Search...

Mandrake Security Advisory MDVSA-2009:225 (qt4)

2009-09-15T00:00:00

ID OPENVAS:64836
Type openvas
Reporter Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
Modified 2017-07-06T00:00:00

Description

The remote host is missing an update to qt4 announced via advisory MDVSA-2009:225.

                                        
                                            # OpenVAS Vulnerability Test
# $Id: mdksa_2009_225.nasl 6573 2017-07-06 13:10:50Z cfischer $
# Description: Auto-generated from advisory MDVSA-2009:225 (qt4)
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "A vulnerability has been found and corrected in qt4:

src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x
does not properly handle a '\0' character in a domain name in the
Subject Alternative Name field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a
crafted certificate issued by a legitimate Certification Authority,
a related issue to CVE-2009-2408 (CVE-2009-2700).

This update provides a solution to this vulnerability.

Affected: 2009.0, 2009.1, Enterprise Server 5.0";
tag_solution = "To upgrade automatically use MandrakeUpdate or urpmi.  The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:225";
tag_summary = "The remote host is missing an update to qt4
announced via advisory MDVSA-2009:225.";

                                                                                

if(description)
{
 script_id(64836);
 script_version("$Revision: 6573 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $");
 script_tag(name:"creation_date", value:"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)");
 script_cve_id("CVE-2009-2408", "CVE-2009-2700");
 script_tag(name:"cvss_base", value:"6.8");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
 script_name("Mandrake Security Advisory MDVSA-2009:225 (qt4)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
 script_family("Mandrake Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/rpms");
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-rpm.inc");

res = "";
report = "";
if ((res = isrpmvuln(pkg:"libqassistant4", rpm:"libqassistant4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqt3support4", rpm:"libqt3support4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqt4-devel", rpm:"libqt4-devel~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtclucene4", rpm:"libqtclucene4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtcore4", rpm:"libqtcore4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtdbus4", rpm:"libqtdbus4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtdesigner4", rpm:"libqtdesigner4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtgui4", rpm:"libqtgui4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqthelp4", rpm:"libqthelp4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtnetwork4", rpm:"libqtnetwork4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtopengl4", rpm:"libqtopengl4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtscript4", rpm:"libqtscript4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtscripttools4", rpm:"libqtscripttools4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtsql4", rpm:"libqtsql4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtsvg4", rpm:"libqtsvg4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqttest4", rpm:"libqttest4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtwebkit4", rpm:"libqtwebkit4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtxml4", rpm:"libqtxml4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtxmlpatterns4", rpm:"libqtxmlpatterns4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-accessibility-plugin", rpm:"qt4-accessibility-plugin~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-assistant", rpm:"qt4-assistant~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-common", rpm:"qt4-common~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-mysql", rpm:"qt4-database-plugin-mysql~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-odbc", rpm:"qt4-database-plugin-odbc~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-pgsql", rpm:"qt4-database-plugin-pgsql~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-sqlite", rpm:"qt4-database-plugin-sqlite~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-tds", rpm:"qt4-database-plugin-tds~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-designer", rpm:"qt4-designer~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-doc", rpm:"qt4-doc~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-examples", rpm:"qt4-examples~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-graphicssystems-plugin", rpm:"qt4-graphicssystems-plugin~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-linguist", rpm:"qt4-linguist~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qdoc3", rpm:"qt4-qdoc3~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qtconfig", rpm:"qt4-qtconfig~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qtdbus", rpm:"qt4-qtdbus~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qvfb", rpm:"qt4-qvfb~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-xmlpatterns", rpm:"qt4-xmlpatterns~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qassistant4", rpm:"lib64qassistant4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qt3support4", rpm:"lib64qt3support4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qt4-devel", rpm:"lib64qt4-devel~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtclucene4", rpm:"lib64qtclucene4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtcore4", rpm:"lib64qtcore4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtdbus4", rpm:"lib64qtdbus4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtdesigner4", rpm:"lib64qtdesigner4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtgui4", rpm:"lib64qtgui4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qthelp4", rpm:"lib64qthelp4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtnetwork4", rpm:"lib64qtnetwork4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtopengl4", rpm:"lib64qtopengl4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtscript4", rpm:"lib64qtscript4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtscripttools4", rpm:"lib64qtscripttools4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtsql4", rpm:"lib64qtsql4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtsvg4", rpm:"lib64qtsvg4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qttest4", rpm:"lib64qttest4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtwebkit4", rpm:"lib64qtwebkit4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtxml4", rpm:"lib64qtxml4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtxmlpatterns4", rpm:"lib64qtxmlpatterns4~4.5.2~1.6mdv2009.0", rls:"MNDK_2009.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqassistant4", rpm:"libqassistant4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqt3support4", rpm:"libqt3support4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqt4-devel", rpm:"libqt4-devel~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtclucene4", rpm:"libqtclucene4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtcore4", rpm:"libqtcore4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtdbus4", rpm:"libqtdbus4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtdesigner4", rpm:"libqtdesigner4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtgui4", rpm:"libqtgui4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqthelp4", rpm:"libqthelp4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtnetwork4", rpm:"libqtnetwork4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtopengl4", rpm:"libqtopengl4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtscript4", rpm:"libqtscript4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtscripttools4", rpm:"libqtscripttools4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtsql4", rpm:"libqtsql4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtsvg4", rpm:"libqtsvg4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqttest4", rpm:"libqttest4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtwebkit4", rpm:"libqtwebkit4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtxml4", rpm:"libqtxml4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtxmlpatterns4", rpm:"libqtxmlpatterns4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-accessibility-plugin", rpm:"qt4-accessibility-plugin~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-assistant", rpm:"qt4-assistant~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-common", rpm:"qt4-common~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-mysql", rpm:"qt4-database-plugin-mysql~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-odbc", rpm:"qt4-database-plugin-odbc~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-pgsql", rpm:"qt4-database-plugin-pgsql~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-sqlite", rpm:"qt4-database-plugin-sqlite~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-tds", rpm:"qt4-database-plugin-tds~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-designer", rpm:"qt4-designer~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-doc", rpm:"qt4-doc~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-examples", rpm:"qt4-examples~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-graphicssystems-plugin", rpm:"qt4-graphicssystems-plugin~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-linguist", rpm:"qt4-linguist~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qdoc3", rpm:"qt4-qdoc3~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qtconfig", rpm:"qt4-qtconfig~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qtdbus", rpm:"qt4-qtdbus~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qvfb", rpm:"qt4-qvfb~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-xmlpatterns", rpm:"qt4-xmlpatterns~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qassistant4", rpm:"lib64qassistant4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qt3support4", rpm:"lib64qt3support4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qt4-devel", rpm:"lib64qt4-devel~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtclucene4", rpm:"lib64qtclucene4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtcore4", rpm:"lib64qtcore4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtdbus4", rpm:"lib64qtdbus4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtdesigner4", rpm:"lib64qtdesigner4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtgui4", rpm:"lib64qtgui4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qthelp4", rpm:"lib64qthelp4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtnetwork4", rpm:"lib64qtnetwork4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtopengl4", rpm:"lib64qtopengl4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtscript4", rpm:"lib64qtscript4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtscripttools4", rpm:"lib64qtscripttools4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtsql4", rpm:"lib64qtsql4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtsvg4", rpm:"lib64qtsvg4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qttest4", rpm:"lib64qttest4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtwebkit4", rpm:"lib64qtwebkit4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtxml4", rpm:"lib64qtxml4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtxmlpatterns4", rpm:"lib64qtxmlpatterns4~4.5.2~1.4mdv2009.1", rls:"MNDK_2009.