{"id": "SUSE_11_0_LIBNASL-090120.NASL", "bulletinFamily": "scanner", "title": "openSUSE Security Update : libnasl (libnasl-451)", "description": "This update of libnasl adds missing return value checks for openssl\nfunction calls. (CVE-2009-0125)", "published": "2009-07-21T00:00:00", "modified": "2009-07-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/40027", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=465675"], "cvelist": ["CVE-2009-0125"], "type": "nessus", "lastseen": "2021-01-17T14:03:30", "edition": 23, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-0125"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231066027", "OPENVAS:63304", "OPENVAS:66027", "OPENVAS:900190", "OPENVAS:136141256231063304", "OPENVAS:1361412562310900190"]}, {"type": "nessus", "idList": ["SOLARIS10_139500.NASL", "DEBIAN_DSA-1702.NASL", "SOLARIS10_X86_139501.NASL", "UBUNTU_USN-705-1.NASL", "SUSE_LIBNASL-5943.NASL", "CENTOS_RHSA-2009-0004.NASL", "REDHAT-RHSA-2009-0046.NASL", "DEBIAN_DSA-1701.NASL", "CENTOS_RHSA-2009-0046.NASL", "SOLARIS10_X86_139501-02.NASL"]}], "modified": "2021-01-17T14:03:30", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-01-17T14:03:30", "rev": 2}, "vulnersScore": 5.2}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libnasl-451.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40027);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0125\");\n\n script_name(english:\"openSUSE Security Update : libnasl (libnasl-451)\");\n script_summary(english:\"Check for the libnasl-451 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libnasl adds missing return value checks for openssl\nfunction calls. (CVE-2009-0125)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465675\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libnasl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnasl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libnasl-2.2.10-59.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnasl\");\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "40027", "cpe": ["p-cpe:/a:novell:opensuse:libnasl", "cpe:/o:novell:opensuse:11.0"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T11:54:10", "description": "** DISPUTED ** NOTE: this issue has been disputed by the upstream vendor. nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library (aka libnasl) 2.2.11 does not properly check the return value from the OpenSSL DSA_do_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE: the upstream vendor has disputed this issue, stating \"while we do misuse this function (this is a bug), it has absolutely no security ramification.\"", "edition": 3, "cvss3": {}, "published": "2009-01-15T17:30:00", "title": "CVE-2009-0125", "type": "cve", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0125"], "modified": "2009-02-10T05:00:00", "cpe": ["cpe:/a:finkproject:libnasl:2.2.11"], "id": "CVE-2009-0125", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0125", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:finkproject:libnasl:2.2.11:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-04-07T16:39:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125"], "description": "The host is running NASL and is prone to Security Bypass\n vulnerability.\n\n NOTE: the upstream vendor has disputed this issue, stating ", "modified": "2020-04-02T00:00:00", "published": "2009-01-22T00:00:00", "id": "OPENVAS:1361412562310900190", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900190", "type": "openvas", "title": "OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900190\");\n script_version(\"2020-04-02T11:36:28+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-02 11:36:28 +0000 (Thu, 02 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-01-22 12:00:13 +0100 (Thu, 22 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2009-0125\");\n script_bugtraq_id(33151);\n script_name(\"OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL\");\n\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479655\");\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2009/01/12/4\");\n script_xref(name:\"URL\", value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511517\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n\n script_tag(name:\"summary\", value:\"The host is running NASL and is prone to Security Bypass\n vulnerability.\n\n NOTE: the upstream vendor has disputed this issue, stating 'while we do misuse this function (this is a bug), it has absolutely no security ramification.'.\");\n\n script_tag(name:\"solution\", value:\"No solution provided as no fix is required.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"deprecated\", value:TRUE);\n\n exit(0);\n}\n\nexit(66);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:56:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2008-5077"], "description": "The remote host is missing an update to libnasl\nannounced via advisory MDVSA-2009:271.", "modified": "2017-07-07T00:00:00", "published": "2009-10-19T00:00:00", "id": "OPENVAS:66027", "href": "http://plugins.openvas.org/nasl.php?oid=66027", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:271 (libnasl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_271.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:271 (libnasl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in libnasl:\n\nnasl/nasl_crypto2.c in the Nessus Attack Scripting Language library\n(aka libnasl) 2.2.11 does not properly check the return value from\nthe OpenSSL DSA_do_verify function, which allows remote attackers to\nbypass validation of the certificate chain via a malformed SSL/TLS\nsignature, a similar vulnerability to CVE-2008-5077 (CVE-2009-0125).\n\nThis update fixes this vulnerability.