb_fedora_2014_8519_kernel_fc20.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,109 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Fedora Update for kernel FEDORA-2014-8519
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.867986");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 12:54:12 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-4715", "CVE-2014-4699", "CVE-2014-0206",
+                "CVE-2014-4508", "CVE-2014-4014", "CVE-2014-3153", "CVE-2014-3940",
+                "CVE-2014-3917", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-1738",
+                "CVE-2014-1737", "CVE-2014-0181", "CVE-2014-0196", "CVE-2014-3122",
+                "CVE-2014-2851", "CVE-2014-0155", "CVE-2014-2678", "CVE-2014-2580",
+                "CVE-2014-0077", "CVE-2014-0055", "CVE-2014-2568", "CVE-2014-0131",
+                "CVE-2014-2523", "CVE-2014-2309", "CVE-2014-0100", "CVE-2014-0101",
+                "CVE-2014-0049", "CVE-2014-0102", "CVE-2014-2039", "CVE-2014-0069",
+                "CVE-2014-1874", "CVE-2014-1446", "CVE-2014-1438", "CVE-2013-4579",
+                "CVE-2013-4587", "CVE-2013-6376", "CVE-2013-6368", "CVE-2013-6367");
+  script_tag(name:"cvss_base", value:"10.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Fedora Update for kernel FEDORA-2014-8519");
+
+  tag_insight = "The kernel package contains the Linux kernel (vmlinuz), the core of any
+Linux operating system.  The kernel handles the basic functions
+of the operating system: memory allocation, process allocation, device
+input and output, etc.
+";
+
+  tag_affected = "kernel on Fedora 20";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "FEDORA", value: "2014-8519");
+  script_xref(name: "URL" , value: "https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135630.html");
+  script_summary("Check for the Version of kernel");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Fedora Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:fedoraproject:fedora", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "FC20")
+{
+
+  if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~3.15.6~200.fc20", rls:"FC20")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_fedora_2014_8519_kernel_fc20.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_suse_2014_0913_1.nasl
===================================================================
--- scripts/2014/gb_suse_2014_0913_1.nasl	                        (rev 0)
+++ scripts/2014/gb_suse_2014_0913_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,111 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# SuSE Update for flash-player openSUSE-SU-2014:0913-1 (flash-player)
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.850596");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 16:18:04 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-0537", "CVE-2014-0539", "CVE-2014-4671");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("SuSE Update for flash-player openSUSE-SU-2014:0913-1 (flash-player)");
+
+  tag_insight = "
+  - Security update to 11.2.202.394 (bnc#886472):
+  * APSB14-17, CVE-2014-0537, CVE-2014-0539, CVE-2014-4671
+  - License update (LICENSE -  Flash%20Player_14.0.pdf).";
+
+  tag_affected = "flash-player on openSUSE 11.4";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "openSUSE-SU", value: "2014:0913_1");
+  script_xref(name: "URL" , value: "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00017.html");
+  script_summary("Check for the Version of flash-player");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("SuSE Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("HostDetails/OS/cpe:/o:novell:opensuse", "login/SSH/success", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-rpm.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "openSUSE11.4")
+{
+
+  if ((res = isrpmvuln(pkg:"flash-player", rpm:"flash-player~11.2.202.394~119.1", rls:"openSUSE11.4")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"flash-player-gnome", rpm:"flash-player-gnome~11.2.202.394~119.1", rls:"openSUSE11.4")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isrpmvuln(pkg:"flash-player-kde4", rpm:"flash-player-kde4~11.2.202.394~119.1", rls:"openSUSE11.4")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
\ No newline at end of file


Property changes on: scripts/2014/gb_suse_2014_0913_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2277_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2277_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2277_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,126 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for libav USN-2277-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841895");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 16:49:06 +0530 (Mon, 21 Jul 2014)");
+  script_tag(name:"cvss_base", value:"9.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Ubuntu Update for libav USN-2277-1");
+
+  tag_insight = "It was discovered that Libav incorrectly handled certain
+malformed media files. If a user were tricked into opening a crafted media
+file, an attacker could cause a denial of service via application crash, or
+possibly execute arbitrary code with the privileges of the user invoking the
+program.";
+
+  tag_affected = "libav on Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2277-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002583.html");
+  script_summary("Check for the Version of libav");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libavcodec53", ver:"4:0.8.13-0ubuntu0.12.04.1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"libavformat53", ver:"4:0.8.13-0ubuntu0.12.04.1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"libavcodec53:i386", ver:"6:0.8.13-0ubuntu0.13.10.1", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"libavformat53:i386", ver:"6:0.8.13-0ubuntu0.13.10.1", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2277_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2278_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2278_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2278_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,179 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for file USN-2278-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841901");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 17:22:02 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2013-7345", "CVE-2014-0207", "CVE-2014-3478", "CVE-2014-3479",
+                "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3538");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for file USN-2278-1");
+
+  tag_insight = "Mike Frysinger discovered that the file awk script detector
+used multiple wildcard with unlimited repetitions. An attacker could use this
+issue to cause file to consume resources, resulting in a denial of service.