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqassistant4", rpm:"libqassistant4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqt3support4", rpm:"libqt3support4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqt4-devel", rpm:"libqt4-devel~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtclucene4", rpm:"libqtclucene4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtcore4", rpm:"libqtcore4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtdbus4", rpm:"libqtdbus4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtdesigner4", rpm:"libqtdesigner4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtgui4", rpm:"libqtgui4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqthelp4", rpm:"libqthelp4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtnetwork4", rpm:"libqtnetwork4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtopengl4", rpm:"libqtopengl4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtscript4", rpm:"libqtscript4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtsql4", rpm:"libqtsql4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtsvg4", rpm:"libqtsvg4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqttest4", rpm:"libqttest4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtwebkit4", rpm:"libqtwebkit4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtxml4", rpm:"libqtxml4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"libqtxmlpatterns4", rpm:"libqtxmlpatterns4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-accessibility-plugin-lib", rpm:"qt4-accessibility-plugin-lib~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-assistant", rpm:"qt4-assistant~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-common", rpm:"qt4-common~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-mysql-lib", rpm:"qt4-database-plugin-mysql-lib~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-odbc-lib", rpm:"qt4-database-plugin-odbc-lib~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-pgsql-lib", rpm:"qt4-database-plugin-pgsql-lib~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-sqlite-lib", rpm:"qt4-database-plugin-sqlite-lib~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-designer", rpm:"qt4-designer~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-doc", rpm:"qt4-doc~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-examples", rpm:"qt4-examples~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-linguist", rpm:"qt4-linguist~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qtconfig", rpm:"qt4-qtconfig~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qtdbus", rpm:"qt4-qtdbus~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-qvfb", rpm:"qt4-qvfb~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-xmlpatterns", rpm:"qt4-xmlpatterns~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qassistant4", rpm:"lib64qassistant4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qt3support4", rpm:"lib64qt3support4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qt4-devel", rpm:"lib64qt4-devel~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtclucene4", rpm:"lib64qtclucene4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtcore4", rpm:"lib64qtcore4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtdbus4", rpm:"lib64qtdbus4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtdesigner4", rpm:"lib64qtdesigner4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtgui4", rpm:"lib64qtgui4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qthelp4", rpm:"lib64qthelp4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtnetwork4", rpm:"lib64qtnetwork4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtopengl4", rpm:"lib64qtopengl4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtscript4", rpm:"lib64qtscript4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtsql4", rpm:"lib64qtsql4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtsvg4", rpm:"lib64qtsvg4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qttest4", rpm:"lib64qttest4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtwebkit4", rpm:"lib64qtwebkit4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtxml4", rpm:"lib64qtxml4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"lib64qtxmlpatterns4", rpm:"lib64qtxmlpatterns4~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-accessibility-plugin-lib64", rpm:"qt4-accessibility-plugin-lib64~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-mysql-lib64", rpm:"qt4-database-plugin-mysql-lib64~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-odbc-lib64", rpm:"qt4-database-plugin-odbc-lib64~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-pgsql-lib64", rpm:"qt4-database-plugin-pgsql-lib64~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"qt4-database-plugin-sqlite-lib64", rpm:"qt4-database-plugin-sqlite-lib64~4.4.3~1.1mdvmes5", rls:"MNDK_mes5")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:64836", "type": "openvas", "bulletinFamily": "scanner", "title": "Mandrake Security Advisory MDVSA-2009:225 (qt4)", "description": "The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.", "published": "2009-09-15T00:00:00", "modified": "2017-07-06T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64836", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-2700", "CVE-2009-2408"], "lastseen": "2017-07-24T12:56:27", "viewCount": 0, "enchantments": {"score": {"value": 7.7, "vector": "NONE", "modified": "2017-07-24T12:56:27", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-2700", "CVE-2009-2408"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2009-225.NASL", "UBUNTU_USN-829-1.NASL", "FEDORA_2009-9232.NASL", "SUSE_11_LIBQT4-091106.NASL", "FEDORA_2009-9231.NASL", "SUSE_11_0_LIBLDAP-2_4-2-090909.NASL", "SUSE_11_1_LIBQT4-091106.NASL", "SUSE_DBUS-1-QT-6644.NASL", "SUSE_DBUS-1-QT-6645.NASL", "SUSE_11_0_LIBQT4-091106.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23050", "SECURITYVULNS:DOC:22253", "SECURITYVULNS:DOC:29719", "SECURITYVULNS:DOC:22430", "SECURITYVULNS:VULN:10216"]}, {"type": "openvas", "idList": ["OPENVAS:66281", "OPENVAS:65720", "OPENVAS:136141256231066281", "OPENVAS:136141256231065858", "OPENVAS:136141256231065721", "OPENVAS:136141256231066284", "OPENVAS:65858", "OPENVAS:136141256231064836", "OPENVAS:66284", "OPENVAS:64890"]}, {"type": "ubuntu", "idList": ["USN-829-1"]}, {"type": "exploitdb", "idList": ["EDB-ID:33128"]}, {"type": "seebug", "idList": ["SSV:96525", "SSV:11950"]}, {"type": "threatpost", "idList": ["THREATPOST:E8934170DFDD56E0C8B8F5EA86038B74"]}, {"type": "debian", "idList": ["DEBIAN:56C805B941600C7D24189CA65B1A3471:E7DF7"]}], "modified": "2017-07-24T12:56:27", "rev": 2}, "vulnersScore": 7.7}, "pluginID": "64836", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_225.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:225 (qt4)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in qt4:\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x\ndoes not properly handle a '\\0' character in a domain name in the\nSubject Alternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority,\na related issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.\n\nAffected: 2009.0, 2009.1, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:225\";\ntag_summary = \"The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.\";\n\n \n\nif(description)\n{\n script_id(64836);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:225 (qt4)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib\", rpm:\"qt4-accessibility-plugin-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib\", rpm:\"qt4-database-plugin-mysql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib\", rpm:\"qt4-database-plugin-odbc-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib\", rpm:\"qt4-database-plugin-pgsql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib\", rpm:\"qt4-database-plugin-sqlite-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib64\", rpm:\"qt4-accessibility-plugin-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib64\", rpm:\"qt4-database-plugin-mysql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib64\", rpm:\"qt4-database-plugin-odbc-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib64\", rpm:\"qt4-database-plugin-pgsql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib64\", rpm:\"qt4-database-plugin-sqlite-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Mandrake Local Security Checks", "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:40:04", "description": "src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", "edition": 4, "cvss3": {}, "published": "2009-09-02T17:30:00", "title": "CVE-2009-2700", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2700"], "modified": "2013-02-07T05:00:00", "cpe": ["cpe:/a:digia:qt:4.2.3", "cpe:/a:digia:qt:4.8.3", "cpe:/a:digia:qt:4.7.4", "cpe:/a:digia:qt:4.0.1", "cpe:/a:digia:qt:4.4.3", "cpe:/a:digia:qt:4.8.0", "cpe:/a:digia:qt:4.3.1", "cpe:/a:digia:qt:4.5.2", "cpe:/a:digia:qt:4.6.3", "cpe:/a:digia:qt:4.3.5", "cpe:/a:digia:qt:4.3.0", "cpe:/a:digia:qt:4.3.2", "cpe:/a:digia:qt:4.1.4", "cpe:/a:digia:qt:4.8.1", "cpe:/a:digia:qt:4.2.0", "cpe:/a:digia:qt:4.8.4", "cpe:/a:digia:qt:4.3.3", "cpe:/a:digia:qt:4.5.0", "cpe:/a:digia:qt:4.2.1", "cpe:/a:digia:qt:4.6.4", "cpe:/a:digia:qt:4.7.1", "cpe:/a:digia:qt:4.6.0", "cpe:/a:digia:qt:4.5.1", "cpe:/a:digia:qt:4.1.5", "cpe:/a:digia:qt:4.5.3", "cpe:/a:digia:qt:4.1.2", "cpe:/a:digia:qt:4.7.5", "cpe:/a:digia:qt:4.4.2", "cpe:/a:digia:qt:4.1.0", "cpe:/a:digia:qt:4.3.4", "cpe:/a:digia:qt:4.4.1", "cpe:/a:digia:qt:4.1.3", "cpe:/a:digia:qt:4.7.3", "cpe:/a:digia:qt:4.6.1", "cpe:/a:digia:qt:4.1.1", "cpe:/a:digia:qt:4.0.0", "cpe:/a:digia:qt:4.6.2", "cpe:/a:digia:qt:4.7.0", "cpe:/a:digia:qt:4.8.2", "cpe:/a:digia:qt:4.4.0", "cpe:/a:digia:qt:4.7.2"], "id": "CVE-2009-2700", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2700", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:digia:qt:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:digia:qt:4.4.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:03", "description": "Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.", "edition": 6, "cvss3": {}, "published": "2009-07-30T19:30:00", "title": "CVE-2009-2408", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2018-10-03T22:00:00", "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:nss:3.11.2", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:firefox:2.0_.10", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:nss:3.0", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.21", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0_.4", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:nss:3.12", "cpe:/a:mozilla:nss:3.4", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:firefox:2.0_.6", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:firefox:3.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:nss:3.6", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:3.2", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:nss:3.11.8", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:2.0_8", "cpe:/a:mozilla:firefox:2.0_.7", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:firefox:2.0_.1", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:firefox:0.9_rc", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:nss:3.11.4", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.0beta5", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0_.9", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:firefox:2.0_.5", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:nss:3.11.7", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2009-2408", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2408", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0beta5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.11.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.2:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.2:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.2:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:nss:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-04-06T11:38:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700", "CVE-2009-2408"], "description": "The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.", "modified": "2018-04-06T00:00:00", "published": "2009-09-15T00:00:00", "id": "OPENVAS:136141256231064836", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064836", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:225 (qt4)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_225.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:225 (qt4)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in qt4:\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x\ndoes not properly handle a '\\0' character in a domain name in the\nSubject Alternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority,\na related issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.\n\nAffected: 2009.0, 2009.1, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:225\";\ntag_summary = \"The remote host is missing an update to qt4\nannounced via advisory MDVSA-2009:225.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64836\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:225 (qt4)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscripttools4\", rpm:\"libqtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin\", rpm:\"qt4-accessibility-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql\", rpm:\"qt4-database-plugin-mysql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc\", rpm:\"qt4-database-plugin-odbc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql\", rpm:\"qt4-database-plugin-pgsql~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite\", rpm:\"qt4-database-plugin-sqlite~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-tds\", rpm:\"qt4-database-plugin-tds~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-graphicssystems-plugin\", rpm:\"qt4-graphicssystems-plugin~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qdoc3\", rpm:\"qt4-qdoc3~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscripttools4\", rpm:\"lib64qtscripttools4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.5.2~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqassistant4\", rpm:\"libqassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt3support4\", rpm:\"libqt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtclucene4\", rpm:\"libqtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtcore4\", rpm:\"libqtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdbus4\", rpm:\"libqtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtdesigner4\", rpm:\"libqtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtgui4\", rpm:\"libqtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqthelp4\", rpm:\"libqthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtnetwork4\", rpm:\"libqtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtopengl4\", rpm:\"libqtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtscript4\", rpm:\"libqtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsql4\", rpm:\"libqtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtsvg4\", rpm:\"libqtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqttest4\", rpm:\"libqttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtwebkit4\", rpm:\"libqtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxml4\", rpm:\"libqtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqtxmlpatterns4\", rpm:\"libqtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib\", rpm:\"qt4-accessibility-plugin-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-assistant\", rpm:\"qt4-assistant~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-common\", rpm:\"qt4-common~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib\", rpm:\"qt4-database-plugin-mysql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib\", rpm:\"qt4-database-plugin-odbc-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib\", rpm:\"qt4-database-plugin-pgsql-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib\", rpm:\"qt4-database-plugin-sqlite-lib~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-designer\", rpm:\"qt4-designer~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-doc\", rpm:\"qt4-doc~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-examples\", rpm:\"qt4-examples~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-linguist\", rpm:\"qt4-linguist~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtconfig\", rpm:\"qt4-qtconfig~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qtdbus\", rpm:\"qt4-qtdbus~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-qvfb\", rpm:\"qt4-qvfb~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-xmlpatterns\", rpm:\"qt4-xmlpatterns~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qassistant4\", rpm:\"lib64qassistant4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt3support4\", rpm:\"lib64qt3support4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qt4-devel\", rpm:\"lib64qt4-devel~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtclucene4\", rpm:\"lib64qtclucene4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtcore4\", rpm:\"lib64qtcore4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdbus4\", rpm:\"lib64qtdbus4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtdesigner4\", rpm:\"lib64qtdesigner4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtgui4\", rpm:\"lib64qtgui4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qthelp4\", rpm:\"lib64qthelp4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtnetwork4\", rpm:\"lib64qtnetwork4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtopengl4\", rpm:\"lib64qtopengl4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtscript4\", rpm:\"lib64qtscript4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsql4\", rpm:\"lib64qtsql4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtsvg4\", rpm:\"lib64qtsvg4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qttest4\", rpm:\"lib64qttest4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtwebkit4\", rpm:\"lib64qtwebkit4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxml4\", rpm:\"lib64qtxml4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64qtxmlpatterns4\", rpm:\"lib64qtxmlpatterns4~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-accessibility-plugin-lib64\", rpm:\"qt4-accessibility-plugin-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-mysql-lib64\", rpm:\"qt4-database-plugin-mysql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-odbc-lib64\", rpm:\"qt4-database-plugin-odbc-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-pgsql-lib64\", rpm:\"qt4-database-plugin-pgsql-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-database-plugin-sqlite-lib64\", rpm:\"qt4-database-plugin-sqlite-lib64~4.4.3~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:66281", "href": "http://plugins.openvas.org/nasl.php?oid=66281", "type": "openvas", "title": "SLES10: Security update for Qt3", "sourceData": "#\n#VID slesp2-dbus-1-qt-6644\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Qt3\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66281);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES10: Security update for Qt3\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dbus-1-qt\", rpm:\"dbus-1-qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-qt3support\", rpm:\"qt-qt3support~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sql\", rpm:\"qt-sql~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:66284", "href": "http://plugins.openvas.org/nasl.php?oid=66284", "type": "openvas", "title": "SLES11: Security update for libqt4", "sourceData": "#\n#VID c980cdd57955d1f78a74976fd2c23c32\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libqt4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534081\");\n script_id(66284);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES11: Security update for libqt4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:136141256231066284", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066284", "type": "openvas", "title": "SLES11: Security update for libqt4", "sourceData": "#\n#VID c980cdd57955d1f78a74976fd2c23c32\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libqt4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libqt4\n libqt4-qt3support\n libqt4-sql\n libqt4-sql-sqlite\n libqt4-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534081\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.66284\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES11: Security update for libqt4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~12.11.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-12-04T11:29:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "description": "The remote host is missing an update to qt4-x11\nannounced via advisory USN-829-1.", "modified": "2017-12-01T00:00:00", "published": "2009-09-15T00:00:00", "id": "OPENVAS:64890", "href": "http://plugins.openvas.org/nasl.php?oid=64890", "type": "openvas", "title": "Ubuntu USN-829-1 (qt4-x11)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_829_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_829_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-829-1 (qt4-x11)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n libqt4-core 4.3.4-0ubuntu3.1\n\nUbuntu 8.10:\n libqt4-network 4.4.3-0ubuntu1.3\n\nUbuntu 9.04:\n libqt4-network 4.5.0-0ubuntu4.2\n\nAfter a standard system upgrade you need to restart your session to effect\nthe necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-829-1\";\n\ntag_insight = \"It was discovered that Qt did not properly handle certificates with NULL\ncharacters in the Subject Alternative Name field of X.509 certificates. An\nattacker could exploit this to perform a man in the middle attack to view\nsensitive information or alter encrypted communications. (CVE-2009-2700)\";\ntag_summary = \"The remote host is missing an update to qt4-x11\nannounced via advisory USN-829-1.\";\n\n \n\n\nif(description)\n{\n script_id(64890);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Ubuntu USN-829-1 (qt4-x11)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-829-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-debug\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.3.4-0ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc-html\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-assistant\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbus\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-designer\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-help\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl-dev\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-script\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-mysql\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-odbc\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-psql\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite2\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-svg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-test\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit-dbg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xml\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns-dbg\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtcore4\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtgui4\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.4.3-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc-html\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-assistant\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dbus\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-designer\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-help\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl-dev\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-opengl\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-script\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-scripttools\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-mysql\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-odbc\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-psql\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite2\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql-sqlite\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-svg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-test\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-webkit\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xml\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqt4-xmlpatterns\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtcore4\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libqtgui4\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-demos\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools-dbg\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qmake\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4.5.0-0ubuntu4.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:136141256231066281", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066281", "type": "openvas", "title": "SLES10: Security update for Qt3", "sourceData": "#\n#VID slesp2-dbus-1-qt-6644\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Qt3\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n dbus-1-qt\n qt\n qt-qt3support\n qt-sql\n qt-x11\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66281\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-2700\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"SLES10: Security update for Qt3\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"dbus-1-qt\", rpm:\"dbus-1-qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-qt3support\", rpm:\"qt-qt3support~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sql\", rpm:\"qt-sql~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.3.4~0.7.1\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2408"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libldap-2_4-2\n openldap2\n openldap2-back-meta\n openldap2-client\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-11T00:00:00", "id": "OPENVAS:65720", "href": "http://plugins.openvas.org/nasl.php?oid=65720", "type": "openvas", "title": "SLES11: Security update for OpenLDAP2", "sourceData": "#\n#VID 8b6ad83a2d239c9f63b11481566420f0\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for OpenLDAP2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libldap-2_4-2\n openldap2\n openldap2-back-meta\n openldap2-client\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=537143\");\n script_id(65720);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for OpenLDAP2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libldap-2_4-2\", rpm:\"libldap-2_4-2~2.4.12~7.18.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openldap2\", rpm:\"openldap2~2.4.12~7.18.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openldap2-back-meta\", rpm:\"openldap2-back-meta~2.4.12~7.18.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openldap2-client\", rpm:\"openldap2-client~2.4.12~7.18.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2408"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mutt\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-11T00:00:00", "id": "OPENVAS:65721", "href": "http://plugins.openvas.org/nasl.php?oid=65721", "type": "openvas", "title": "SLES11: Security update for mutt", "sourceData": "#\n#VID cc9c5a6c5fd4bd88c6a42dc93653674b\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for mutt\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mutt\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=537141\");\n script_id(65721);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for mutt\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mutt\", rpm:\"mutt~1.5.17~42.32.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2408"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openldap2\n openldap2-back-meta\n openldap2-back-perl\n openldap2-client\n openldap2-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065858", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065858", "type": "openvas", "title": "SLES10: Security update for OpenLDAP2", "sourceData": "#\n#VID slesp2-openldap2-6485\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for OpenLDAP2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n openldap2\n openldap2-back-meta\n openldap2-back-perl\n openldap2-client\n openldap2-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65858\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES10: Security update for OpenLDAP2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"openldap2\", rpm:\"openldap2~2.3.32~0.34.