Search...

Fedora Update for mono FEDORA-2010-10332

2010-07-16T00:00:00

ID OPENVAS:1361412562310862243
Type openvas
Reporter Copyright (c) 2010 Greenbone Networks GmbH
Modified 2018-01-23T00:00:00

Description

Check for the Version of mono

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for mono FEDORA-2010-10332
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_affected = "mono on Fedora 13";
tag_insight = "The Mono runtime implements a JIT engine for the ECMA CLI
  virtual machine (as well as a byte code interpreter, the
  class loader, the garbage collector, threading system and
  metadata access libraries.";
tag_solution = "Please Install the Updated Packages.";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044049.html");
  script_oid("1.3.6.1.4.1.25623.1.0.862243");
  script_version("$Revision: 8495 $");
  script_tag(name:"last_modification", value:"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $");
  script_tag(name:"creation_date", value:"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_xref(name: "FEDORA", value: "2010-10332");
  script_cve_id("CVE-2010-1459");
  script_name("Fedora Update for mono FEDORA-2010-10332");

  script_tag(name: "summary" , value: "Check for the Version of mono");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "FC13")
{

  if ((res = isrpmvuln(pkg:"mono", rpm:"mono~2.6.4~1.fc13", rls:"FC13")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310862243", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for mono FEDORA-2010-10332", "description": "Check for the Version of mono", "published": "2010-07-16T00:00:00", "modified": "2018-01-23T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862243", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044049.html", "2010-10332"], "cvelist": ["CVE-2010-1459"], "lastseen": "2018-01-23T13:05:52", "viewCount": 0, "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2018-01-23T13:05:52", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-1459"]}, {"type": "openvas", "idList": ["OPENVAS:862251", "OPENVAS:1361412562310862249", "OPENVAS:862249", "OPENVAS:1361412562310862251", "OPENVAS:1361412562310862245", "OPENVAS:862252", "OPENVAS:862244", "OPENVAS:1361412562310862246", "OPENVAS:862245", "OPENVAS:1361412562310862244"]}, {"type": "nessus", "idList": ["SUSE_11_0_BYTEFX-DATA-MYSQL-100422.NASL", "SUSE_11_BYTEFX-DATA-MYSQL-100422.NASL", "UBUNTU_USN-1517-1.NASL", "SUSE_11_2_BYTEFX-DATA-MYSQL-100426.NASL", "FEDORA_2010-10433.NASL", "SUSE_11_1_BYTEFX-DATA-MYSQL-100422.NASL", "FEDORA_2010-10332.NASL"]}], "modified": "2018-01-23T13:05:52", "rev": 2}, "vulnersScore": 5.7}, "pluginID": "1361412562310862243", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mono FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mono on Fedora 13\";\ntag_insight = \"The Mono runtime implements a JIT engine for the ECMA CLI\n virtual machine (as well as a byte code interpreter, the\n class loader, the garbage collector, threading system and\n metadata access libraries.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044049.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862243\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for mono FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mono\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"mono\", rpm:\"mono~2.6.4~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2020-10-03T11:57:24", "description": "The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.", "edition": 3, "cvss3": {}, "published": "2010-05-27T19:00:00", "title": "CVE-2010-1459", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1459"], "modified": "2010-09-09T05:41:00", "cpe": ["cpe:/a:mono:mono:1.1.1", "cpe:/a:mono:mono:1.1.9.1", "cpe:/a:mono:mono:1.9.1", "cpe:/a:mono:mono:1.1.13.8.1", "cpe:/a:mono:mono:1.1.9.2", "cpe:/a:mono:mono:1.0.6", "cpe:/a:mono:mono:1.1.2", "cpe:/a:mono:mono:1.1.16", "cpe:/a:mono:mono:1.0.1", "cpe:/a:mono:mono:1.2.3.1", "cpe:/a:mono:mono:1.1.8", "cpe:/a:mono:mono:1.1.3", "cpe:/a:mono:mono:2.4", "cpe:/a:mono:mono:1.2.4", "cpe:/a:mono:mono:1.1.13.2", "cpe:/a:mono:mono:1.1.13.6", "cpe:/a:mono:mono:1.1.13.4", "cpe:/a:mono:mono:2.0", "cpe:/a:mono:mono:1.2.5", "cpe:/a:mono:mono:1.1.16.1", "cpe:/a:mono:mono:2.4.2", "cpe:/a:mono:mono:1.2.3", "cpe:/a:mono:mono:1.1.13.5", "cpe:/a:mono:mono:1.1.17.2", "cpe:/a:mono:mono:1.0.2", "cpe:/a:mono:mono:1.2.6", "cpe:/a:mono:mono:1.1.17.1", "cpe:/a:mono:mono:1.2.2.1", "cpe:/a:mono:mono:1.1.10", "cpe:/a:mono:mono:2.2", "cpe:/a:mono:mono:1.1.14", "cpe:/a:mono:mono:1.1.13.7", "cpe:/a:mono:mono:1.2.5.1", "cpe:/a:mono:mono:1.1.13.8", "cpe:/a:mono:mono:1.0.5", "cpe:/a:mono:mono:1.1.17", "cpe:/a:mono:mono:1.0", "cpe:/a:mono:mono:1.1.10.1", "cpe:/a:mono:mono:1.1.18", "cpe:/a:mono:mono:2.0.1", "cpe:/a:mono:mono:1.1.15", "cpe:/a:mono:mono:1.1.4", "cpe:/a:mono:mono:1.2", "cpe:/a:mono:mono:1.9", "cpe:/a:mono:mono:1.2.1", "cpe:/a:mono:mono:2.4.3", "cpe:/a:mono:mono:2.4.2.3", "cpe:/a:mono:mono:1.1.7", "cpe:/a:mono:mono:1.1.8.3", "cpe:/a:mono:mono:1.1.11", "cpe:/a:mono:mono:1.1.6", "cpe:/a:mono:mono:2.4.2.1", "cpe:/a:mono:mono:1.2.2", "cpe:/a:mono:mono:1.1.13", "cpe:/a:mono:mono:2.4.2.2", "cpe:/a:mono:mono:1.1.12.1", "cpe:/a:mono:mono:1.2.5.2", "cpe:/a:mono:mono:1.1.9", "cpe:/a:mono:mono:1.0.4", "cpe:/a:mono:mono:1.1.8.1", "cpe:/a:mono:mono:1.1.5", "cpe:/a:mono:mono:1.1.12"], "id": "CVE-2010-1459", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1459", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-01-19T15:04:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of mono-tools", "modified": "2018-01-19T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:1361412562310862244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862244", "type": "openvas", "title": "Fedora Update for mono-tools FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mono-tools FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mono-tools on Fedora 13\";\ntag_insight = \"Monotools are a number of tools for mono such as allowing monodoc to be run\n independently of monodevelop\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044048.