+(CVE-2013-7345)
+
+Francisco Alonso discovered that file incorrectly handled certain CDF
+documents. A attacker could use this issue to cause file to hang or crash,
+resulting in a denial of service. (CVE-2014-0207, CVE-2014-3478,
+CVE-2014-3479, CVE-2014-3480, CVE-2014-3487)
+
+Jan Kalu&#382 a discovered that file did not properly restrict the amount of
+data read during regex searches. An attacker could use this issue to
+cause file to consume resources, resulting in a denial of service.
+(CVE-2014-3538)";
+
+  tag_affected = "file on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS ,
+  Ubuntu 10.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2278-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002584.html");
+  script_summary("Check for the Version of file");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"file", ver:"1:5.14-2ubuntu3.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"libmagic1:i386", ver:"1:5.14-2ubuntu3.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"file", ver:"5.09-2ubuntu0.4", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"libmagic1", ver:"5.09-2ubuntu0.4", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"file", ver:"5.03-5ubuntu1.3", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"libmagic1", ver:"5.03-5ubuntu1.3", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"file", ver:"5.11-2ubuntu4.3", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"libmagic1:i386", ver:"5.11-2ubuntu4.3", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2278_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2279_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2279_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2279_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,128 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for transmission USN-2279-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841898");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 17:11:11 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4909");
+  script_tag(name:"cvss_base", value:"9.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"Critical");
+  script_name("Ubuntu Update for transmission USN-2279-1");
+
+  tag_insight = "Ben Hawkes discovered that Transmission incorrectly handled
+certain peer messages. A remote attacker could use this issue to cause a denial
+of service, or possibly execute arbitrary code.";
+
+  tag_affected = "transmission on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2279-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002585.html");
+  script_summary("Check for the Version of transmission");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"transmission-common", ver:"2.82-1.1ubuntu3.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"transmission-common", ver:"2.51-0ubuntu1.4", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"transmission-common", ver:"2.82-0ubuntu1.1", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2279_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2280_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2280_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2280_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,128 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for miniupnpc USN-2280-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841900");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 17:19:53 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-3985");
+  script_tag(name:"cvss_base", value:"7.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for miniupnpc USN-2280-1");
+
+  tag_insight = "It was discovered that MiniUPnPc incorrectly handled certain
+buffer lengths. A remote attacker could possibly use this issue to cause
+applications using MiniUPnPc to crash, resulting in a denial of service.";
+
+  tag_affected = "miniupnpc on Ubuntu 14.04 LTS ,
+  Ubuntu 13.10 ,
+  Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2280-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002586.html");
+  script_summary("Check for the Version of miniupnpc");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libminiupnpc8", ver:"1.6-3ubuntu2.14.04.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"libminiupnpc8", ver:"1.6-3ubuntu1.1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"libminiupnpc8", ver:"1.6-3ubuntu2.13.10.1", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2280_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2281_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2281_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2281_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,108 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ec2 USN-2281-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841896");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 16:49:06 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-3917", "CVE-2014-4608");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux-ec2 USN-2281-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+A flaw was discovered in the Linux kernel's audit subsystem when auditing
+certain syscalls. A local attacker could exploit this flaw to obtain
+potentially sensitive single-bit values from kernel memory or cause a
+denial of service (OOPS). (CVE-2014-3917)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)";
+
+  tag_affected = "linux-ec2 on Ubuntu 10.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2281-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002587.html");
+  script_summary("Check for the Version of linux-ec2");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-368-ec2", ver:"2.6.32-368.84", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2281_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2282_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2282_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2282_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,186 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-2282-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841892");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 16:25:09 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-3917", "CVE-2014-4608");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux USN-2282-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+A flaw was discovered in the Linux kernel's audit subsystem when auditing