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:271\";\ntag_summary = \"The remote host is missing an update to libnasl\nannounced via advisory MDVSA-2009:271.\";\n\n \n\nif(description)\n{\n script_id(66027);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-19 21:50:22 +0200 (Mon, 19 Oct 2009)\");\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0125\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:271 (libnasl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libnasl2\", rpm:\"libnasl2~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl2-devel\", rpm:\"libnasl2-devel~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nasl2\", rpm:\"lib64nasl2~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nasl2-devel\", rpm:\"lib64nasl2-devel~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2008-5077"], "description": "The remote host is missing an update to libnasl\nannounced via advisory MDVSA-2009:271.", "modified": "2018-04-06T00:00:00", "published": "2009-10-19T00:00:00", "id": "OPENVAS:136141256231066027", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066027", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:271 (libnasl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_271.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:271 (libnasl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in libnasl:\n\nnasl/nasl_crypto2.c in the Nessus Attack Scripting Language library\n(aka libnasl) 2.2.11 does not properly check the return value from\nthe OpenSSL DSA_do_verify function, which allows remote attackers to\nbypass validation of the certificate chain via a malformed SSL/TLS\nsignature, a similar vulnerability to CVE-2008-5077 (CVE-2009-0125).\n\nThis update fixes this vulnerability.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:271\";\ntag_summary = \"The remote host is missing an update to libnasl\nannounced via advisory MDVSA-2009:271.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66027\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-19 21:50:22 +0200 (Mon, 19 Oct 2009)\");\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0125\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:271 (libnasl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libnasl2\", rpm:\"libnasl2~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl2-devel\", rpm:\"libnasl2-devel~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nasl2\", rpm:\"lib64nasl2~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nasl2-devel\", rpm:\"lib64nasl2-devel~2.2.4~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2008-5077"], "description": "The host is running NASL and is prone to Security Bypass\n vulnerability.", "modified": "2017-01-27T00:00:00", "published": "2009-01-22T00:00:00", "id": "OPENVAS:900190", "href": "http://plugins.openvas.org/nasl.php?oid=900190", "type": "openvas", "title": "OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_nasl_sec_bypass_vuln.nasl 5122 2017-01-27 12:16:00Z teissa $\n#\n# OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply Patch\n http://cvs.fedoraproject.org/viewvc/rpms/libnasl/F-10/libnasl.spec?r1=1.16&r2=1.17\n\n *********\n NOTE: Please ignore the warning, if patch is applied.\n *********\";\n\ntag_impact = \"Successful exploitation could allow remote attackers to bypass the\n certificate validation checks and can cause spoofing attacks via\n signature checks with SSL/TLS.\n Impact Level: System/Application\";\ntag_affected = \"Nessus Attack Scripting Language (NASL) version 2.2.11 and prior on Linux.\";\ntag_insight = \"The flaw is due to improper validation of return value in\n nasl/nasl_crypto2.c file from DSA_do_verify function of OpenSSL.\";\ntag_summary = \"The host is running NASL and is prone to Security Bypass\n vulnerability.\";\n\nif(description)\n{\n script_id(900190);\n script_version(\"$Revision: 5122 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-27 13:16:00 +0100 (Fri, 27 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-22 12:00:13 +0100 (Thu, 22 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0125\");\n script_bugtraq_id(33151);\n script_name(\"OpenSSL DSA_do_verify() Security Bypass Vulnerability in NASL\");\n\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=479655\");\n script_xref(name : \"URL\" , value : \"http://openwall.com/lists/oss-security/2009/01/12/4\");\n script_xref(name : \"URL\" , value : \"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511517\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_nasl_detect_lin.nasl\");\n script_require_keys(\"NASL/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nnaslPort = 1241;\nif(!get_tcp_port_state(naslPort)){\n exit(0);\n}\n\nnaslVer = get_kb_item(\"NASL/Linux/Ver\");\nif(!naslVer){\n exit(0);\n}\n\n# Check for version 2.2.11 and prior\nif(version_is_less_equal(version:naslVer, test_version:\"2.2.11\")){\n security_message(naslPort);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2008-2383", "CVE-2008-3197", "CVE-2008-5902", "CVE-2008-1924", "CVE-2009-0034", "CVE-2009-0135", "CVE-2008-5907", "CVE-2008-5432", "CVE-2008-2960", "CVE-2008-5824", "CVE-2008-4326", "CVE-2009-0136", "CVE-2008-5904", "CVE-2008-1567", "CVE-2008-1149", "CVE-2008-5903", "CVE-2008-4309", "CVE-2009-0126", "CVE-2008-4096", "CVE-2008-5081", "CVE-2008-5621"], "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "modified": "2017-07-11T00:00:00", "published": "2009-02-02T00:00:00", "id": "OPENVAS:63304", "href": "http://plugins.openvas.org/nasl.php?oid=63304", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:003", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_003.