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862244\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for mono-tools FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mono-tools\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"mono-tools\", rpm:\"mono-tools~2.6.2~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-25T10:54:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of gnome-sharp", "modified": "2018-01-24T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:1361412562310862251", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862251", "type": "openvas", "title": "Fedora Update for gnome-sharp FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-sharp FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-sharp on Fedora 13\";\ntag_insight = \"This package provides a library that allows you to build\n fully native graphical GNOME applications using Mono. gnome-sharp\n extends gtk-sharp2 and adds bindings for gconf, libgnome, gnome-vfs,\n libart, gtkhtml, librsvg, and vte.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044047.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862251\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for gnome-sharp FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-sharp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-sharp\", rpm:\"gnome-sharp~2.24.1~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-17T11:05:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of gtksourceview-sharp", "modified": "2018-01-16T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:1361412562310862249", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862249", "type": "openvas", "title": "Fedora Update for gtksourceview-sharp FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gtksourceview-sharp FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gtksourceview-sharp on Fedora 13\";\ntag_insight = \"gtksourceview-sharp is a C sharp binder for gtksourceview\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044052.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862249\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for gtksourceview-sharp FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gtksourceview-sharp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gtksourceview-sharp\", rpm:\"gtksourceview-sharp~2.0.12~11.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-02T10:54:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of xsp", "modified": "2017-12-22T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:1361412562310862245", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862245", "type": "openvas", "title": "Fedora Update for xsp FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xsp FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xsp on Fedora 13\";\ntag_insight = \"XSP is a standalone web server written in C# that can be used to run ASP.NET\n applications as well as a set of pages, controls and web services that you can\n use to experience ASP.NET.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044057.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862245\");\n script_version(\"$Revision: 8228 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 08:29:52 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for xsp FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xsp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"xsp\", rpm:\"xsp~2.6.4~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-02T10:54:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of libgdiplus", "modified": "2017-12-22T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:862252", "href": "http://plugins.openvas.org/nasl.php?oid=862252", "type": "openvas", "title": "Fedora Update for libgdiplus FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libgdiplus FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libgdiplus on Fedora 13\";\ntag_insight = \"An Open Source implementation of the GDI+ API, it is part of the Mono\n Project\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044050.html\");\n script_id(862252);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for libgdiplus FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libgdiplus\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"libgdiplus\", rpm:\"libgdiplus~2.6.4~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-20T13:18:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of gtksourceview-sharp", "modified": "2017-12-19T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:862249", "href": "http://plugins.openvas.org/nasl.php?oid=862249", "type": "openvas", "title": "Fedora Update for gtksourceview-sharp FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gtksourceview-sharp FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gtksourceview-sharp on Fedora 13\";\ntag_insight = \"gtksourceview-sharp is a C sharp binder for gtksourceview\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044052.html\");\n script_id(862249);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for gtksourceview-sharp FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gtksourceview-sharp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gtksourceview-sharp\", rpm:\"gtksourceview-sharp~2.0.12~11.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-14T11:49:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of xsp", "modified": "2017-12-13T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:862245", "href": "http://plugins.openvas.org/nasl.php?oid=862245", "type": "openvas", "title": "Fedora Update for xsp FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xsp FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xsp on Fedora 13\";\ntag_insight = \"XSP is a standalone web server written in C# that can be used to run ASP.NET\n applications as well as a set of pages, controls and web services that you can\n use to experience ASP.NET.