+certain syscalls. A local attacker could exploit this flaw to obtain
+potentially sensitive single-bit values from kernel memory or cause a
+denial of service (OOPS). (CVE-2014-3917)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)";
+
+  tag_affected = "linux on Ubuntu 10.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2282-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002588.html");
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU10.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-386", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-generic", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-generic-pae", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-ia64", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-lpia", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-powerpc", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-powerpc-smp", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-powerpc64-smp", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-preempt", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-server", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-sparc64", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-sparc64-smp", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-versatile", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-64-virtual", ver:"2.6.32-64.128", rls:"UBUNTU10.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2282_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2283_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2283_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2283_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,144 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-2283-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841899");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 17:13:19 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-0131", "CVE-2014-4608");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux USN-2283-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Michael S. Tsirkin discovered an information leak in the Linux kernel's
+segmentation of skbs when using the zerocopy feature of vhost-net. A local
+attacker could exploit this flaw to gain potentially sensitive information
+from kernel memory. (CVE-2014-0131)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)";
+
+  tag_affected = "linux on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2283-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002589.html");
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-67-generic", ver:"3.2.0-67.101", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-67-generic-pae", ver:"3.2.0-67.101", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-67-highbank", ver:"3.2.0-67.101", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-67-omap", ver:"3.2.0-67.101", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-67-powerpc-smp", ver:"3.2.0-67.101", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-67-powerpc64-smp", ver:"3.2.0-67.101", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-67-virtual", ver:"3.2.0-67.101", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2283_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2284_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2284_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2284_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,108 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-ti-omap4 USN-2284-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841904");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 18:03:43 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-0131", "CVE-2014-4608");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux-ti-omap4 USN-2284-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Michael S. Tsirkin discovered an information leak in the Linux kernel's
+segmentation of skbs when using the zerocopy feature of vhost-net. A local
+attacker could exploit this flaw to gain potentially sensitive information
+from kernel memory. (CVE-2014-0131)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)";
+
+  tag_affected = "linux-ti-omap4 on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2284-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002590.html");
+  script_summary("Check for the Version of linux-ti-omap4");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.2.0-1451-omap4", ver:"3.2.0-1451.71", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2284_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2285_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2285_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2285_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,128 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-quantal USN-2285-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841893");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 16:31:40 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-0131", "CVE-2014-1739", "CVE-2014-3917",
+                "CVE-2014-4014", "CVE-2014-4027", "CVE-2014-4608");
+  script_tag(name:"cvss_base", value:"6.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for linux-lts-quantal USN-2285-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Michael S. Tsirkin discovered an information leak in the Linux kernel's
+segmentation of skbs when using the zerocopy feature of vhost-net. A local
+attacker could exploit this flaw to gain potentially sensitive information
+from kernel memory. (CVE-2014-0131)
+
+Salva Peir&#243  discovered an information leak in the Linux kernel's media-
+device driver. A local attacker could exploit this flaw to obtain sensitive
+information from kernel memory. (CVE-2014-1739)
+
+A flaw was discovered in the Linux kernel's audit subsystem when auditing
+certain syscalls. A local attacker could exploit this flaw to obtain
+potentially sensitive single-bit values from kernel memory or cause a
+denial of service (OOPS). (CVE-2014-3917)
+
+A flaw was discovered in the Linux kernel's implementation of user
+namespaces with respect to inode permissions. A local user could exploit
+this flaw by creating a user namespace to gain administrative privileges.