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:003\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63304);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009)\");\n script_cve_id(\"CVE-2008-3197\", \"CVE-2008-5081\", \"CVE-2008-5432\", \"CVE-2008-1149\", \"CVE-2008-5824\", \"CVE-2008-5903\", \"CVE-2008-5902\", \"CVE-2008-5907\", \"CVE-2008-5904\", \"CVE-2008-1567\", \"CVE-2009-0125\", \"CVE-2009-0126\", \"CVE-2008-4326\", \"CVE-2008-4309\", \"CVE-2008-2960\", \"CVE-2008-5621\", \"CVE-2008-2383\", \"CVE-2008-1924\", \"CVE-2009-0034\", \"CVE-2009-0136\", \"CVE-2008-4096\", \"CVE-2009-0135\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:003\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"autofs\", rpm:\"autofs~5.0.3~82.28.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager\", rpm:\"backup-manager~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager-lang\", rpm:\"backup-manager-lang~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero\", rpm:\"brasero~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-doc\", rpm:\"brasero-doc~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-lang\", rpm:\"brasero-lang~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~145.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash\", rpm:\"crash~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-devel\", rpm:\"crash-devel~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-doc\", rpm:\"crash-doc~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-sial\", rpm:\"crash-sial~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-main-menu\", rpm:\"gnome-main-menu~0.9.11~22.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mailman\", rpm:\"mailman~2.1.11~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-Bootloader\", rpm:\"perl-Bootloader~0.4.81.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"plotutils\", rpm:\"plotutils~2.5~197.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pure-ftpd\", rpm:\"pure-ftpd~1.0.21~182.32.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~10.36.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient\", rpm:\"tsclient~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient-devel\", rpm:\"tsclient-devel~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xrdp\", rpm:\"xrdp~0.4.1~16.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-bootloader\", rpm:\"yast2-bootloader~2.17.50~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network\", rpm:\"yast2-network~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network-devel-doc\", rpm:\"yast2-network-devel-doc~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils-gtk\", rpm:\"avahi-utils-gtk~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-default\", rpm:\"nouveau-kmp-default~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-pae\", rpm:\"nouveau-kmp-pae~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-xen\", rpm:\"nouveau-kmp-xen~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.8~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p15~13.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~76.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau\", rpm:\"xorg-x11-driver-video-nouveau~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau-3d\", rpm:\"xorg-x11-driver-video-nouveau-3d~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl\", rpm:\"avahi-compat-howl~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder\", rpm:\"avahi-compat-mDNSResponder~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-devel\", rpm:\"avahi-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-glib\", rpm:\"avahi-glib~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-python\", rpm:\"avahi-python~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt3\", rpm:\"avahi-qt3~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt4\", rpm:\"avahi-qt4~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~75.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~15.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p2~23.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~33.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2008-2383", "CVE-2008-3197", "CVE-2008-5902", "CVE-2008-1924", "CVE-2009-0034", "CVE-2009-0135", "CVE-2008-5907", "CVE-2008-5432", "CVE-2008-2960", "CVE-2008-5824", "CVE-2008-4326", "CVE-2009-0136", "CVE-2008-5904", "CVE-2008-1567", "CVE-2008-1149", "CVE-2008-5903", "CVE-2008-4309", "CVE-2009-0126", "CVE-2008-4096", "CVE-2008-5081", "CVE-2008-5621"], "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "modified": "2018-04-06T00:00:00", "published": "2009-02-02T00:00:00", "id": "OPENVAS:136141256231063304", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063304", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:003", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_003.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:003\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63304\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009)\");\n script_cve_id(\"CVE-2008-3197\", \"CVE-2008-5081\", \"CVE-2008-5432\", \"CVE-2008-1149\", \"CVE-2008-5824\", \"CVE-2008-5903\", \"CVE-2008-5902\", \"CVE-2008-5907\", \"CVE-2008-5904\", \"CVE-2008-1567\", \"CVE-2009-0125\", \"CVE-2009-0126\", \"CVE-2008-4326\", \"CVE-2008-4309\", \"CVE-2008-2960\", \"CVE-2008-5621\", \"CVE-2008-2383\", \"CVE-2008-1924\", \"CVE-2009-0034\", \"CVE-2009-0136\", \"CVE-2008-4096\", \"CVE-2009-0135\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:003\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"autofs\", rpm:\"autofs~5.0.3~82.28.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager\", rpm:\"backup-manager~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager-lang\", rpm:\"backup-manager-lang~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero\", rpm:\"brasero~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-doc\", rpm:\"brasero-doc~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-lang\", rpm:\"brasero-lang~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~145.