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044057.html\");\n script_id(862245);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for xsp FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xsp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"xsp\", rpm:\"xsp~2.6.4~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-15T11:58:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of mono", "modified": "2017-12-15T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:862246", "href": "http://plugins.openvas.org/nasl.php?oid=862246", "type": "openvas", "title": "Fedora Update for mono FEDORA-2010-10433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mono FEDORA-2010-10433\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mono on Fedora 12\";\ntag_insight = \"The Mono runtime implements a JIT engine for the ECMA CLI\n virtual machine (as well as a byte code interpreter, the\n class loader, the garbage collector, threading system and\n metadata access libraries.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044051.html\");\n script_id(862246);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10433\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for mono FEDORA-2010-10433\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mono\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"mono\", rpm:\"mono~2.4.3.1~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-02T10:54:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of gnome-sharp", "modified": "2017-12-25T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:862251", "href": "http://plugins.openvas.org/nasl.php?oid=862251", "type": "openvas", "title": "Fedora Update for gnome-sharp FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-sharp FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-sharp on Fedora 13\";\ntag_insight = \"This package provides a library that allows you to build\n fully native graphical GNOME applications using Mono. gnome-sharp\n extends gtk-sharp2 and adds bindings for gconf, libgnome, gnome-vfs,\n libart, gtkhtml, librsvg, and vte.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044047.html\");\n script_id(862251);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for gnome-sharp FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-sharp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-sharp\", rpm:\"gnome-sharp~2.24.1~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-21T11:32:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "description": "Check for the Version of mod_mono", "modified": "2017-12-21T00:00:00", "published": "2010-07-16T00:00:00", "id": "OPENVAS:862240", "href": "http://plugins.openvas.org/nasl.php?oid=862240", "type": "openvas", "title": "Fedora Update for mod_mono FEDORA-2010-10332", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mod_mono FEDORA-2010-10332\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mod_mono on Fedora 13\";\ntag_insight = \"mod_mono allows Apache to serve ASP.NET pages by proxying the requests\n to a slightly modified version of the XSP server, called mod-mono-server,\n that is installed along with XSP\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044055.html\");\n script_id(862240);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2010-10332\");\n script_cve_id(\"CVE-2010-1459\");\n script_name(\"Fedora Update for mod_mono FEDORA-2010-10332\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mod_mono\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_mono\", rpm:\"mod_mono~2.6.3~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2021-01-12T10:07:44", "description": " - update the mono stack to release 2.6.4\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-07-14T00:00:00", "title": "Fedora 13 : gnome-sharp-2.24.1-1.fc13 / gtksourceview-sharp-2.0.12-11.fc13 / libgdiplus-2.6.4-1.fc13 / etc (2010-10332)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "modified": "2010-07-14T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnome-sharp", "p-cpe:/a:fedoraproject:fedora:mono", "p-cpe:/a:fedoraproject:fedora:mono-basic", "cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:mono-tools", "p-cpe:/a:fedoraproject:fedora:xsp", "p-cpe:/a:fedoraproject:fedora:gtksourceview-sharp", "p-cpe:/a:fedoraproject:fedora:libgdiplus", "p-cpe:/a:fedoraproject:fedora:mod_mono"], "id": "FEDORA_2010-10332.NASL", "href": "https://www.tenable.com/plugins/nessus/47719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10332.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47719);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1459\");\n script_bugtraq_id(40351);\n script_xref(name:\"FEDORA\", value:\"2010-10332\");\n\n script_name(english:\"Fedora 13 : gnome-sharp-2.24.1-1.fc13 / gtksourceview-sharp-2.0.12-11.fc13 / libgdiplus-2.6.4-1.fc13 / etc (2010-10332)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - update the mono stack to release 2.6.4\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598155\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044047.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55461ebe\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044048.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?15b75f01\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044049.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3ec80b03\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044050.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e856b116\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044052.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b52c25ed\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044054.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1750e472\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044055.