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openldap2-back-meta\", rpm:\"openldap2-back-meta~2.3.32~0.34.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openldap2-back-perl\", rpm:\"openldap2-back-perl~2.3.32~0.34.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openldap2-client\", rpm:\"openldap2-client~2.3.32~0.33.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openldap2-devel\", rpm:\"openldap2-devel~2.3.32~0.33.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2408"], "description": "The remote host is missing an update to wget\nannounced via advisory MDVSA-2009:206.", "modified": "2017-07-06T00:00:00", "published": "2009-09-02T00:00:00", "id": "OPENVAS:64678", "href": "http://plugins.openvas.org/nasl.php?oid=64678", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:206 (wget)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_206.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:206 (wget)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in wget:\n\nSUSE discovered a security issue in wget related to CVE-2009-2408\n\nThis update provides a solution to this vulnerability.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:206\";\ntag_summary = \"The remote host is missing an update to wget\nannounced via advisory MDVSA-2009:206.\";\n\n \n\nif(description)\n{\n script_id(64678);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:206 (wget)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"wget\", rpm:\"wget~1.11~1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wget\", rpm:\"wget~1.11.4~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wget\", rpm:\"wget~1.11.4~2.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wget\", rpm:\"wget~1.10~1.3.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wget\", rpm:\"wget~1.11.4~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T11:52:17", "description": "A vulnerability has been found and corrected in qt4 :\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not\nproperly handle a '' character in a domain name in the Subject\nAlternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority, a\nrelated issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.", "edition": 25, "published": "2009-09-09T00:00:00", "title": "Mandriva Linux Security Advisory : qt4 (MDVSA-2009:225)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700", "CVE-2009-2408"], "modified": "2009-09-09T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64qt3support4", "p-cpe:/a:mandriva:linux:qt4-qtconfig", "p-cpe:/a:mandriva:linux:libqtdbus4", "p-cpe:/a:mandriva:linux:libqtcore4", "p-cpe:/a:mandriva:linux:qt4-accessibility-plugin", "p-cpe:/a:mandriva:linux:lib64qtnetwork4", "p-cpe:/a:mandriva:linux:libqttest4", "p-cpe:/a:mandriva:linux:lib64qtsvg4", "p-cpe:/a:mandriva:linux:libqtscripttools4", "p-cpe:/a:mandriva:linux:qt4-database-plugin-tds", "p-cpe:/a:mandriva:linux:lib64qtdesigner4", "p-cpe:/a:mandriva:linux:lib64qtscripttools4", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:libqassistant4", "p-cpe:/a:mandriva:linux:lib64qtwebkit4", "p-cpe:/a:mandriva:linux:qt4-graphicssystems-plugin", "p-cpe:/a:mandriva:linux:libqtxmlpatterns4", "p-cpe:/a:mandriva:linux:libqtscript4", "p-cpe:/a:mandriva:linux:lib64qtxml4", "p-cpe:/a:mandriva:linux:lib64qttest4", "p-cpe:/a:mandriva:linux:libqtdesigner4", "p-cpe:/a:mandriva:linux:libqtsql4", "p-cpe:/a:mandriva:linux:libqtsvg4", "p-cpe:/a:mandriva:linux:qt4-qvfb", "p-cpe:/a:mandriva:linux:lib64qthelp4", "p-cpe:/a:mandriva:linux:libqthelp4", "p-cpe:/a:mandriva:linux:qt4-designer", "p-cpe:/a:mandriva:linux:qt4-examples", "p-cpe:/a:mandriva:linux:qt4-database-plugin-mysql", "p-cpe:/a:mandriva:linux:lib64qtcore4", "p-cpe:/a:mandriva:linux:lib64qt4-devel", "cpe:/o:mandriva:linux:2009.1", "p-cpe:/a:mandriva:linux:qt4-database-plugin-pgsql", "p-cpe:/a:mandriva:linux:libqt3support4", "p-cpe:/a:mandriva:linux:lib64qtclucene4", "p-cpe:/a:mandriva:linux:libqtclucene4", "p-cpe:/a:mandriva:linux:qt4-xmlpatterns", "p-cpe:/a:mandriva:linux:lib64qtdbus4", "p-cpe:/a:mandriva:linux:libqt4-devel", "p-cpe:/a:mandriva:linux:libqtwebkit4", "p-cpe:/a:mandriva:linux:libqtgui4", "p-cpe:/a:mandriva:linux:qt4-database-plugin-odbc", "p-cpe:/a:mandriva:linux:qt4-linguist", "p-cpe:/a:mandriva:linux:qt4-common", "p-cpe:/a:mandriva:linux:qt4-doc", "p-cpe:/a:mandriva:linux:lib64qtgui4", "p-cpe:/a:mandriva:linux:lib64qtscript4", "p-cpe:/a:mandriva:linux:lib64qtxmlpatterns4", "p-cpe:/a:mandriva:linux:qt4-database-plugin-sqlite", "p-cpe:/a:mandriva:linux:lib64qtsql4", "p-cpe:/a:mandriva:linux:qt4-qtdbus", "p-cpe:/a:mandriva:linux:libqtnetwork4", "p-cpe:/a:mandriva:linux:qt4-assistant", "p-cpe:/a:mandriva:linux:libqtxml4", "p-cpe:/a:mandriva:linux:lib64qtopengl4", "p-cpe:/a:mandriva:linux:libqtopengl4", "p-cpe:/a:mandriva:linux:qt4-qdoc3", "p-cpe:/a:mandriva:linux:lib64qassistant4"], "id": "MANDRIVA_MDVSA-2009-225.NASL", "href": "https://www.tenable.com/plugins/nessus/40900", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:225. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40900);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"MDVSA\", value:\"2009:225\");\n\n script_name(english:\"Mandriva Linux Security Advisory : qt4 (MDVSA-2009:225)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in qt4 :\n\nsrc/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not\nproperly handle a '' character in a domain name in the Subject\nAlternative Name field of an X.509 certificate, which allows\nman-in-the-middle attackers to spoof arbitrary SSL servers via a\ncrafted certificate issued by a legitimate Certification Authority, a\nrelated issue to CVE-2009-2408 (CVE-2009-2700).\n\nThis update provides a solution to this vulnerability.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qassistant4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt3support4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtclucene4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtdbus4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtdesigner4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qthelp4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtnetwork4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtopengl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtscript4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtscripttools4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtsql4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtsvg4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qttest4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtwebkit4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtxml4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qtxmlpatterns4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqassistant4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt3support4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtclucene4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtdbus4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtdesigner4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqthelp4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtnetwork4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtopengl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtscript4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtscripttools4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtsql4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtsvg4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqttest4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtwebkit4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtxml4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqtxmlpatterns4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-accessibility-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-database-plugin-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-graphicssystems-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qdoc3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qtconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qtdbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-qvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt4-xmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qassistant4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qt3support4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qt4-devel-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtclucene4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtcore4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtdbus4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtdesigner4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtgui4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qthelp4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtnetwork4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtopengl4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtscript4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtscripttools4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtsql4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtsvg4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qttest4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtwebkit4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtxml4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64qtxmlpatterns4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqassistant4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqt3support4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqt4-devel-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtclucene4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtcore4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtdbus4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtdesigner4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtgui4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqthelp4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtnetwork4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtopengl4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtscript4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtscripttools4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtsql4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtsvg4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqttest4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtwebkit4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtxml4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libqtxmlpatterns4-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-accessibility-plugin-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-assistant-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-common-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-mysql-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-odbc-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-pgsql-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-sqlite-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-database-plugin-tds-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-designer-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-doc-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-examples-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-graphicssystems-plugin-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-linguist-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qdoc3-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qtconfig-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qtdbus-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-qvfb-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qt4-xmlpatterns-4.5.2-1.6mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qassistant4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qt3support4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qt4-devel-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtclucene4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtcore4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtdbus4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtdesigner4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtgui4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qthelp4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtnetwork4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtopengl4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtscript4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtscripttools4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtsql4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtsvg4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qttest4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtwebkit4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtxml4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64qtxmlpatterns4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqassistant4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqt3support4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqt4-devel-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtclucene4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtcore4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtdbus4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtdesigner4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtgui4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqthelp4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtnetwork4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtopengl4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtscript4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtscripttools4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtsql4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtsvg4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqttest4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtwebkit4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtxml4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libqtxmlpatterns4-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-accessibility-plugin-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-assistant-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-common-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-mysql-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-odbc-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-pgsql-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-sqlite-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-database-plugin-tds-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-designer-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-doc-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-examples-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-graphicssystems-plugin-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-linguist-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qdoc3-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qtconfig-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qtdbus-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-qvfb-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"qt4-xmlpatterns-4.5.2-1.4mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:03:32", "description": "This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)", "edition": 