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash\", rpm:\"crash~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-devel\", rpm:\"crash-devel~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-doc\", rpm:\"crash-doc~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-sial\", rpm:\"crash-sial~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-main-menu\", rpm:\"gnome-main-menu~0.9.11~22.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mailman\", rpm:\"mailman~2.1.11~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-Bootloader\", rpm:\"perl-Bootloader~0.4.81.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"plotutils\", rpm:\"plotutils~2.5~197.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pure-ftpd\", rpm:\"pure-ftpd~1.0.21~182.32.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~10.36.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient\", rpm:\"tsclient~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient-devel\", rpm:\"tsclient-devel~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xrdp\", rpm:\"xrdp~0.4.1~16.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-bootloader\", rpm:\"yast2-bootloader~2.17.50~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network\", rpm:\"yast2-network~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network-devel-doc\", rpm:\"yast2-network-devel-doc~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils-gtk\", rpm:\"avahi-utils-gtk~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-default\", rpm:\"nouveau-kmp-default~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-pae\", rpm:\"nouveau-kmp-pae~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-xen\", rpm:\"nouveau-kmp-xen~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.8~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p15~13.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~76.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau\", rpm:\"xorg-x11-driver-video-nouveau~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau-3d\", rpm:\"xorg-x11-driver-video-nouveau-3d~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl\", rpm:\"avahi-compat-howl~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder\", rpm:\"avahi-compat-mDNSResponder~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-devel\", rpm:\"avahi-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-glib\", rpm:\"avahi-glib~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-python\", rpm:\"avahi-python~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt3\", rpm:\"avahi-qt3~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt4\", rpm:\"avahi-qt4~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~75.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~15.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p2~23.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~33.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-17T14:46:24", "description": "This update of libnasl adds missing return value checks for openssl\nfunction calls. (CVE-2009-0125)", "edition": 23, "published": "2009-01-22T00:00:00", "title": "openSUSE 10 Security Update : libnasl (libnasl-5943)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125"], "modified": "2009-01-22T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libnasl", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_LIBNASL-5943.NASL", "href": "https://www.tenable.com/plugins/nessus/35447", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libnasl-5943.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35447);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0125\");\n\n script_name(english:\"openSUSE 10 Security Update : libnasl (libnasl-5943)\");\n script_summary(english:\"Check for the libnasl-5943 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libnasl adds missing return value checks for openssl\nfunction calls. (CVE-2009-0125)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libnasl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libnasl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libnasl-2.2.10-15.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnasl\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-09-02T00:02:10", "description": "SunOS 5.10_x86: openssl patch.\nDate this patch was last updated by Sun : Feb/24/09", "edition": 5, "published": "2009-04-23T00:00:00", "title": "Solaris 10 (x86) : 139501-02", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2018-08-13T00:00:00", "cpe": [], "id": "SOLARIS10_X86_139501.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36555", "sourceData": "\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/10/24.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(36555);\n script_version(\"1.17\");\n\n script_name(english: \"Solaris 10 (x86) : 139501-02\");\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 139501-02\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10_x86: openssl patch.\nDate this patch was last updated by Sun : Feb/24/09');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"http://download.oracle.com/sunalerts/1020011.1.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(287);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2009/04/23\");\n script_cvs_date(\"Date: 2018/08/13 14:32:38\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 139501-02\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-01-06T09:45:13", "description": "It was discovered that OpenSSL does not properly verify DSA signatures\non X.509 certificates due to an API misuse, potentially leading to the\nacceptance of incorrect X.509 certificates as genuine (CVE-2008-5077\n).", "edition": 27, "published": "2009-01-14T00:00:00", "title": "Debian DSA-1701-1 : openssl, openssl097 - interpretation conflict", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2009-01-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:openssl097", "p-cpe:/a:debian:debian_linux:openssl"], "id": "DEBIAN_DSA-1701.NASL", "href": "https://www.tenable.com/plugins/nessus/35364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1701. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35364);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_bugtraq_id(33150);\n script_xref(name:\"DSA\", value:\"1701\");\n\n script_name(english:\"Debian DSA-1701-1 : openssl, openssl097 - interpretation conflict\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that OpenSSL does not properly verify DSA signatures\non X.509 certificates due to an API misuse, potentially leading to the\nacceptance of incorrect X.509 certificates as genuine (CVE-2008-5077\n).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1701\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the OpenSSL packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 0.9.8c-4etch4 of the openssl package, and version\n0.9.7k-3.1etch2 of the openssl097 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl097\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libssl-dev\", reference:\"0.9.8c-4etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libssl0.9.7\", reference:\"0.9.7k-3.1etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libssl0.9.7-dbg\", reference:\"0.9.7k-3.1etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libssl0.9.8\", reference:\"0.9.8c-4etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libssl0.9.8-dbg\", reference:\"0.9.8c-4etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"openssl\", reference:\"0.9.8c-4etch4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-06T09:25:29", "description": "Updated OpenSSL packages that correct a security issue are now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nOpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a\nfull-strength, general purpose, cryptography library.\n\nThe Google security team discovered a flaw in the way OpenSSL checked\nthe verification of certificates. An attacker in control of a\nmalicious server, or able to effect a 'man in the middle' attack,\ncould present a malformed SSL/TLS signature from a certificate chain\nto a vulnerable client and bypass validation. (CVE-2008-5077)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all running OpenSSL client applications must be\nrestarted, or the system rebooted.", "edition": 27, "published": "2009-01-08T00:00:00", "title": "CentOS 3 / 4 / 5 : openssl (CESA-2009:0004)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2009-01-08T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl096b", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:openssl097a", "p-cpe:/a:centos:centos:openssl", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-0004.NASL", "href": "https://www.tenable.com/plugins/nessus/35310", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0004 and \n# CentOS Errata and Security Advisory 2009:0004 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35310);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_xref(name:\"RHSA\", value:\"2009:0004\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : openssl (CESA-2009:0004)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated OpenSSL packages that correct a security issue are now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nOpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a\nfull-strength, general purpose, cryptography library.\n\nThe Google security team discovered a flaw in the way OpenSSL checked\nthe verification of certificates. An attacker in control of a\nmalicious server, or able to effect a 'man in the middle' attack,\ncould present a malformed SSL/TLS signature from a certificate chain\nto a vulnerable client and bypass validation. (CVE-2008-5077)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all running OpenSSL client applications must be\nrestarted, or the system rebooted.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015596.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5c2df4d6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015598.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3237a6d9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015522.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?699759fd\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015523.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a33d5b8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015532.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ccd277d4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015533.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5aed7956\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015536.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?66d8d2db\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015537.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe15c5e8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015562.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7ef0e5b4\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015563.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5c467ba9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(20, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl097a\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl-0.9.7a-33.25\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl-devel-0.9.7a-33.25\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl-perl-0.9.7a-33.25\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"openssl096b-0.9.6b-16.49\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openssl-0.9.7a-43.17.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openssl-0.9.7a-43.17.