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ff9dfa1\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044057.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bc5ac0da\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-sharp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gtksourceview-sharp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libgdiplus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mod_mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-basic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xsp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"gnome-sharp-2.24.1-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"gtksourceview-sharp-2.0.12-11.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"libgdiplus-2.6.4-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"mod_mono-2.6.3-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"mono-2.6.4-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"mono-basic-2.6.2-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"mono-tools-2.6.2-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"xsp-2.6.4-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnome-sharp / gtksourceview-sharp / libgdiplus / mod_mono / mono / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:07:46", "description": " - Thu Jun 24 2010 Christian Krause <chkr at\n fedoraproject.org> - 2.4.3.1-2\n\n - Add upstream patch for CVE-2010-1459:\n http://anonsvn.mono-project.com/viewvc?view=revision&r\n evision=156450\n\n - Wed Jan 13 2010 Christian Krause <chkr at\n fedoraproject.org> - 2.4.3.1-1\n\n - Update to 2.4.3.1\n\n - Wed Dec 23 2009 Christian Krause <chkr at\n fedoraproject.org> - 2.4.3-1\n\n - Update to 2.4.3\n\n - Drop mono-242-metadata-appconf.patch (fixed upstream)\n\n - package mono.snk for packages without bundled keys to\n use\n\n - put mono.snk in /etc/pki/mono/\n\n - package /etc/pki/mono/* in mono-devel\n\n - change %gac_dll macro to be more specific about the\n files to package (necessary to correctly select all\n files for the moonlight subpackage without any\n dangling symlinks)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2010-07-14T00:00:00", "title": "Fedora 12 : mono-2.4.3.1-2.fc12 (2010-10433)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "modified": "2010-07-14T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mono", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-10433.NASL", "href": "https://www.tenable.com/plugins/nessus/47720", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-10433.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47720);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1459\");\n script_bugtraq_id(40351);\n script_xref(name:\"FEDORA\", value:\"2010-10433\");\n\n script_name(english:\"Fedora 12 : mono-2.4.3.1-2.fc12 (2010-10433)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Jun 24 2010 Christian Krause <chkr at\n fedoraproject.org> - 2.4.3.1-2\n\n - Add upstream patch for CVE-2010-1459:\n http://anonsvn.mono-project.com/viewvc?view=revision&r\n evision=156450\n\n - Wed Jan 13 2010 Christian Krause <chkr at\n fedoraproject.org> - 2.4.3.1-1\n\n - Update to 2.4.3.1\n\n - Wed Dec 23 2009 Christian Krause <chkr at\n fedoraproject.org> - 2.4.3-1\n\n - Update to 2.4.3\n\n - Drop mono-242-metadata-appconf.patch (fixed upstream)\n\n - package mono.snk for packages without bundled keys to\n use\n\n - put mono.snk in /etc/pki/mono/\n\n - package /etc/pki/mono/* in mono-devel\n\n - change %gac_dll macro to be more specific about the\n files to package (necessary to correctly select all\n files for the moonlight subpackage without any\n dangling symlinks)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://anonsvn.mono-project.com/viewvc?view=revision&revision=156450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598155\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044051.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2dc66b36\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected mono package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"mono-2.4.3.1-2.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mono\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:05:38", "description": "Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site-scripting (XSS) attacks.", "edition": 25, "published": "2010-07-01T00:00:00", "title": "openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "modified": "2010-07-01T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mono-data-oracle", "p-cpe:/a:novell:opensuse:mono-data-sqlite", "p-cpe:/a:novell:opensuse:mono-nunit", "p-cpe:/a:novell:opensuse:mono-data-sybase", "p-cpe:/a:novell:opensuse:mono-web", "p-cpe:/a:novell:opensuse:mono-jscript", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:mono-complete", "p-cpe:/a:novell:opensuse:mono-data-firebird", "p-cpe:/a:novell:opensuse:mono-data-postgresql", "p-cpe:/a:novell:opensuse:ibm-data-db2", "p-cpe:/a:novell:opensuse:mono-core", "p-cpe:/a:novell:opensuse:mono-wcf", "p-cpe:/a:novell:opensuse:mono-data", "p-cpe:/a:novell:opensuse:mono-locale-extras", "p-cpe:/a:novell:opensuse:mono-extras", "p-cpe:/a:novell:opensuse:bytefx-data-mysql", "p-cpe:/a:novell:opensuse:monodoc-core", "p-cpe:/a:novell:opensuse:mono-winforms", "p-cpe:/a:novell:opensuse:mono-devel"], "id": "SUSE_11_2_BYTEFX-DATA-MYSQL-100426.NASL", "href": "https://www.tenable.com/plugins/nessus/47573", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bytefx-data-mysql-2384.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47573);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1459\");\n\n script_name(english:\"openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)\");\n script_summary(english:\"Check for the bytefx-data-mysql-2384 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site-scripting (XSS) attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=592428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-06/msg00010.