23, "published": "2009-11-13T00:00:00", "title": "openSUSE Security Update : libqt4 (libqt4-1521)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2009-11-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libqt4-x11", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:libqt4-devel", "p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql", "p-cpe:/a:novell:opensuse:libqt4-x11-32bit", "p-cpe:/a:novell:opensuse:libqt4-32bit", "p-cpe:/a:novell:opensuse:libqt4", "p-cpe:/a:novell:opensuse:libqt4-sql-32bit", "p-cpe:/a:novell:opensuse:libqt4-qt3support"], "id": "SUSE_11_0_LIBQT4-091106.NASL", "href": "https://www.tenable.com/plugins/nessus/42791", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libqt4-1521.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42791);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"openSUSE Security Update : libqt4 (libqt4-1521)\");\n script_summary(english:\"Check for the libqt4-1521 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534081\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libqt4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-devel-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-qt3support-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-sql-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-sql-sqlite-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libqt4-x11-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.0-12.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.0-12.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:04:50", "description": "This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)", "edition": 23, "published": "2009-11-13T00:00:00", "title": "openSUSE Security Update : libqt4 (libqt4-1521)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2009-11-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libqt4-x11", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libqt4-devel", "p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql", "p-cpe:/a:novell:opensuse:libqt4-x11-32bit", "p-cpe:/a:novell:opensuse:libqt4-32bit", "p-cpe:/a:novell:opensuse:libqt4", "p-cpe:/a:novell:opensuse:libqt4-sql-32bit", "p-cpe:/a:novell:opensuse:libqt4-qt3support"], "id": "SUSE_11_1_LIBQT4-091106.NASL", "href": "https://www.tenable.com/plugins/nessus/42792", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libqt4-1521.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42792);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"openSUSE Security Update : libqt4 (libqt4-1521)\");\n script_summary(english:\"Check for the libqt4-1521 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534081\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libqt4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-devel-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-qt3support-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-sql-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-sql-sqlite-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libqt4-x11-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.3-4.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.3-4.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:43:31", "description": "This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)", "edition": 23, "published": "2009-11-13T00:00:00", "title": "SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6644)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2009-11-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_DBUS-1-QT-6644.NASL", "href": "https://www.tenable.com/plugins/nessus/42794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42794);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6644)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2700.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6644.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-20T15:44:44", "description": "It was discovered that Qt did not properly handle certificates with\nNULL characters in the Subject Alternative Name field of X.509\ncertificates. An attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted\ncommunications. (CVE-2009-2700).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-09-11T00:00:00", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : qt4-x11 vulnerability (USN-829-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2009-09-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite2", "p-cpe:/a:canonical:ubuntu_linux:libqtgui4", "p-cpe:/a:canonical:ubuntu_linux:qt4-designer", "p-cpe:/a:canonical:ubuntu_linux:qt4-doc", "p-cpe:/a:canonical:ubuntu_linux:libqt4-help", "p-cpe:/a:canonical:ubuntu_linux:qt4-demos", "p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-assistant", "p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite", "p-cpe:/a:canonical:ubuntu_linux:libqt4-gui", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns", "p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl", "p-cpe:/a:canonical:ubuntu_linux:qt4-doc-html", "p-cpe:/a:canonical:ubuntu_linux:qt4-qmake", "p-cpe:/a:canonical:ubuntu_linux:libqt4-test", "p-cpe:/a:canonical:ubuntu_linux:libqt4-core", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xml", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit", "p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl-dev", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dev-dbg", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dbus", "p-cpe:/a:canonical:ubuntu_linux:libqt4-script", "p-cpe:/a:canonical:ubuntu_linux:libqt4-network", "p-cpe:/a:canonical:ubuntu_linux:libqtcore4", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-psql", "cpe:/o:canonical:ubuntu_linux:8.10", "p-cpe:/a:canonical:ubuntu_linux:libqt4-scripttools", "cpe:/o:canonical:ubuntu_linux:9.04", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-mysql", "p-cpe:/a:canonical:ubuntu_linux:libqt4-svg", "p-cpe:/a:canonical:ubuntu_linux:qt4-qtconfig", "p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-odbc", "p-cpe:/a:canonical:ubuntu_linux:libqt4-debug", "p-cpe:/a:canonical:ubuntu_linux:libqt4-dev", "p-cpe:/a:canonical:ubuntu_linux:libqt4-qt3support", "p-cpe:/a:canonical:ubuntu_linux:qt4-demos-dbg", "p-cpe:/a:canonical:ubuntu_linux:libqt4-designer", "p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns-dbg"], "id": "UBUNTU_USN-829-1.NASL", "href": "https://www.tenable.com/plugins/nessus/40944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-829-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40944);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"USN\", value:\"829-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : qt4-x11 vulnerability (USN-829-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Qt did not properly handle certificates with\nNULL characters in the Subject Alternative Name field of X.509\ncertificates. An attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted\ncommunications. (CVE-2009-2700).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/829-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-dev-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-opengl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-scripttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-psql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-sql-sqlite2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-svg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-webkit-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-xmlpatterns-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-demos-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-dev-tools-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-qmake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:qt4-qtconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-core\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-debug\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-dev\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-gui\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-qt3support\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libqt4-sql\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-designer\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-dev-tools\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-doc\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"qt4-qtconfig\", pkgver:\"4.3.4-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-assistant\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-core\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dbg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dbus\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-designer\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-dev\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-gui\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-help\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-network\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-opengl\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-opengl-dev\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-qt3support\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-script\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-mysql\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-odbc\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-psql\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-sqlite\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-sql-sqlite2\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-svg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-test\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-webkit\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-webkit-dbg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xml\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xmlpatterns\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqt4-xmlpatterns-dbg\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqtcore4\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libqtgui4\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-demos\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-designer\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-dev-tools\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-doc\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-doc-html\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"qt4-qtconfig\", pkgver:\"4.4.3-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-assistant\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-core\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dbus\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-designer\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dev\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-dev-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-gui\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-help\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-network\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-opengl\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-opengl-dev\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-qt3support\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-script\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-scripttools\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-mysql\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-odbc\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-psql\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-sqlite\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-sql-sqlite2\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-svg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-test\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-webkit\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-webkit-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xml\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xmlpatterns\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqt4-xmlpatterns-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqtcore4\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libqtgui4\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-demos\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-demos-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-designer\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-dev-tools\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-dev-tools-dbg\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-doc\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-doc-html\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-qmake\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"qt4-qtconfig\", pkgver:\"4.5.0-0ubuntu4.