+(CVE-2014-4014)
+
+An information leak was discovered in the rd_mcp backend of the iSCSI
+target subsystem in the Linux kernel. A local user could exploit this flaw
+to obtain sensitive information from ramdisk_mcp memory by leveraging
+access to a SCSI initiator. (CVE-2014-4027)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)";
+
+  tag_affected = "linux-lts-quantal on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2285-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002591.html");
+  script_summary("Check for the Version of linux-lts-quantal");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.5.0-54-generic", ver:"3.5.0-54.81~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2285_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2286_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2286_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2286_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,131 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-raring USN-2286-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841907");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 18:34:16 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-0131", "CVE-2014-1739", "CVE-2014-3144",
+                "CVE-2014-3145", "CVE-2014-3917", "CVE-2014-4014", "CVE-2014-4608");
+  script_tag(name:"cvss_base", value:"6.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for linux-lts-raring USN-2286-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Michael S. Tsirkin discovered an information leak in the Linux kernel's
+segmentation of skbs when using the zerocopy feature of vhost-net. A local
+attacker could exploit this flaw to gain potentially sensitive information
+from kernel memory. (CVE-2014-0131)
+
+Salva Peir&#243  discovered an information leak in the Linux kernel's media-
+device driver. A local attacker could exploit this flaw to obtain sensitive
+information from kernel memory. (CVE-2014-1739)
+
+A bounds check error was discovered in the socket filter subsystem of the
+Linux kernel. A local user could exploit this flaw to cause a denial of
+service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)
+
+A flaw was discovered in the Linux kernel's audit subsystem when auditing
+certain syscalls. A local attacker could exploit this flaw to obtain
+potentially sensitive single-bit values from kernel memory or cause a
+denial of service (OOPS). (CVE-2014-3917)
+
+A flaw was discovered in the Linux kernel's implementation of user
+namespaces with respect to inode permissions. A local user could exploit
+this flaw by creating a user namespace to gain administrative privileges.
+(CVE-2014-4014)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)";
+
+  tag_affected = "linux-lts-raring on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2286-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002592.html");
+  script_summary("Check for the Version of linux-lts-raring");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.8.0-44-generic", ver:"3.8.0-44.66~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2286_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2287_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2287_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2287_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,131 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-saucy USN-2287-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841902");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 17:37:18 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-0131", "CVE-2014-3917", "CVE-2014-4014",
+                "CVE-2014-4608", "CVE-2014-4611");
+  script_tag(name:"cvss_base", value:"6.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for linux-lts-saucy USN-2287-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Michael S. Tsirkin discovered an information leak in the Linux kernel's
+segmentation of skbs when using the zerocopy feature of vhost-net. A local
+attacker could exploit this flaw to gain potentially sensitive information
+from kernel memory. (CVE-2014-0131)
+
+A flaw was discovered in the Linux kernel's audit subsystem when auditing
+certain syscalls. A local attacker could exploit this flaw to obtain
+potentially sensitive single-bit values from kernel memory or cause a
+denial of service (OOPS). (CVE-2014-3917)
+
+A flaw was discovered in the Linux kernel's implementation of user
+namespaces with respect to inode permissions. A local user could exploit
+this flaw by creating a user namespace to gain administrative privileges.
+(CVE-2014-4014)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)
+
+Don Bailey and Ludvig Strigeus discovered an integer overflow in the Linux
+kernel's implementation of the LZ4 decompression algorithm, when used by
+code not complying with API limitations. An attacker could exploit this
+flaw to cause a denial of service (memory corruption) or possibly other
+unspecified impact. (CVE-2014-4611)";
+
+  tag_affected = "linux-lts-saucy on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2287-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002593.html");
+  script_summary("Check for the Version of linux-lts-saucy");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-26-generic", ver:"3.11.0-26.45~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-26-generic-lpae", ver:"3.11.0-26.45~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2287_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2288_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2288_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2288_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,132 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux-lts-trusty USN-2288-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841906");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 18:18:55 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145",
+                "CVE-2014-3940", "CVE-2014-4608", "CVE-2014-4611");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux-lts-trusty USN-2288-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Salva Peir&#243  discovered an information leak in the Linux kernel's media-
+device driver. A local attacker could exploit this flaw to obtain sensitive
+information from kernel memory. (CVE-2014-1739)
+
+A bounds check error was discovered in the socket filter subsystem of the
+Linux kernel. A local user could exploit this flaw to cause a denial of
+service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)
+
+A flaw was discovered in the Linux kernel's handling of hugetlb entries. A
+local user could exploit this flaw to cause a denial service (memory
+corruption or system crash). (CVE-2014-3940)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)
+
+Don Bailey and Ludvig Strigeus discovered an integer overflow in the Linux
+kernel's implementation of the LZ4 decompression algorithm, when used by
+code not complying with API limitations. An attacker could exploit this
+flaw to cause a denial of service (memory corruption) or possibly other
+unspecified impact. (CVE-2014-4611)";
+
+  tag_affected = "linux-lts-trusty on Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2288-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002594.html");
+  script_summary("Check for the Version of linux-lts-trusty");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-generic", ver:"3.13.0-32.57~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-generic-lpae", ver:"3.13.0-32.57~precise1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2288_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2289_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2289_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2289_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,131 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-2289-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841903");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 17:50:30 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-0131", "CVE-2014-3917", "CVE-2014-4014",
+                "CVE-2014-4608", "CVE-2014-4611");
+  script_tag(name:"cvss_base", value:"6.2");
+  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for linux USN-2289-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Michael S. Tsirkin discovered an information leak in the Linux kernel's
+segmentation of skbs when using the zerocopy feature of vhost-net. A local
+attacker could exploit this flaw to gain potentially sensitive information
+from kernel memory. (CVE-2014-0131)
+
+A flaw was discovered in the Linux kernel's audit subsystem when auditing
+certain syscalls. A local attacker could exploit this flaw to obtain
+potentially sensitive single-bit values from kernel memory or cause a
+denial of service (OOPS). (CVE-2014-3917)
+
+A flaw was discovered in the Linux kernel's implementation of user
+namespaces with respect to inode permissions. A local user could exploit
+this flaw by creating a user namespace to gain administrative privileges.