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bytefx-data-mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bytefx-data-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ibm-data-db2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-complete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-jscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-locale-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-nunit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-wcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-winforms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:monodoc-core\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"bytefx-data-mysql-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"ibm-data-db2-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-complete-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-core-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-data-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-data-firebird-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-data-oracle-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-data-postgresql-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-data-sqlite-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-data-sybase-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-devel-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-extras-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-jscript-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-locale-extras-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-nunit-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-wcf-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-web-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"mono-winforms-2.4.2.3-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"monodoc-core-2.4.2.3-2.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bytefx-data-mysql / ibm-data-db2 / mono-complete / mono-core / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:03:03", "description": "Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site-scripting (XSS) attacks.", "edition": 25, "published": "2010-07-01T00:00:00", "title": "openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "modified": "2010-07-01T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:mono-data-oracle", "p-cpe:/a:novell:opensuse:mono-data-sqlite", "p-cpe:/a:novell:opensuse:mono-nunit", "p-cpe:/a:novell:opensuse:mono-data-sybase", "p-cpe:/a:novell:opensuse:mono-core-32bit", "p-cpe:/a:novell:opensuse:mono-web", "p-cpe:/a:novell:opensuse:mono-jscript", "p-cpe:/a:novell:opensuse:mono-complete", "p-cpe:/a:novell:opensuse:mono-data-firebird", "p-cpe:/a:novell:opensuse:mono-data-postgresql", "p-cpe:/a:novell:opensuse:ibm-data-db2", "p-cpe:/a:novell:opensuse:mono-core", "p-cpe:/a:novell:opensuse:mono-data", "p-cpe:/a:novell:opensuse:mono-locale-extras", "p-cpe:/a:novell:opensuse:mono-extras", "p-cpe:/a:novell:opensuse:bytefx-data-mysql", "p-cpe:/a:novell:opensuse:monodoc-core", "p-cpe:/a:novell:opensuse:mono-winforms", "p-cpe:/a:novell:opensuse:mono-devel"], "id": "SUSE_11_0_BYTEFX-DATA-MYSQL-100422.NASL", "href": "https://www.tenable.com/plugins/nessus/47569", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bytefx-data-mysql-2384.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47569);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1459\");\n\n script_name(english:\"openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)\");\n script_summary(english:\"Check for the bytefx-data-mysql-2384 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site-scripting (XSS) attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=592428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-06/msg00010.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bytefx-data-mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bytefx-data-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ibm-data-db2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-complete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-core-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-jscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-locale-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-nunit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-winforms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:monodoc-core\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"bytefx-data-mysql-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ibm-data-db2-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-complete-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-core-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-data-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-data-firebird-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-data-oracle-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-data-postgresql-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-data-sqlite-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-data-sybase-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-devel-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-extras-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-jscript-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-locale-extras-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-nunit-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-web-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mono-winforms-1.9.1-6.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"monodoc-core-1.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"mono-core-32bit-1.9.1-6.