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4-assistant / libqt4-core / libqt4-dbg / libqt4-dbus / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:43:31", "description": "This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)", "edition": 23, "published": "2010-10-11T00:00:00", "title": "SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6645)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2010-10-11T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_DBUS-1-QT-6645.NASL", "href": "https://www.tenable.com/plugins/nessus/49844", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49844);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"SuSE 10 Security Update : Qt3 (ZYPP Patch Number 6645)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2700.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6645.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"dbus-1-qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-qt3support-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-sql-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"qt-x11-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"dbus-1-qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-qt3support-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-sql-32bit-4.3.4-0.7.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"qt-x11-32bit-4.3.4-0.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:13:25", "description": "This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)", "edition": 23, "published": "2009-11-13T00:00:00", "title": "SuSE 11 Security Update : libqt4 (SAT Patch Number 1522)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2009-11-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libqt4-x11", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:libqt4-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-qt3support", "p-cpe:/a:novell:suse_linux:11:libqt4", "p-cpe:/a:novell:suse_linux:11:libqt4-qt3support-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-x11-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql"], "id": "SUSE_11_LIBQT4-091106.NASL", "href": "https://www.tenable.com/plugins/nessus/42793", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42793);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2700\");\n\n script_name(english:\"SuSE 11 Security Update : libqt4 (SAT Patch Number 1522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the handling of the subjectAltName field in SSL\ncertificates. (CVE-2009-2700)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2700.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1522.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-qt3support-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-sql-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-sql-sqlite-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libqt4-x11-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-qt3support-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-x11-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-qt3support-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-sql-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-sql-sqlite-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libqt4-x11-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-qt3support-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-sql-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libqt4-x11-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.4.3-12.11.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.4.3-12.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:07:38", "description": "security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-09-03T00:00:00", "title": "Fedora 11 : qt-4.5.2-3.fc11 (2009-9231)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2009-09-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-9231.NASL", "href": "https://www.tenable.com/plugins/nessus/40855", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-9231.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40855);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"FEDORA\", value:\"2009-9231\");\n\n script_name(english:\"Fedora 11 : qt-4.5.2-3.fc11 (2009-9231)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=520435\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-September/028708.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12e83811\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"qt-4.5.2-3.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:07:38", "description": "security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2009-09-03T00:00:00", "title": "Fedora 10 : qt-4.5.2-3.fc10 (2009-9232)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2700"], "modified": "2009-09-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:qt"], "id": "FEDORA_2009-9232.NASL", "href": "https://www.tenable.com/plugins/nessus/40856", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-9232.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40856);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2700\");\n script_xref(name:\"FEDORA\", value:\"2009-9232\");\n\n script_name(english:\"Fedora 10 : qt-4.5.2-3.fc10 (2009-9232)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"security fix for CVE-2009-2700\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=520435\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-September/028709.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ff86ca9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"qt-4.5.2-3.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:46:45", "description": "This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408)", "edition": 23, "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : mutt (ZYPP Patch Number 6484)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2408"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MUTT-6484.NASL", "href": "https://www.tenable.com/plugins/nessus/41559", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41559);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE 10 Security Update : mutt (ZYPP Patch Number 6484)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6484.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mutt-1.5.9i-27.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mutt-1.5.9i-27.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:31", "bulletinFamily": "software", "cvelist": ["CVE-2009-2700", "CVE-2009-2408"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:225\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : qt4\r\n Date : September 8, 2009\r\n Affected: 2009.0, 2009.1, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in qt4:\r\n \r\n src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x\r\n does not properly handle a '\0' character in a domain name in the\r\n Subject Alternative Name field of an X.509 certificate, which allows\r\n man-in-the-middle attackers to spoof arbitrary SSL servers via a\r\n crafted certificate issued by a legitimate Certification Authority,\r\n a related issue to CVE-2009-2408 (CVE-2009-2700).\r\n \r\n This update provides a solution to this vulnerability.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n 8f0b2b07978ce4e9eb86291935b2259c 2009.0/i586/libqassistant4-4.5.2-1.6mdv2009.0.i586.rpm\r\n e2403dcda9f123b545188aef00cb2114 2009.0/i586/libqt3support4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 51288fb907cc947b3cadd9ab2e33b75b 2009.0/i586/libqt4-devel-4.5.2-1.6mdv2009.0.i586.rpm\r\n 302a8f93453e5d53d7c8a2df82029ffc 2009.0/i586/libqtclucene4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 616c5e49341e9a09d0e8ebe84e02e1cc 2009.0/i586/libqtcore4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 3c83783b3bce0ef1d4272fea4b2b8b63 2009.0/i586/libqtdbus4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 0a5e1e53937d3e283d7a3d4227850e35 2009.0/i586/libqtdesigner4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 33ce1ee1c1cde616895ecef850720000 2009.0/i586/libqtgui4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 94e8c96fbc41bb125a1e3104f552f267 2009.0/i586/libqthelp4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 1370e9cbbdffd1763ac8740fb31505bd 2009.0/i586/libqtnetwork4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 1699327bbe2cf4bef5c9dedb155c3c36 2009.0/i586/libqtopengl4-4.5.2-1.6mdv2009.0.i586.rpm\r\n ca924316c1e18ad29bdf37f392883f1c 2009.0/i586/libqtscript4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 8fd952c8be0760d7918e6e5693ba32a7 2009.0/i586/libqtscripttools4-4.5.2-1.6mdv2009.0.i586.rpm\r\n afc2b34155609ac2f390446f7f5bc45b 2009.0/i586/libqtsql4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 345e293c4771e249679801aa750397ca 2009.0/i586/libqtsvg4-4.5.2-1.6mdv2009.0.i586.rpm\r\n b0e143930f2da815b3fcae1c73a1a70c 2009.0/i586/libqttest4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 2c7474fd309e67fe682e44576b527e0c 2009.0/i586/libqtwebkit4-4.5.2-1.6mdv2009.0.i586.rpm\r\n b19c8107575a0818ecbe19dae9028ef0 2009.0/i586/libqtxml4-4.5.2-1.6mdv2009.0.i586.rpm\r\n 1540b82f62f29d8e9f46df23e5b7f786 2009.0/i586/libqtxmlpatterns4-4.5.2-1.6mdv2009.0.i586.rpm\r\n a243614d06b6aa0aec46b6263bdde420 2009.0/i586/qt4-accessibility-plugin-4.5.2-1.6mdv2009.0.i586.rpm\r\n 11c894ba3a91e7c2e1ebc0c194c9aaae 2009.0/i586/qt4-assistant-4.5.2-1.6mdv2009.0.i586.rpm\r\n 40a9530b2ed55545036ee30ce5109069 2009.0/i586/qt4-common-4.5.2-1.6mdv2009.0.i586.rpm\r\n 28fd5f52ebd0f1b47975aaabc6a69ea1 2009.0/i586/qt4-database-plugin-mysql-4.5.2-1.6mdv2009.0.i586.rpm\r\n 6e315a67b9e061027b7ec252cfb2085b 2009.0/i586/qt4-database-plugin-odbc-4.5.2-1.6mdv2009.0.i586.rpm\r\n 80e679cde6b34b8ba063cf0d36b198eb 2009.0/i586/qt4-database-plugin-pgsql-4.5.2-1.6mdv2009.0.i586.rpm\r\n b613b53004865d81b54f7c11a403a529 2009.0/i586/qt4-database-plugin-sqlite-4.5.2-1.6mdv2009.0.i586.rpm\r\n f97d447b97bfd68d59d0eb28064f7213 2009.0/i586/qt4-database-plugin-tds-4.5.2-1.6mdv2009.0.i586.rpm\r\n c9c9e0a3230ba751c7eebeacc44d906d 2009.0/i586/qt4-designer-4.5.2-1.6mdv2009.0.i586.rpm\r\n cf2435679fa0066b6ae95a4dad6c0fda 2009.0/i586/qt4-doc-4.5.2-1.6mdv2009.0.i586.rpm\r\n 933137e640637b6fa7ea5b5a6257a9ca 2009.0/i586/qt4-examples-4.5.2-1.6mdv2009.0.i586.rpm\r\n 6e080be6a767a58323c845521d8eef9a 2009.0/i586/qt4-graphicssystems-plugin-4.5.2-1.6mdv2009.0.i586.rpm\r\n 70f84dbe081843b0fa9c4b07b517b7a8 2009.0/i586/qt4-linguist-4.5.2-1.6mdv2009.0.i586.rpm\r\n 8082bc18d3183654f64c0bba0933de93 2009.0/i586/qt4-qdoc3-4.5.2-1.6mdv2009.0.i586.rpm\r\n b77fb9a4915ee16eb07a2c7a82069a7a 2009.0/i586/qt4-qtconfig-4.5.2-1.6mdv2009.0.i586.rpm\r\n b2b4fb545fcaf96de26ea8618f507eb9 2009.0/i586/qt4-qtdbus-4.5.2-1.6mdv2009.0.i586.rpm\r\n ca7d917f2442e9ff1665b224e834d9e2 2009.0/i586/qt4-qvfb-4.5.2-1.6mdv2009.0.i586.rpm\r\n 840c3cd230194546f0277fb0314fe31b 2009.0/i586/qt4-xmlpatterns-4.5.2-1.6mdv2009.0.i586.rpm \r\n e7d70d53a8a870ba2b938c754dc58379 2009.0/SRPMS/qt4-4.5.2-1.6mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n f9ceffb25a3dd3e2fff7520eb024b413 2009.0/x86_64/lib64qassistant4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n ff62476ae9bc5124c3b77ccd6b8e4dfb 2009.0/x86_64/lib64qt3support4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e05a185eae6d1155404ebdca47228298 2009.0/x86_64/lib64qt4-devel-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 34f026834954176924b8ceaa07402d94 2009.0/x86_64/lib64qtclucene4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 3417707e32fd86d56e3eddb11cc8adfc 2009.0/x86_64/lib64qtcore4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n f73849389ac56f6aeba0a99b51f78bd1 2009.0/x86_64/lib64qtdbus4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n a98754a5f9162f3dbf6ae02b3a4fc326 2009.0/x86_64/lib64qtdesigner4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 49833997afdfb052f8bb433f7414b759 2009.0/x86_64/lib64qtgui4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 474c0f0f7f1482fb97224426a83cbca0 2009.0/x86_64/lib64qthelp4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n a88ccb8f38dc94d9285f7c1ba1f59abb 2009.0/x86_64/lib64qtnetwork4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n d5c2fd9e3505e1176ad330fcc7b69c7a 2009.0/x86_64/lib64qtopengl4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 0de7a8ace4b49919ac0ccc8c5e8d332f 