[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openvas-cvs
Subject:    [Openvas-commits] r983 - in trunk/openvas-plugins: . scripts
From:       scm-commit () wald ! intevation ! org
Date:       2008-06-27 22:42:49
Message-ID: 20080627224249.5CE651422E () pyrosoma ! intevation ! org
[Download RAW message or body]

Author: reinke
Date: 2008-06-28 00:42:46 +0200 (Sat, 28 Jun 2008)
New Revision: 983

Added:
   trunk/openvas-plugins/scripts/deb_1594_1.nasl
   trunk/openvas-plugins/scripts/deb_1595_1.nasl
   trunk/openvas-plugins/scripts/deb_1596_1.nasl
   trunk/openvas-plugins/scripts/deb_1597_1.nasl
   trunk/openvas-plugins/scripts/deb_1598_1.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
New scripts added

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2008-06-27 21:55:29 UTC (rev 982)
+++ trunk/openvas-plugins/ChangeLog	2008-06-27 22:42:46 UTC (rev 983)
@@ -1,3 +1,7 @@
+2008-06-27  Thomas Reinke <reinke@securityspace.com>
+	* deb_1594_1.nasl deb_1595_1.nasl deb_1596_1.nasl deb_1597_1.nasl
+	deb_1598_1.nasl: New debian scripts
+
 2008-06-26  Jan-Oliver Wagner <jan-oliver.wagner@intevation.de>
 
 	* scripts/http_keepalive.inc: Replaced function calls

Added: trunk/openvas-plugins/scripts/deb_1594_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1594_1.nasl	2008-06-27 21:55:29 UTC (rev 982)
+++ trunk/openvas-plugins/scripts/deb_1594_1.nasl	2008-06-27 22:42:46 UTC (rev 983)
@@ -0,0 +1,87 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1594-1 (imlib2)
+#
+# Authors:
+# Thomas Reinke <reinke@securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61170);
+ script_cve_id("CVE-2008-2426");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1594-1 (imlib2)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to imlib2
+announced via advisory DSA 1594-1.
+
+Stefan Cornelius discovered two buffer overflows in Imlib's - a powerful
+image loading and rendering library - image loaders for PNM and XPM
+images, which may result in the execution of arbitrary code.
+
+For the stable distribution (etch), this problem has been fixed in
+version 1.3.0.0debian1-4+etch1.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 1.4.0-1.1.
+
+We recommend that you upgrade your imlib2 package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201594-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1594-1 (imlib2)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libimlib2", ver:"1.3.0.0debian1-4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"libimlib2-dev", ver:"1.3.0.0debian1-4+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1595_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1595_1.nasl	2008-06-27 21:55:29 UTC (rev 982)
+++ trunk/openvas-plugins/scripts/deb_1595_1.nasl	2008-06-27 22:42:46 UTC (rev 983)
@@ -0,0 +1,139 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1595-1 (xorg-server)
+#
+# Authors:
+# Thomas Reinke <reinke@securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61171);
+ script_cve_id("CVE-2008-1377", "CVE-2008-1379", "CVE-2008-2360", "CVE-2008-2361", "CVE-2008-2362");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1595-1 (xorg-server)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to xorg-server
+announced via advisory DSA 1595-1.
+
+Several local vulnerabilities have been discovered in the X Window system.
+The Common Vulnerabilities and Exposures project identifies the following
+problems:
+
+CVE-2008-1377
+
+Lack of validation of the parameters of the
+SProcSecurityGenerateAuthorization SProcRecordCreateContext
+functions makes it possible for a specially crafted request to trigger
+the swapping of bytes outside the parameter of these requests, causing
+memory corruption.
+
+CVE-2008-1379
+
+An integer overflow in the validation of the parameters of the
+ShmPutImage() request makes it possible to trigger the copy of
+arbitrary server memory to a pixmap that can subsequently be read by
+the client, to read arbitrary parts of the X server memory space.
+
+CVE-2008-2360
+
+An integer overflow may occur in the computation of the size of the
+glyph to be allocated by the AllocateGlyph() function which will cause
+less memory to be allocated than expected, leading to later heap
+overflow.
+
+CVE-2008-2361
+
+An integer overflow may occur in the computation of the  size of the
+glyph to be allocated by the ProcRenderCreateCursor() function which
+will cause less memory to be allocated than expected, leading later
+to dereferencing un-mapped memory, causing a crash of the X server.
+
+CVE-2008-2362
+
+Integer overflows can also occur in the code validating the parameters
+for the SProcRenderCreateLinearGradient, SProcRenderCreateRadialGradient
+and SProcRenderCreateConicalGradient functions, leading to memory
+corruption by swapping bytes outside of the intended request
+parameters.
+
+For the stable distribution (etch), these problems have been fixed in version
+2:1.1.1-21etch5.
+
+For the unstable distribution (sid), these problems have been fixed in
+version 2:1.4.1~git20080517-2.
+
+We recommend that you upgrade your xorg-server package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201595-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1595-1 (xorg-server)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"xserver-xorg-dev", ver:"1.1.1-21etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"xserver-xorg-core", ver:"1.1.1-21etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"xdmx", ver:"1.1.1-21etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"xnest", ver:"1.1.1-21etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"xvfb", ver:"1.1.1-21etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"xdmx-tools", ver:"1.1.1-21etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"xserver-xephyr", ver:"1.1.1-21etch5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1596_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1596_1.nasl	2008-06-27 21:55:29 UTC (rev 982)
+++ trunk/openvas-plugins/scripts/deb_1596_1.nasl	2008-06-27 22:42:46 UTC (rev 983)
@@ -0,0 +1,94 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1596-1 (typo3)
+#
+# Authors:
+# Thomas Reinke <reinke@securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61173);
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1596-1 (typo3)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to typo3
+announced via advisory DSA 1596-1.
+
+Several remote vulnerabilities have been discovered in the
+TYPO3 content management framework.
+
+Because of a not sufficiently secure default value of the TYPO3
+configuration variable fileDenyPattern, authenticated backend users
+could upload files that allowed to execute arbitrary code as the
+webserver user.
+
+User input processed by fe_adminlib.inc is not being properly filtered
+to prevent Cross Site Scripting (XSS) attacks, which is exposed when
+specific plugins are in use.
+
+For the stable distribution (etch), these problems have been fixed in
+version 4.0.2+debian-5.
+
+For the unstable distribution (sid), these problems have been fixed in
+version 4.1.7-1.
+
+We recommend that you upgrade your typo3 package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201596-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1596-1 (typo3)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"typo3", ver:"4.0.2+debian-5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+if(isdpkgvuln(pkg:"typo3-src-4.0", ver:"4.0.2+debian-5", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1597_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1597_1.nasl	2008-06-27 21:55:29 UTC (rev 982)
+++ trunk/openvas-plugins/scripts/deb_1597_1.nasl	2008-06-27 22:42:46 UTC (rev 983)
@@ -0,0 +1,103 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1597-1 (mt-daapd)
+#
+# Authors:
+# Thomas Reinke <reinke@securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61172);
+ script_cve_id("CVE-2007-5824", "CVE-2007-5825", "CVE-2008-1771");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1597-1 (mt-daapd)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to mt-daapd
+announced via advisory DSA 1597-1.
+
+Three vulnerabilities have been discovered in the mt-daapd DAAP audio
+server (also known as the Firefly Media Server).  The Common
+Vulnerabilities and Exposures project identifies the following three
+problems:
+
+CVE-2007-5824
+
+Insufficient validation and bounds checking of the Authorization:
+HTTP header enables a heap buffer overflow, potentially enabling
+the execution of arbitrary code.
+
+CVE-2007-5825
+
+Format string vulnerabilities in debug logging within the
+authentication of XML-RPC requests could enable the execution of
+arbitrary code.
+
+CVE-2008-1771
+
+An integer overflow weakness in the handling of HTTP POST
+variables could allow a heap buffer overflow and potentially
+arbitrary code execution.
+
+For the stable distribution (etch), these problems have been fixed in
+version 0.2.4+r1376-1.1+etch1.
+
+For the unstable distribution (sid), these problems have been fixed in
+version 0.9~r1696-1.3.
+
+We recommend that you upgrade your mt-daapd package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201597-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1597-1 (mt-daapd)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"mt-daapd", ver:"0.2.4+r1376-1.1+etch1", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