+(CVE-2014-4014)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)
+
+Don Bailey and Ludvig Strigeus discovered an integer overflow in the Linux
+kernel's implementation of the LZ4 decompression algorithm, when used by
+code not complying with API limitations. An attacker could exploit this
+flaw to cause a denial of service (memory corruption) or possibly other
+unspecified impact. (CVE-2014-4611)";
+
+  tag_affected = "linux on Ubuntu 13.10";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2289-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002596.html");
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU13.10")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-26-generic", ver:"3.11.0-26.45", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.11.0-26-generic-lpae", ver:"3.11.0-26.45", rls:"UBUNTU13.10")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2289_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2290_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2290_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2290_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,168 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for linux USN-2290-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841897");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 16:55:37 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-4943", "CVE-2014-1739", "CVE-2014-3144", "CVE-2014-3145",
+                "CVE-2014-3940", "CVE-2014-4608", "CVE-2014-4611");
+  script_tag(name:"cvss_base", value:"5.0");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
+  script_tag(name:"risk_factor", value:"Medium");
+  script_name("Ubuntu Update for linux USN-2290-1");
+
+  tag_insight = "Sasha Levin reported a flaw in the Linux kernel's
+point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol
+(L2TP). A local user could exploit this flaw to gain administrative privileges.
+(CVE-2014-4943)
+
+Salva Peir&#243  discovered an information leak in the Linux kernel's media-
+device driver. A local attacker could exploit this flaw to obtain sensitive
+information from kernel memory. (CVE-2014-1739)
+
+A bounds check error was discovered in the socket filter subsystem of the
+Linux kernel. A local user could exploit this flaw to cause a denial of
+service (system crash) via crafted BPF instructions. (CVE-2014-3144)
+
+A remainder calculation error was discovered in the socket filter subsystem
+of the Linux kernel. A local user could exploit this flaw to cause a denial
+of service (system crash) via crafted BPF instructions. (CVE-2014-3145)
+
+A flaw was discovered in the Linux kernel's handling of hugetlb entries. A
+local user could exploit this flaw to cause a denial service (memory
+corruption or system crash). (CVE-2014-3940)
+
+Don Bailey discovered a flaw in the LZO decompress algorithm used by the
+Linux kernel. An attacker could exploit this flaw to cause a denial of
+service (memory corruption or OOPS). (CVE-2014-4608)
+
+Don Bailey and Ludvig Strigeus discovered an integer overflow in the Linux
+kernel's implementation of the LZ4 decompression algorithm, when used by
+code not complying with API limitations. An attacker could exploit this
+flaw to cause a denial of service (memory corruption) or possibly other
+unspecified impact. (CVE-2014-4611)";
+
+  tag_affected = "linux on Ubuntu 14.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2290-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002595.html");
+  script_summary("Check for the Version of linux");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-generic", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-generic-lpae", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-lowlatency", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-powerpc-e500", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-powerpc-e500mc", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-powerpc-smp", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-powerpc64-emb", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if ((res = isdpkgvuln(pkg:"linux-image-3.13.0-32-powerpc64-smp", ver:"3.13.0-32.57", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2290_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2291_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2291_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2291_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,120 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for mysql-5.5 USN-2291-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841905");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 18:10:14 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-2494", "CVE-2014-4207", "CVE-2014-4258", "CVE-2014-4260");
+  script_tag(name:"cvss_base", value:"6.5");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for mysql-5.5 USN-2291-1");
+
+  tag_insight = "Multiple security issues were discovered in MySQL and this
+update includes a new upstream MySQL version to fix these issues. MySQL has
+been updated to 5.5.38.