2009.0/x86_64/lib64qtscript4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 7ce2aba490bd9f7520fbdb25dbe5b2ca 2009.0/x86_64/lib64qtscripttools4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 4334eb5e253f3fdd5e1dd9d993711078 2009.0/x86_64/lib64qtsql4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 94684fb18dd38cf1d3f2a0c3d2350b4a 2009.0/x86_64/lib64qtsvg4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 49c34a46d085d4eab5915cfb01c0b0c6 2009.0/x86_64/lib64qttest4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e3a49c9ac1c0fb5be354d40b151cef8f 2009.0/x86_64/lib64qtwebkit4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 9edb5e5d6bfbe11f4da5267426555982 2009.0/x86_64/lib64qtxml4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 788f9e76148b2d8b6aab85c180c9ef2a 2009.0/x86_64/lib64qtxmlpatterns4-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 69b48fbeee815b383073f03363e34a0a \r\n2009.0/x86_64/qt4-accessibility-plugin-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 32142e9e15fc02141839f6e145285543 2009.0/x86_64/qt4-assistant-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 150e2512211462927f33247184f11e7e 2009.0/x86_64/qt4-common-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e5a17b66d70cc77dcbe8364da87269b9 \r\n2009.0/x86_64/qt4-database-plugin-mysql-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 7cc2aa658afa85304b3a4c4312e20ad6 \r\n2009.0/x86_64/qt4-database-plugin-odbc-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n ce73ffa95481ae312e4274d1976e2e7e \r\n2009.0/x86_64/qt4-database-plugin-pgsql-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n d1321f0a1c177b84d06e158eac15a435 \r\n2009.0/x86_64/qt4-database-plugin-sqlite-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n b49fc0f5a0da1c9b539bba4d2df07005 \r\n2009.0/x86_64/qt4-database-plugin-tds-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 1c16661643343b9b3b2ddd3e44b4b707 2009.0/x86_64/qt4-designer-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 373a3af8447e53de328fd5cc5876988d 2009.0/x86_64/qt4-doc-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 59cb1a04ecfbdd1aeff294d9663ba900 2009.0/x86_64/qt4-examples-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 9f8cc6a94247dfc0abf80bb10307c3e8 \r\n2009.0/x86_64/qt4-graphicssystems-plugin-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n cb45f4b26814ea8b3ab6181a50c72f22 2009.0/x86_64/qt4-linguist-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n e13be65ed2912ebb064c86d9aa55c4f0 2009.0/x86_64/qt4-qdoc3-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 6833ef669f7448ee47e4f399ed5e8c0b 2009.0/x86_64/qt4-qtconfig-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 71029609bd89ac503875cfb7c70ffb45 2009.0/x86_64/qt4-qtdbus-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n 84701ed7926e276a4f960432e3b376c6 2009.0/x86_64/qt4-qvfb-4.5.2-1.6mdv2009.0.x86_64.rpm\r\n d8188e6b55ee4477558bcf37aa348b22 2009.0/x86_64/qt4-xmlpatterns-4.5.2-1.6mdv2009.0.x86_64.rpm \r\n e7d70d53a8a870ba2b938c754dc58379 2009.0/SRPMS/qt4-4.5.2-1.6mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n 2e2ab90686768ad3332604dfee629e93 2009.1/i586/libqassistant4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 8535d83b511c66a59c9152995afacbf4 2009.1/i586/libqt3support4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 61dd3bcdef9e0250d5a8a3e8a75a7b1b 2009.1/i586/libqt4-devel-4.5.2-1.4mdv2009.1.i586.rpm\r\n 297c603db7184971d533c3edc0e4314c 2009.1/i586/libqtclucene4-4.5.2-1.4mdv2009.1.i586.rpm\r\n f7043105bc3bf97166a9e5898f41cee0 2009.1/i586/libqtcore4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 1ecae69d52815b033c973a8f55fff26f 2009.1/i586/libqtdbus4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 14bd0c6ebdc10c9208968246d3ddc8e1 2009.1/i586/libqtdesigner4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 0366ccc7475139e96622ebc20e09a645 2009.1/i586/libqtgui4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 31a16c4dae404ef7e06fde024e96b2e6 2009.1/i586/libqthelp4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 5ada32f6e70d288fe179b1ab42d4a398 2009.1/i586/libqtnetwork4-4.5.2-1.4mdv2009.1.i586.rpm\r\n b04f16a4b050d460413cbd76d98eed48 2009.1/i586/libqtopengl4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 7baa68c4abc646c76a2d3ae5bca141b4 2009.1/i586/libqtscript4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 7985c1a4a878a723ad2ebfb6241f60b2 2009.1/i586/libqtscripttools4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 58eeda1ce05925c0b3cab904db3f25a7 2009.1/i586/libqtsql4-4.5.2-1.4mdv2009.1.i586.rpm\r\n d99e31623b92731a5cb8523c6294b26f 2009.1/i586/libqtsvg4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 8530af45ed10f1f3ab0c0134d6162089 2009.1/i586/libqttest4-4.5.2-1.4mdv2009.1.i586.rpm\r\n bc7276c87cc3e820092220a165fd712c 2009.1/i586/libqtwebkit4-4.5.2-1.4mdv2009.1.i586.rpm\r\n d8d1672097abf788e33839b052502db7 2009.1/i586/libqtxml4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 60f2b738a748c9a6940d170fe3d55fbd 2009.1/i586/libqtxmlpatterns4-4.5.2-1.4mdv2009.1.i586.rpm\r\n 707148f3de734413d332f15834befab1 2009.1/i586/qt4-accessibility-plugin-4.5.2-1.4mdv2009.1.i586.rpm\r\n 1030cc7be0bd49c2fdbc4f504a4cfc34 2009.1/i586/qt4-assistant-4.5.2-1.4mdv2009.1.i586.rpm\r\n ba55040d9da2653c2cd874cc310deacd 2009.1/i586/qt4-common-4.5.2-1.4mdv2009.1.i586.rpm\r\n 1c16bc98468323b4325b5c2a7246b5fa 2009.1/i586/qt4-database-plugin-mysql-4.5.2-1.4mdv2009.1.i586.rpm\r\n 4893d62ce7c8fab073986df4044a9104 2009.1/i586/qt4-database-plugin-odbc-4.5.2-1.4mdv2009.1.i586.rpm\r\n c5fdd4a8a13263f207e093578ed7b04f 2009.1/i586/qt4-database-plugin-pgsql-4.5.2-1.4mdv2009.1.i586.rpm\r\n 259be796e5410d370c4de6eaa5fbd8f2 2009.1/i586/qt4-database-plugin-sqlite-4.5.2-1.4mdv2009.1.i586.rpm\r\n 36572044c13cc085969d7613c476984d 2009.1/i586/qt4-database-plugin-tds-4.5.2-1.4mdv2009.1.i586.rpm\r\n b3efeae677ee698460c262eeb89155e1 2009.1/i586/qt4-designer-4.5.2-1.4mdv2009.1.i586.rpm\r\n f6abc26faf180e0f01471183e9eb1360 2009.1/i586/qt4-doc-4.5.2-1.4mdv2009.1.i586.rpm\r\n 85d63d0a1d807733cec89b44b8726b6c 2009.1/i586/qt4-examples-4.5.2-1.4mdv2009.1.i586.rpm\r\n d861c9c37090a5dc54a8b9f47bcd85e9 2009.1/i586/qt4-graphicssystems-plugin-4.5.2-1.4mdv2009.1.i586.rpm\r\n fa8be490f70fbdbcabcaa5dcd8fbe8e6 2009.1/i586/qt4-linguist-4.5.2-1.4mdv2009.1.i586.rpm\r\n 611e52f298cbd663d4817471d5ec6649 2009.1/i586/qt4-qdoc3-4.5.2-1.4mdv2009.1.i586.rpm\r\n 376e4a78a53a6d19aec23cc6fe4d02e6 2009.1/i586/qt4-qtconfig-4.5.2-1.4mdv2009.1.i586.rpm\r\n f544cfb1ae089a636d326c1a16d49a8b 2009.1/i586/qt4-qtdbus-4.5.2-1.4mdv2009.1.i586.rpm\r\n 4d5426eea7ff3b5d9d482e8e0564e259 2009.1/i586/qt4-qvfb-4.5.2-1.4mdv2009.1.i586.rpm\r\n b36c895e5b1a142c80ba069deca27326 2009.1/i586/qt4-xmlpatterns-4.5.2-1.4mdv2009.1.i586.rpm \r\n ba2b427b637644c9e2ae052e440db3ca 2009.1/SRPMS/qt4-4.5.2-1.4mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 309cb9e93730dac6e68c2aceedca6228 2009.1/x86_64/lib64qassistant4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 50251a9f53d698bd4ec409482fceece6 2009.1/x86_64/lib64qt3support4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n c75df0fbfc405667184efe4914d6700e 2009.1/x86_64/lib64qt4-devel-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n d4747541bf506775a4b3dad05752ed89 2009.1/x86_64/lib64qtclucene4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0fbf6ba9b02e6f0443b3f339d7cf88be 2009.1/x86_64/lib64qtcore4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 2702f5810e04d265fc32f34acf9f7a2b 2009.1/x86_64/lib64qtdbus4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 5b28ffd5773a937eef1475f8a7830dc6 2009.1/x86_64/lib64qtdesigner4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 05fc9bdb0a43260b0abc2cd11fd110ef 2009.1/x86_64/lib64qtgui4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 37416362357074d38f7f65e185cc1f2c 2009.1/x86_64/lib64qthelp4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 141d620b08d76178b97e6b23d817da89 2009.1/x86_64/lib64qtnetwork4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 5f1cbb6f37664d6796bd481bdbb68c6c 2009.1/x86_64/lib64qtopengl4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0a253e802e32372098197cf61a73c47f 2009.1/x86_64/lib64qtscript4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n e771cdd2158872e3fc67f614ca761df5 2009.1/x86_64/lib64qtscripttools4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 71cf257490930dbab7e318dd4895ba65 2009.1/x86_64/lib64qtsql4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n f9f399a96211e86abc99b60a34646c27 2009.1/x86_64/lib64qtsvg4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n cbf1ad93a0ba4b08d19a4c5387247c6c 2009.1/x86_64/lib64qttest4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 496e439949045d6406ad6ed112dc9ad9 2009.1/x86_64/lib64qtwebkit4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 25ef7ae8fc7bcb0875046347abddaf2e 2009.1/x86_64/lib64qtxml4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n a2d002a440b4bd33cc05592ea3a48d4c 2009.1/x86_64/lib64qtxmlpatterns4-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0611975777f48a60525af58fc87572cd \r\n2009.1/x86_64/qt4-accessibility-plugin-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 0ef334dda35fa8a9382e25889496bf04 2009.1/x86_64/qt4-assistant-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 79d0a99a5a61c63fc41bf08654bb0e41 2009.1/x86_64/qt4-common-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n ea0f80e65d83db575f4e326bd5701c77 \r\n2009.1/x86_64/qt4-database-plugin-mysql-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 6d248fade8ffedfd4d445baae775c942 \r\n2009.1/x86_64/qt4-database-plugin-odbc-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n d166e598090bb0c51bb784f2c36c37d3 \r\n2009.1/x86_64/qt4-database-plugin-pgsql-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 2fb0b42d4db487a853a387a0436250b1 \r\n2009.1/x86_64/qt4-database-plugin-sqlite-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n a2b30140d156c30a2b51859dfdcb6058 \r\n2009.1/x86_64/qt4-database-plugin-tds-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 123582d5b2797db92c92de4b3035b2a3 2009.1/x86_64/qt4-designer-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n a6acdd2d2cf72450cbfafbdcce8de14b 2009.1/x86_64/qt4-doc-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n f91e7ac39ff8ceac3e388e8c0e0092bb 2009.1/x86_64/qt4-examples-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 47cb7db983032b0b1bc99b9076b1e2a6 \r\n2009.1/x86_64/qt4-graphicssystems-plugin-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n e4a95559aff6f3040e9cf70a21571c0c 2009.1/x86_64/qt4-linguist-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 31769c7e3a9114ad2baa0ec2ecc51ec7 2009.1/x86_64/qt4-qdoc3-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 803a5567c991b9b4d1d393faa99ce4f9 2009.1/x86_64/qt4-qtconfig-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n e0932731675cade4d8af28f73076cb66 2009.1/x86_64/qt4-qtdbus-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 80a1e75207a94459f7a5d170e039040f 2009.1/x86_64/qt4-qvfb-4.5.2-1.4mdv2009.1.x86_64.rpm\r\n 74353dc01bda76eac82e627d3bd4394f 2009.1/x86_64/qt4-xmlpatterns-4.5.2-1.4mdv2009.1.x86_64.rpm \r\n ba2b427b637644c9e2ae052e440db3ca 2009.1/SRPMS/qt4-4.5.2-1.4mdv2009.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 6dab5b4352861791d2e9c66844e8f7cc mes5/i586/libqassistant4-4.4.3-1.1mdvmes5.i586.rpm\r\n 5b5f04166167f6b65bb09f1cdc4ff418 mes5/i586/libqt3support4-4.4.3-1.1mdvmes5.i586.rpm\r\n f8d7a36ceff46f2379a9405e174e7ef2 mes5/i586/libqt4-devel-4.4.3-1.1mdvmes5.i586.rpm\r\n 3e1cda13224d2eb90358948d6bfe0ca7 mes5/i586/libqtclucene4-4.4.3-1.1mdvmes5.i586.rpm\r\n 381b32c3d329709faeab69af54685426 mes5/i586/libqtcore4-4.4.3-1.1mdvmes5.i586.rpm\r\n 2068b07d29956817643d3a56dc22e8f6 mes5/i586/libqtdbus4-4.4.3-1.1mdvmes5.i586.rpm\r\n 143f967ce65bb0c2a93366c0aa7f72a6 mes5/i586/libqtdesigner4-4.4.3-1.1mdvmes5.i586.rpm\r\n d14b1405301030a42d13f177edb44d3f mes5/i586/libqtgui4-4.4.3-1.1mdvmes5.i586.rpm\r\n dadc72b3fcd68c0e9551ae08f8531533 mes5/i586/libqthelp4-4.4.3-1.1mdvmes5.i586.rpm\r\n a73d8530564ca8b1d44dbb1db5f65692 mes5/i586/libqtnetwork4-4.4.3-1.1mdvmes5.i586.rpm\r\n 08e560d95d4593ce0666a46557abb83a mes5/i586/libqtopengl4-4.4.3-1.1mdvmes5.i586.rpm\r\n e96273da78f150bef55286cb645c14f4 mes5/i586/libqtscript4-4.4.3-1.1mdvmes5.i586.rpm\r\n d01ed62e2ecd569ff8f063111d364422 mes5/i586/libqtsql4-4.4.3-1.1mdvmes5.i586.rpm\r\n 32933d8323bef2ed63a0893fc834c300 mes5/i586/libqtsvg4-4.4.3-1.1mdvmes5.i586.rpm\r\n 8a403e86299f148f522028898ecb8748 mes5/i586/libqttest4-4.4.3-1.1mdvmes5.i586.rpm\r\n 28121e2bb1edfd668af72eda7d6a7c0e mes5/i586/libqtwebkit4-4.4.3-1.1mdvmes5.i586.rpm\r\n 3564638af5cb81c575aa4cbf33385169 mes5/i586/libqtxml4-4.4.3-1.1mdvmes5.i586.rpm\r\n a1ac714f01d23f77e6806ef455162714 mes5/i586/libqtxmlpatterns4-4.4.3-1.1mdvmes5.i586.rpm\r\n 414ac53798e391740795c46bb8eb02b7 mes5/i586/qt4-accessibility-plugin-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n f3fb1ba455217b4964b0a34c24a0da6b mes5/i586/qt4-assistant-4.4.3-1.1mdvmes5.i586.rpm\r\n 05227c7aa487f260eb4af4a72bf322b3 mes5/i586/qt4-common-4.4.3-1.1mdvmes5.i586.rpm\r\n 93a8c12b8c890dd6ac1e7acd1f125bac mes5/i586/qt4-database-plugin-mysql-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n fbd40034720f238214813e582aa837d9 mes5/i586/qt4-database-plugin-odbc-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n b5d563d9008dd85cc73b0c27ddc6fd9e mes5/i586/qt4-database-plugin-pgsql-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n bf7d17080c5e228a39792bb0913a9253 mes5/i586/qt4-database-plugin-sqlite-lib-4.4.3-1.1mdvmes5.i586.rpm\r\n fdf84439ea6570d5730f5ebc8957b8d4 mes5/i586/qt4-designer-4.4.3-1.1mdvmes5.i586.rpm\r\n 0f758d6b30b5d83951193628ab870214 mes5/i586/qt4-doc-4.4.3-1.1mdvmes5.i586.rpm\r\n 0a0e034feb424384c692221d64472d90 mes5/i586/qt4-examples-4.4.3-1.1mdvmes5.i586.rpm\r\n 1ede5a58758447c3ac4debbf7c63b796 mes5/i586/qt4-linguist-4.4.3-1.1mdvmes5.i586.rpm\r\n a2cd930d1c7a3d63dd917ecabfeacbb7 mes5/i586/qt4-qtconfig-4.4.3-1.1mdvmes5.i586.rpm\r\n 486dfd1d8fcb5cf8cf4494528944305d mes5/i586/qt4-qtdbus-4.4.3-1.1mdvmes5.i586.rpm\r\n 70303d543e001142fb16d8f8c247cc85 mes5/i586/qt4-qvfb-4.4.3-1.1mdvmes5.i586.rpm\r\n a03bb20031295de711faf022052dc363 mes5/i586/qt4-xmlpatterns-4.4.3-1.1mdvmes5.i586.rpm \r\n 8e6542cfb9f71065cf2135143286905e mes5/SRPMS/qt4-4.4.3-1.1mdvmes5.