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openssl-0.9.7a-43.17.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openssl-devel-0.9.7a-43.17.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openssl-devel-0.9.7a-43.17.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openssl-devel-0.9.7a-43.17.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"openssl-perl-0.9.7a-43.17.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openssl-perl-0.9.7a-43.17.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.7a-43.17.el4_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"openssl096b-0.9.6b-22.46.c4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-0.9.8b-10.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-devel-0.9.8b-10.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl-perl-0.9.8b-10.el5_2.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"openssl097a-0.9.7a-9.el5_2.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl096b / openssl097a\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-06T09:45:13", "description": "It has been discovered that NTP, an implementation of the Network Time\nProtocol, does not properly check the result of an OpenSSL function\nfor verifying cryptographic signatures, which may ultimately lead to\nthe acceptance of unauthenticated time information. (Note that\ncryptographic authentication of time servers is often not enabled in\nthe first place.)", "edition": 27, "published": "2009-01-14T00:00:00", "title": "Debian DSA-1702-1 : ntp - interpretation conflict", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2009-01-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:ntp"], "id": "DEBIAN_DSA-1702.NASL", "href": "https://www.tenable.com/plugins/nessus/35365", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1702. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35365);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_bugtraq_id(33150);\n script_xref(name:\"DSA\", value:\"1702\");\n\n script_name(english:\"Debian DSA-1702-1 : ntp - interpretation conflict\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It has been discovered that NTP, an implementation of the Network Time\nProtocol, does not properly check the result of an OpenSSL function\nfor verifying cryptographic signatures, which may ultimately lead to\nthe acceptance of unauthenticated time information. (Note that\ncryptographic authentication of time servers is often not enabled in\nthe first place.)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1702\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ntp package.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 4.2.2.p4+dfsg-2etch1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"ntp\", reference:\"4.2.2.p4+dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ntp-doc\", reference:\"4.2.2.p4+dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ntp-refclock\", reference:\"4.2.2.p4+dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ntp-simple\", reference:\"4.2.2.p4+dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ntpdate\", reference:\"4.2.2.p4+dfsg-2etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-17T13:06:25", "description": "Updated OpenSSL packages that correct a security issue are now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nOpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a\nfull-strength, general purpose, cryptography library.\n\nThe Google security team discovered a flaw in the way OpenSSL checked\nthe verification of certificates. An attacker in control of a\nmalicious server, or able to effect a 'man in the middle' attack,\ncould present a malformed SSL/TLS signature from a certificate chain\nto a vulnerable client and bypass validation. (CVE-2008-5077)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all running OpenSSL client applications must be\nrestarted, or the system rebooted.", "edition": 27, "published": "2009-01-08T00:00:00", "title": "RHEL 2.1 / 3 / 4 / 5 : openssl (RHSA-2009:0004)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2009-01-08T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:openssl096b", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "cpe:/o:redhat:enterprise_linux:5.2", "p-cpe:/a:redhat:enterprise_linux:openssl", "p-cpe:/a:redhat:enterprise_linux:openssl097a", "p-cpe:/a:redhat:enterprise_linux:openssl095a", "p-cpe:/a:redhat:enterprise_linux:openssl096", "cpe:/o:redhat:enterprise_linux:4.7", "p-cpe:/a:redhat:enterprise_linux:openssl-devel"], "id": "REDHAT-RHSA-2009-0004.NASL", "href": "https://www.tenable.com/plugins/nessus/35316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0004. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35316);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_xref(name:\"RHSA\", value:\"2009:0004\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 / 5 : openssl (RHSA-2009:0004)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated OpenSSL packages that correct a security issue are now\navailable for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nOpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a\nfull-strength, general purpose, cryptography library.\n\nThe Google security team discovered a flaw in the way OpenSSL checked\nthe verification of certificates. An attacker in control of a\nmalicious server, or able to effect a 'man in the middle' attack,\ncould present a malformed SSL/TLS signature from a certificate chain\nto a vulnerable client and bypass validation. (CVE-2008-5077)\n\nAll OpenSSL users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. For the update to\ntake effect, all running OpenSSL client applications must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5077\"\n );\n # http://www.openssl.org/news/secadv/20090107.txt\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20090107.