Added: trunk/openvas-plugins/scripts/deb_1598_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1598_1.nasl	2008-06-27 21:55:29 UTC (rev 982)
+++ trunk/openvas-plugins/scripts/deb_1598_1.nasl	2008-06-27 22:42:46 UTC (rev 983)
@@ -0,0 +1,84 @@
+# OpenVAS Vulnerability Test
+# $Id$
+# Description: Auto-generated from advisory DSA 1598-1 (libtk-img)
+#
+# Authors:
+# Thomas Reinke <reinke@securityspace.com>
+#
+# Copyright:
+# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
+# Text descriptions are largely excerpted from the referenced
+# advisory, and are Copyright (c) the respective author(s)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2,
+# as published by the Free Software Foundation
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+if(description)
+{
+ script_id(61174);
+ script_cve_id("CVE-2008-0553");
+ script_version ("$");
+ name["english"] = "Debian Security Advisory DSA 1598-1 (libtk-img)";
+ script_name(english:name["english"]);
+
+ desc["english"] = "
+The remote host is missing an update to libtk-img
+announced via advisory DSA 1598-1.
+
+It was discovered that a buffer overflow in the GIF image parsing code
+of Tk, a cross-platform graphical toolkit, could lead to denial of
+service and potentially the execution of arbitrary code.
+
+For the stable distribution (etch), this problem has been fixed in version
+1:1.3-15etch2.
+
+For the unstable distribution (sid), this problem has been fixed in
+version 1:1.3-release-7.
+
+We recommend that you upgrade your libtk-img package.
+
+Solution:
+https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201598-1
+
+Risk factor : High";
+
+ script_description(english:desc["english"]);
+
+ summary["english"] = "Debian Security Advisory DSA 1598-1 (libtk-img)";
+ script_summary(english:summary["english"]);
+
+ script_category(ACT_GATHER_INFO);
+
+ script_copyright(english:"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
+ family["english"] = "Debian Local Security Checks";
+ script_family(english:family["english"]);
+ script_dependencies("gather-package-list.nasl");
+ script_require_keys("ssh/login/packages");
+ exit(0);
+}
+
+#
+# The script code starts here
+#
+
+include("revisions-lib.inc");
+include("pkg-lib-deb.inc");
+vuln = 0;
+if(isdpkgvuln(pkg:"libtk-img", ver:"1.3-15etch2", rls:"DEB4.0")) {
+    vuln = 1;
+}
+
+if(vuln) {
+    security_hole(0);
+}

_______________________________________________
Openvas-commits mailing list
Openvas-commits@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
[prev in list] [next in list] [prev in thread] [next in thread]