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bytefx-data-mysql / ibm-data-db2 / mono-complete / mono-core / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:09:59", "description": "Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site scripting (XSS) attacks.", "edition": 24, "published": "2010-12-02T00:00:00", "title": "SuSE 11 / 11.1 Security Update : mono-core / Mono (SAT Patch Numbers 2326 / 2474)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "modified": "2010-12-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:mono-data-sybase", "p-cpe:/a:novell:suse_linux:11:mono-winforms", "p-cpe:/a:novell:suse_linux:11:mono-jscript", "p-cpe:/a:novell:suse_linux:11:mono-locale-extras", "p-cpe:/a:novell:suse_linux:11:mono-data-postgresql", "p-cpe:/a:novell:suse_linux:11:mono-data-sqlite", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:ibm-data-db2", "p-cpe:/a:novell:suse_linux:11:mono-data", "p-cpe:/a:novell:suse_linux:11:mono-extras", "p-cpe:/a:novell:suse_linux:11:bytefx-data-mysql", "p-cpe:/a:novell:suse_linux:11:mono-web", "p-cpe:/a:novell:suse_linux:11:mono-core", "p-cpe:/a:novell:suse_linux:11:mono-data-firebird", "p-cpe:/a:novell:suse_linux:11:mono-devel", "p-cpe:/a:novell:suse_linux:11:mono-nunit", "p-cpe:/a:novell:suse_linux:11:mono-data-oracle"], "id": "SUSE_11_BYTEFX-DATA-MYSQL-100422.NASL", "href": "https://www.tenable.com/plugins/nessus/50892", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50892);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1459\");\n\n script_name(english:\"SuSE 11 / 11.1 Security Update : mono-core / Mono (SAT Patch Numbers 2326 / 2474)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site scripting (XSS) attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=592428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1459.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 2326 / 2474 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:bytefx-data-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ibm-data-db2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-data-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-data-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-data-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-data-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-jscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-locale-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-nunit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mono-winforms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"bytefx-data-mysql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ibm-data-db2-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-core-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-data-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-data-firebird-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-data-oracle-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-data-postgresql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-data-sqlite-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-data-sybase-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-devel-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-jscript-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-locale-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-nunit-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-web-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mono-winforms-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"bytefx-data-mysql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ibm-data-db2-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-core-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-data-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-data-firebird-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-data-oracle-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-data-postgresql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-data-sqlite-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-data-sybase-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-devel-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-jscript-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-locale-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-nunit-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-web-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mono-winforms-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"bytefx-data-mysql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"ibm-data-db2-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-core-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-data-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-data-firebird-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-data-oracle-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-data-postgresql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-data-sqlite-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-data-sybase-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-devel-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-jscript-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-locale-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-nunit-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-web-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mono-winforms-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"bytefx-data-mysql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"ibm-data-db2-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-core-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-data-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-data-firebird-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-data-oracle-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-data-postgresql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-data-sqlite-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-data-sybase-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-devel-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-jscript-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-locale-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-nunit-