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0004\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(20, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl095a\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl096\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl096b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl097a\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0004\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl-0.9.6b-49\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"openssl-0.9.6b-49\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl-devel-0.9.6b-49\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl-perl-0.9.6b-49\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl095a-0.9.5a-34\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"openssl096-0.9.6-34\")) flag++;\n\n\n if (rpm_check(release:\"RHEL3\", reference:\"openssl-0.9.7a-33.25\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"openssl-devel-0.9.7a-33.25\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"openssl-perl-0.9.7a-33.25\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-16.49\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"s390\", reference:\"openssl096b-0.9.6b-16.49\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-16.49\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"openssl-0.9.7a-43.17.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openssl-devel-0.9.7a-43.17.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"openssl-perl-0.9.7a-43.17.el4_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"openssl096b-0.9.6b-22.46.el4_7\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"openssl096b-0.9.6b-22.46.el4_7\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"openssl096b-0.9.6b-22.46.el4_7\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"openssl-0.9.8b-10.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"openssl-devel-0.9.8b-10.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openssl-perl-0.9.8b-10.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openssl-perl-0.9.8b-10.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openssl-perl-0.9.8b-10.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"openssl097a-0.9.7a-9.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"openssl097a-0.9.7a-9.el5_2.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"openssl097a-0.9.7a-9.el5_2.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl / openssl095a / openssl096 / etc\");\n }\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-17T14:00:43", "description": "SunOS 5.10_x86: openssl patch.\nDate this patch was last updated by Sun : Feb/24/09", "edition": 23, "published": "2018-03-12T00:00:00", "title": "Solaris 10 (x86) : 139501-02", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2018-03-12T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:138123", "p-cpe:/a:oracle:solaris:10:139501", "p-cpe:/a:oracle:solaris:10:138863", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_139501-02.NASL", "href": "https://www.tenable.com/plugins/nessus/108014", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108014);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n\n script_name(english:\"Solaris 10 (x86) : 139501-02\");\n script_summary(english:\"Check for patch 139501-02\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 139501-02\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: openssl patch.\nDate this patch was last updated by Sun : Feb/24/09\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://download.oracle.com/sunalerts/1020011.1.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 139501-02\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(20, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:138123\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:138863\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:139501\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139501-02\", obsoleted_by:\"141525-05 140119-06 142910-17 \", package:\"SUNWcry\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139501-02\", obsoleted_by:\"141525-05 140119-06 142910-17 \", package:\"SUNWopenssl-commands\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139501-02\", obsoleted_by:\"141525-05 140119-06 142910-17 \", package:\"SUNWopenssl-include\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"139501-02\", obsoleted_by:\"141525-05 140119-06 142910-17 \", package:\"SUNWopenssl-libraries\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWcry / SUNWopenssl-commands / SUNWopenssl-include / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-06T09:25:30", "description": "Updated ntp packages to correct a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Network Time Protocol (NTP) is used to synchronize a computer's\ntime with a referenced time source.\n\nA flaw was discovered in the way the ntpd daemon checked the return\nvalue of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4\nauthentication, this could lead to an incorrect verification of\ncryptographic signatures, allowing time-spoofing attacks.\n(CVE-2009-0021)\n\nNote: This issue only affects systems that have enabled NTP\nauthentication. By default, NTP authentication is not enabled.\n\nAll ntp users are advised to upgrade to the updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the ntpd daemon will restart automatically.", "edition": 28, "published": "2010-01-06T00:00:00", "title": "CentOS 4 / 5 : ntp (CESA-2009:0046)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ntp", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-0046.NASL", "href": "https://www.tenable.com/plugins/nessus/43728", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0046 and \n# CentOS Errata and Security Advisory 2009:0046 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43728);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_bugtraq_id(33150);\n script_xref(name:\"RHSA\", value:\"2009:0046\");\n\n script_name(english:\"CentOS 4 / 5 : ntp (CESA-2009:0046)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ntp packages to correct a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Network Time Protocol (NTP) is used to synchronize a computer's\ntime with a referenced time source.