+
+In addition to security fixes, the updated packages contain bug fixes,
+new features, and possibly incompatible changes.
+
+Please see the following for more information:
+http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-38.html</A>
+http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html</A>";
+
+  tag_affected = "mysql-5.5 on Ubuntu 14.04 LTS ,
+  Ubuntu 12.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2291-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002597.html");
+  script_summary("Check for the Version of mysql-5.5");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"mysql-server-5.5", ver:"5.5.38-0ubuntu0.14.04.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}
+
+
+if(release == "UBUNTU12.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"mysql-server-5.5", ver:"5.5.38-0ubuntu0.12.04.1", rls:"UBUNTU12.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2291_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id

Added: scripts/2014/gb_ubuntu_USN_2292_1.nasl
===================================================================
--- scripts/2014/gb_ubuntu_USN_2292_1.nasl	                        (rev 0)
+++ scripts/2014/gb_ubuntu_USN_2292_1.nasl	2014-07-25 14:16:47 UTC (rev 585)
@@ -0,0 +1,101 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+#
+# Ubuntu Update for liblwp-protocol-https-perl USN-2292-1
+#
+# Authors:
+# System Generated Check
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+include("revisions-lib.inc");
+
+if(description)
+{
+  script_oid("1.3.6.1.4.1.25623.1.0.841894");
+  script_version("$Revision$");
+  script_tag(name:"check_type", value:"authenticated package test");
+  script_tag(name:"last_modification", value:"$Date$");
+  script_tag(name:"creation_date", value:"2014-07-21 16:46:57 +0530 (Mon, 21 Jul 2014)");
+  script_cve_id("CVE-2014-3230");
+  script_tag(name:"cvss_base", value:"6.8");
+  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
+  script_tag(name:"risk_factor", value:"High");
+  script_name("Ubuntu Update for liblwp-protocol-https-perl USN-2292-1");
+
+  tag_insight = "It was discovered that the LWP::Protocol::https perl module
+incorrectly disabled peer certificate verification completely when only hostname
+verification was requested to be disabled. If a remote attacker were able
+to perform a man-in-the-middle attack, this flaw could possibly be
+exploited in certain scenarios to alter or compromise confidential
+information in applications that used the LWP::Protocol::https module.";
+
+  tag_affected = "liblwp-protocol-https-perl on Ubuntu 14.04 LTS";
+
+  tag_solution = "Please Install the Updated Packages.";
+
+  desc = "
+
+  Vulnerability Insight:
+  " + tag_insight + "
+
+  Affected Software/OS:
+  " + tag_affected + "
+
+  Solution:
+  " + tag_solution;
+
+  if (revcomp(a: OPENVAS_VERSION, b: "6.0+beta5") >= 0){
+    script_tag(name : "affected" , value : tag_affected);
+    script_tag(name : "insight" , value : tag_insight);
+    script_tag(name : "solution" , value : tag_solution);
+  }
+  script_description(desc);
+  script_xref(name: "USN", value: "2292-1");
+  script_xref(name: "URL" , value: "https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002599.html");
+  script_summary("Check for the Version of liblwp-protocol-https-perl");
+  script_category(ACT_GATHER_INFO);
+  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
+  script_family("Ubuntu Local Security Checks");
+  script_dependencies("gather-package-list.nasl");
+  script_mandatory_keys("login/SSH/success", "HostDetails/OS/cpe:/o:canonical:ubuntu_linux", "ssh/login/release");
+  exit(0);
+}
+
+
+include("pkg-lib-deb.inc");
+
+release = get_kb_item("ssh/login/release");
+
+res = "";
+if(release == NULL){
+  exit(0);
+}
+
+if(release == "UBUNTU14.04 LTS")
+{
+
+  if ((res = isdpkgvuln(pkg:"liblwp-protocol-https-perl", ver:"6.04-2ubuntu0.1", rls:"UBUNTU14.04 LTS")) != NULL)
+  {
+    security_message(data:res);
+    exit(0);
+  }
+
+  if (__pkg_match) exit(99); # Not vulnerable.
+  exit(0);
+}


Property changes on: scripts/2014/gb_ubuntu_USN_2292_1.nasl
___________________________________________________________________
Added: svn:keywords
   + Author Revision Date Id



More information about the Openvas-nvts-commits mailing list