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-web-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mono-winforms-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-core-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-data-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-data-postgresql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-data-sqlite-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-locale-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-nunit-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-web-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mono-winforms-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-core-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-data-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-data-postgresql-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-data-sqlite-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-locale-extras-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-nunit-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-web-2.0.1-1.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"mono-winforms-2.0.1-1.26.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:04:14", "description": "Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site-scripting (XSS) attacks.", "edition": 25, "published": "2010-07-01T00:00:00", "title": "openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1459"], "modified": "2010-07-01T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mono-data-oracle", "p-cpe:/a:novell:opensuse:mono-data-sqlite", "p-cpe:/a:novell:opensuse:mono-nunit", "p-cpe:/a:novell:opensuse:mono-data-sybase", "p-cpe:/a:novell:opensuse:mono-core-32bit", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:mono-web", "p-cpe:/a:novell:opensuse:mono-jscript", "p-cpe:/a:novell:opensuse:mono-complete", "p-cpe:/a:novell:opensuse:mono-data-firebird", "p-cpe:/a:novell:opensuse:mono-data-postgresql", "p-cpe:/a:novell:opensuse:ibm-data-db2", "p-cpe:/a:novell:opensuse:mono-core", "p-cpe:/a:novell:opensuse:mono-data", "p-cpe:/a:novell:opensuse:mono-locale-extras", "p-cpe:/a:novell:opensuse:mono-extras", "p-cpe:/a:novell:opensuse:bytefx-data-mysql", "p-cpe:/a:novell:opensuse:monodoc-core", "p-cpe:/a:novell:opensuse:mono-winforms", "p-cpe:/a:novell:opensuse:mono-devel"], "id": "SUSE_11_1_BYTEFX-DATA-MYSQL-100422.NASL", "href": "https://www.tenable.com/plugins/nessus/47571", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update bytefx-data-mysql-2384.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47571);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1459\");\n\n script_name(english:\"openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)\");\n script_summary(english:\"Check for the bytefx-data-mysql-2384 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mono's ASP.NET implementation did not set the 'EnableViewStateMac'\nproperty by default. Attackers could exploit that to conduct\ncross-site-scripting (XSS) attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=592428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-06/msg00010.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bytefx-data-mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bytefx-data-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ibm-data-db2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-complete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-core-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-data-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-jscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-locale-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-nunit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mono-winforms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:monodoc-core\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"bytefx-data-mysql-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ibm-data-db2-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-complete-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-core-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-data-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-data-firebird-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-data-oracle-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-data-postgresql-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-data-sqlite-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-data-sybase-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-devel-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-extras-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-jscript-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-locale-extras-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-nunit-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-web-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mono-winforms-2.0.1-1.23.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"monodoc-core-2.0-1.42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"mono-core-32bit-2.0.1-1.23.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bytefx-data-mysql / ibm-data-db2 / mono-complete / mono-core / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T06:38:05", "description": "It was discovered that the Mono System.Web library incorrectly\nfiltered certain error messages related to forbidden files. If a user\nwere tricked into opening a specially crafted URL, an attacker could\npossibly exploit this to conduct cross-site scripting (XSS) attacks.\n(CVE-2012-3382)\n\nIt was discovered that the Mono System.Web library incorrectly handled\nthe EnableViewStateMac property. If a user were tricked into opening a\nspecially crafted URL, an attacker could possibly exploit this to\nconduct cross-site scripting (XSS) attacks. This issue only affected\nUbuntu 10.04 LTS. (CVE-2010-4159).