\n\nA flaw was discovered in the way the ntpd daemon checked the return\nvalue of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4\nauthentication, this could lead to an incorrect verification of\ncryptographic signatures, allowing time-spoofing attacks.\n(CVE-2009-0021)\n\nNote: This issue only affects systems that have enabled NTP\nauthentication. By default, NTP authentication is not enabled.\n\nAll ntp users are advised to upgrade to the updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the ntpd daemon will restart automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015754.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5d264402\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015755.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4be1d234\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015603.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6dcd8c7c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"ntp-4.2.0.a.20040617-8.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"ntp-4.2.2p1-9.el5.centos.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2018-09-01T23:49:59", "description": "SunOS 5.10: openssl patch.\nDate this patch was last updated by Sun : Apr/01/09", "edition": 5, "published": "2009-04-23T00:00:00", "title": "Solaris 10 (sparc) : 139500-04", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2018-08-13T00:00:00", "cpe": [], "id": "SOLARIS10_139500.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38118", "sourceData": "\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/09/17.\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(38118);\n script_version(\"1.12\");\n\n script_name(english: \"Solaris 10 (sparc) : 139500-04\");\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 139500-04\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10: openssl patch.\nDate this patch was last updated by Sun : Apr/01/09');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"https://getupdates.oracle.com/readme/139500-04\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_cwe_id(287);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2009/04/23\");\n script_cvs_date(\"Date: 2018/08/13 14:32:38\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 139500-04\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-01-17T12:44:20", "description": "From Red Hat Security Advisory 2009:0046 :\n\nUpdated ntp packages to correct a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Network Time Protocol (NTP) is used to synchronize a computer's\ntime with a referenced time source.\n\nA flaw was discovered in the way the ntpd daemon checked the return\nvalue of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4\nauthentication, this could lead to an incorrect verification of\ncryptographic signatures, allowing time-spoofing attacks.\n(CVE-2009-0021)\n\nNote: This issue only affects systems that have enabled NTP\nauthentication. By default, NTP authentication is not enabled.\n\nAll ntp users are advised to upgrade to the updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the ntpd daemon will restart automatically.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : ntp (ELSA-2009-0046)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0125", "CVE-2009-0021", "CVE-2009-0047", "CVE-2009-0124", "CVE-2009-0127", "CVE-2009-0128", "CVE-2008-5077", "CVE-2009-0130", "CVE-2009-0049", "CVE-2009-0046", "CVE-2009-0048"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:ntp", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0046.NASL", "href": "https://www.tenable.com/plugins/nessus/67793", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0046 and \n# Oracle Linux Security Advisory ELSA-2009-0046 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67793);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5077\", \"CVE-2009-0021\", \"CVE-2009-0046\", \"CVE-2009-0047\", \"CVE-2009-0048\", \"CVE-2009-0049\", \"CVE-2009-0124\", \"CVE-2009-0125\", \"CVE-2009-0127\", \"CVE-2009-0128\", \"CVE-2009-0130\");\n script_bugtraq_id(33150);\n script_xref(name:\"RHSA\", value:\"2009:0046\");\n\n script_name(english:\"Oracle Linux 4 / 5 : ntp (ELSA-2009-0046)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0046 :\n\nUpdated ntp packages to correct a security issue are now available for\nRed Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe Network Time Protocol (NTP) is used to synchronize a computer's\ntime with a referenced time source.\n\nA flaw was discovered in the way the ntpd daemon checked the return\nvalue of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4\nauthentication, this could lead to an incorrect verification of\ncryptographic signatures, allowing time-spoofing attacks.\n(CVE-2009-0021)\n\nNote: This issue only affects systems that have enabled NTP\nauthentication. By default, NTP authentication is not enabled.\n\nAll ntp users are advised to upgrade to the updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the ntpd daemon will restart automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000873.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000874.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"ntp-4.2.0.a.20040617-8.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"ntp-4.2.2p1-9.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}]}