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2012-07-26T00:00:00", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : mono vulnerabilities (USN-1517-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4159", "CVE-2012-3382", "CVE-2010-1459"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libmono-system-web2.0-cil", "cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-web4.0-cil", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-web1.0-cil", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1517-1.NASL", "href": "https://www.tenable.com/plugins/nessus/60126", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1517-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60126);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2010-1459\", \"CVE-2010-4159\", \"CVE-2012-3382\");\n script_bugtraq_id(40351, 54344);\n script_xref(name:\"USN\", value:\"1517-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : mono vulnerabilities (USN-1517-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Mono System.Web library incorrectly\nfiltered certain error messages related to forbidden files. If a user\nwere tricked into opening a specially crafted URL, an attacker could\npossibly exploit this to conduct cross-site scripting (XSS) attacks.\n(CVE-2012-3382)\n\nIt was discovered that the Mono System.Web library incorrectly handled\nthe EnableViewStateMac property. If a user were tricked into opening a\nspecially crafted URL, an attacker could possibly exploit this to\nconduct cross-site scripting (XSS) attacks. This issue only affected\nUbuntu 10.04 LTS. (CVE-2010-4159).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1517-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libmono-system-web1.0-cil,\nlibmono-system-web2.0-cil and / or libmono-system-web4.0-cil packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-web1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-web2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-web4.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmono-system-web1.0-cil\", pkgver:\"2.4.4~svn151842-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmono-system-web2.0-cil\", pkgver:\"2.4.4~svn151842-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libmono-system-web1.0-cil\", pkgver:\"2.6.7-5ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libmono-system-web2.0-cil\", pkgver:\"2.6.7-5ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libmono-system-web2.0-cil\", pkgver:\"2.10.5-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libmono-system-web4.0-cil\", pkgver:\"2.10.5-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmono-system-web2.0-cil\", pkgver:\"2.10.8.1-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmono-system-web4.0-cil\", pkgver:\"2.10.8.1-1ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmono-system-web1.0-cil / libmono-system-web2.0-cil / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": "gtksourceview-sharp is a C sharp binder for gtksourceview ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:AFA99110D7A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: gtksourceview-sharp-2.0.12-11.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": "An Open Source implementation of the GDI+ API, it is part of the Mono Project ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:C9E211113EA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: libgdiplus-2.6.4-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": "The Mono runtime implements a JIT engine for the ECMA CLI virtual machine (as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries. ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:C36261113E7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: mono-2.6.4-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": "The Mono runtime implements a JIT engine for the ECMA CLI virtual machine (as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries. ", "modified": "2010-07-13T07:47:59", "published": "2010-07-13T07:47:59", "id": "FEDORA:069B3110D7A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: mono-2.4.3.1-2.fc12", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": "This package provides a library that allows you to build fully native graphical GNOME applications using Mono. gnome-sharp extends gtk-sharp2 and adds bindings for gconf, libgnome, gnome-vfs, libart, gtkhtml, librsvg, and vte. ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:AB840110BF6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: gnome-sharp-2.24.1-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": "This package contains the Visual Basic .NET compiler and language runtime. This allows you to compile and run VB.NET application and assemblies. ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:C706C1113E8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: mono-basic-2.6.2-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": "Monotools are a number of tools for mono such as allowing monodoc to be run independantly of monodevelop ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:B2969110F39", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: mono-tools-2.6.2-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": " mod_mono allows Apache to serve ASP.NET pages by proxying the requests to a slightly modified version of the XSP server, called mod-mono-server, that is installed along with XSP ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:B5A031113E4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: mod_mono-2.6.3-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1459"], "description": " XSP is a standalone web server written in C# that can be used to run ASP.NET applications as well as a set of pages, controls and web services that you can use to experience ASP.NET. ", "modified": "2010-07-13T07:47:49", "published": "2010-07-13T07:47:49", "id": "FEDORA:BD7FD1113E5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: xsp-2.6.4-1.fc13", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}