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 51d1fb7d404b412c232463454f8fbbf9 mes5/x86_64/lib64qassistant4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 8d37e2870bd68f953f1a5ee0a69afaa1 mes5/x86_64/lib64qt3support4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 453f839e0367104c1ffed17533072488 mes5/x86_64/lib64qt4-devel-4.4.3-1.1mdvmes5.x86_64.rpm\r\n cc348afa0bd63d4d2f2d6ec9e59f2aca mes5/x86_64/lib64qtclucene4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n a84b47e7dc3f9f67c8f6ad43176c2370 mes5/x86_64/lib64qtcore4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n aead498329b43cfc1210f2a1ea608375 mes5/x86_64/lib64qtdbus4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n ee717732bda774e10cd3ca21f7936dea mes5/x86_64/lib64qtdesigner4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n f199108dcce669cb74a850b577e55a67 mes5/x86_64/lib64qtgui4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 100aa8902b8d88499772512d412d4a28 mes5/x86_64/lib64qthelp4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 719a91aa60cb7ad92c7ba21b1971e5c0 mes5/x86_64/lib64qtnetwork4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n b7a62f4e3e06381343d364dde342fa7a mes5/x86_64/lib64qtopengl4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n fd598160347f59354e4f915be6a8d442 mes5/x86_64/lib64qtscript4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 13cc8a9ae362634aaf1b6a965c892e70 mes5/x86_64/lib64qtsql4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n a9e1a49d36f0bdef47e30f37705c60d3 mes5/x86_64/lib64qtsvg4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 2aedb02ce51f8795ee4066c3794ee983 mes5/x86_64/lib64qttest4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 3b681e6c1aa6356f35dee66cddfe0bf9 mes5/x86_64/lib64qtwebkit4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 0b1606c177d245352b46185dab735887 mes5/x86_64/lib64qtxml4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 7ef7becb19b5944f89ef67a3bfca94e4 mes5/x86_64/lib64qtxmlpatterns4-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 598723e3efa4851df97a671734899719 \r\nmes5/x86_64/qt4-accessibility-plugin-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 9bbfb3a3635228c1b2d033e3738efe60 mes5/x86_64/qt4-assistant-4.4.3-1.1mdvmes5.x86_64.rpm\r\n c8c4acf66f09afa84bc65c61582f0c8a mes5/x86_64/qt4-common-4.4.3-1.1mdvmes5.x86_64.rpm\r\n b9853a79c82f3acbf5d272d2a03f196e \r\nmes5/x86_64/qt4-database-plugin-mysql-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 49819189b126bee1b7ccd847ec51a583 \r\nmes5/x86_64/qt4-database-plugin-odbc-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 8203263572ccc75822aa505b80fdeba0 \r\nmes5/x86_64/qt4-database-plugin-pgsql-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n cf200cfa8ec444191cdd004781da7d84 \r\nmes5/x86_64/qt4-database-plugin-sqlite-lib64-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 383e8baae8301b06ef2539bf02741969 mes5/x86_64/qt4-designer-4.4.3-1.1mdvmes5.x86_64.rpm\r\n f10a7aec7d82ac20e89439350a6cdb77 mes5/x86_64/qt4-doc-4.4.3-1.1mdvmes5.x86_64.rpm\r\n c28a00e567bbf9cafdec4913c359ab23 mes5/x86_64/qt4-examples-4.4.3-1.1mdvmes5.x86_64.rpm\r\n acfe2e3ebc80d1c1bc1065ff166d4f7d mes5/x86_64/qt4-linguist-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 02c4bcc9514b8c77cc0357b62c5eabf1 mes5/x86_64/qt4-qtconfig-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 567322d54d96cef40ca8ae487180b194 mes5/x86_64/qt4-qtdbus-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 476f0e47ead448f0c1fa9622f830ede9 mes5/x86_64/qt4-qvfb-4.4.3-1.1mdvmes5.x86_64.rpm\r\n 2d38f1e4dd2d4e008a44dc138edd1c60 mes5/x86_64/qt4-xmlpatterns-4.4.3-1.1mdvmes5.x86_64.rpm \r\n 8e6542cfb9f71065cf2135143286905e mes5/SRPMS/qt4-4.4.3-1.1mdvmes5.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFKplfBmqjQ0CJFipgRAtjyAJ46d0Cyi2XB9gCpUtAQUabOyVjTAgCffuGq\r\nBCaSemxCUSF0hiNsvtBeFw0=\r\n=bKvo\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2009-09-09T00:00:00", "published": "2009-09-09T00:00:00", "id": "SECURITYVULNS:DOC:22430", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22430", "title": "[ MDVSA-2009:225 ] qt4", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:34", "bulletinFamily": "software", "cvelist": ["CVE-2009-2700"], "description": "certificate spoofing with \0 symbol in domain name.", "edition": 1, "modified": "2009-09-09T00:00:00", "published": "2009-09-09T00:00:00", "id": "SECURITYVULNS:VULN:10216", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10216", "title": "Nokia Trolltech Qt4 SSL certificate spoofing", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:31", "bulletinFamily": "software", "cvelist": ["CVE-2009-2408"], "description": "Mozilla Foundation Security Advisory 2009-42\r\n\r\nTitle: Compromise of SSL-protected communication\r\nImpact: Critical\r\nAnnounced: August 1, 2009\r\nReporter: Dan Kaminsky\r\nProducts: Firefox, Thunderbird, SeaMonkey, NSS\r\n\r\nFixed in: Firefox 3.5\r\n NSS 3.12.3\r\nDescription\r\n\r\nIOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions.\r\n\r\nThis vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.\r\n\r\nMozilla would like to thank Dan and the Microsoft Vulnerability Research team for coordinating a multiple-vendor response to this problem.\r\nWorkaround\r\n\r\nUsers of unfixed versions of Firefox 3.0 who are concerned about the potential for this attack on their network should download the latest Firefox 3.5 from our web site, and on Windows ensure that the installer is signed and that "Mozilla Corporation" is the publisher.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=480509\r\n * "Vulnerabilities Allow Attacker to Impersonate Any Website", Threat Level blog, WIRED.com\r\n * CVE-2009-2408\r\n", "edition": 1, "modified": "2009-08-07T00:00:00", "published": "2009-08-07T00:00:00", "id": "SECURITYVULNS:DOC:22253", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22253", "title": "Mozilla Foundation Security Advisory 2009-42", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:29:36", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2700"], "description": "It was discovered that Qt did not properly handle certificates with NULL \ncharacters in the Subject Alternative Name field of X.509 certificates. An \nattacker could exploit this to perform a man in the middle attack to view \nsensitive information or alter encrypted communications. (CVE-2009-2700)", "edition": 5, "modified": "2009-09-10T00:00:00", "published": "2009-09-10T00:00:00", "id": "USN-829-1", "href": "https://ubuntu.com/security/notices/USN-829-1", "title": "Qt vulnerability", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "threatpost": [{"lastseen": "2018-10-06T23:08:55", "bulletinFamily": "info", "cvelist": ["CVE-2009-2408"], "description": "Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and \nSafari before 4.0.3, allows remote attackers to execute arbitrary code \nor cause a denial of service (application crash) via an image with \ncrafted EXIF metadata.\n\nApple Safari, possibly before 4.0.3, on Mac \nOS X does not properly handle a?\u2019\u2019 character in a domain name in the \nsubject\u2019s Common Name (CN) field of an X.509 certificate, which allows \nman-in-the-middle attackers to spoof arbitrary SSL servers via a \ncrafted certificate issued by a legitimate Certification?Authority, a \nrelated issue to CVE-2009-2408.\n\nBuffer overflow in ImageIO in \nApple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows \nremote attackers to execute arbitrary code or cause a denial of service \n(application crash) via an image with crafted EXIF metadata. \n", "modified": "2018-07-03T08:39:13", "published": "2009-12-29T21:50:26", "id": "THREATPOST:E8934170DFDD56E0C8B8F5EA86038B74", "href": "https://threatpost.com/apple-safari/91658/", "type": "threatpost", "title": "Apple Safari", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:41:54", "description": "Bugraq ID: 35888\r\nCVE ID\uff1aCVE-2009-2408\r\n\r\nMozilla Firefox\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684WEB\u6d4f\u89c8\u5668\u3002\r\nMozilla Firefox\u4e0d\u6b63\u786e\u9a8c\u8bc1\u7b7e\u540dCA\u8bc1\u4e66\u4e2d\u7684\u57df\u540d\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u901a\u8fc7\u4f2a\u9020\u8bc1\u4e66\u8fdb\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\u3002\r\n\u5982\u679c\u6784\u5efa\u7684\u4e00\u4e2a\u6076\u610f\u8bc1\u4e66\u5176\u516c\u7528\u540d\u5305\u542bNULL\u5b57\u7b26\uff0c\u5e76\u80fd\u6b63\u786e\u83b7\u5f97\u5408\u6cd5\u7b7e\u540d\u88ab\u6d4f\u89c8\u5668\u4fe1\u4efb\uff0c\u90a3\u4e48\u653b\u51fb\u8005\u53ef\u4ee5\u4f7f\u7528\u8fd9\u4e2a\u8bc1\u4e66\u4ee3\u66ff\u5408\u6cd5\u8bc1\u4e66\u8fdb\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\uff0c\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u6216\u8fdb\u884c\u5176\u4ed6\u653b\u51fb\u3002\n\nMozilla Network Security Services (NSS) 3.12.2\r\nMozilla Network Security Services (NSS) 3.11.3\r\nMozilla Network Security Services (NSS) 3.9.2\r\nMozilla Network Security Services (NSS) 3.9\r\n+ Mozilla Browser 1.5\r\nMozilla Network Security Services (NSS) 3.8\r\n+ Galeon Galeon Browser 1.2.13\r\n+ Mozilla Browser 1.4.1\r\n+ Mozilla Browser 1.4.1\r\n+ Mozilla Browser 1.4 b\r\n+ Mozilla Browser 1.4 b\r\n+ Mozilla Browser 1.4 a\r\n+ Mozilla Browser 1.4 a\r\n+ Mozilla Browser 1.4\r\n+ Mozilla Browser 1.4\r\nMozilla Network Security Services (NSS) 3.7.7\r\nMozilla Network Security Services (NSS) 3.7.5\r\nMozilla Network Security Services (NSS) 3.7.3\r\nMozilla Network Security Services (NSS) 3.7.2\r\nMozilla Network Security Services (NSS) 3.7.1\r\nMozilla Network Security Services (NSS) 3.7\r\nMozilla Network Security Services (NSS) 3.6.1\r\nMozilla Network Security Services (NSS) 3.6\r\nMozilla Network Security Services (NSS) 3.6\r\nMozilla Network Security Services (NSS) 3.5\r\nMozilla Network Security Services (NSS) 3.4.2\r\nMozilla Network Security Services (NSS) 3.4.1\r\nMozilla Network Security Services (NSS) 3.4\r\nMozilla Network Security Services (NSS) 3.3.2\r\nMozilla Network Security Services (NSS) 3.3.1\r\nMozilla Network Security Services (NSS) 3.3\r\nMozilla Network Security Services (NSS) 3.2.1\r\nMozilla Network Security Services (NSS) 3.2\r\nMozilla Network Security Services (NSS) 3.12\r\nMozilla Network Security Services (NSS) 3.11\r\nMozilla Firefox 3.0.12\r\nMozilla Firefox 3.0.11\r\nMozilla Firefox 3.0.10\r\nMozilla Firefox 3.0.9\r\nMozilla Firefox 3.0.8\r\nMozilla Firefox 3.0.7 Beta\r\nMozilla Firefox 3.0.7\r\nMozilla Firefox 3.0.6\r\nMozilla Firefox 3.0.5\r\nMozilla Firefox 3.0.4\r\nMozilla Firefox 3.0.3\r\nMozilla Firefox 3.0.2\r\nMozilla Firefox 3.0.1\r\nMozilla Firefox 3.0 Beta 5\r\nMozilla Firefox 3.0\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\nMozilla Firefox 3.5\u4e0d\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\uff0c\u5efa\u8bae\u7528\u6237\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u5347\u7ea7\u7a0b\u5e8f\uff1a\r\nhttp://www.mozilla.com/en-US/", "published": "2009-07-31T00:00:00", "type": "seebug", "title": "Mozilla Firefox NULL\u5b57\u7b26CA SSL\u8bc1\u4e66\u9a8c\u8bc1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-2408"], "modified": "2009-07-31T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11950", "id": "SSV:11950", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-03T18:32:29", "description": "Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability. CVE-2009-2408. Remote exploit for linux platform", "published": "2009-06-30T00:00:00", "type": "exploitdb", "title": "Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-2408"], "modified": "2009-06-30T00:00:00", "id": "EDB-ID:33128", "href": "https://www.exploit-db.com/exploits/33128/", "sourceData": "source: http://www.securityfocus.com/bid/35888/info\r\n\r\nMozilla Network Security Services (NSS) is prone to a security-bypass vulnerability because it fails to properly validate the domain name in a signed CA certificate, allowing attackers to substitute malicious SSL certificates for trusted ones.\r\n\r\nThe NSS library is used by a number of applications, including Mozilla Firefox, Thunderbird, and SeaMonkey.\r\n\r\nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.\r\n\r\nNOTE (August 6, 2009): This BID had included a similar issue in Fetchmail, but that issue is now documented in BID 35951 (Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability).\r\n\r\nPrivate-Key: (1024 bit)\r\nmodulus:\r\n 00:cf:4d:17:42:00:8d:0c:41:95:31:8c:40:30:bc:\r\n 5e:42:b6:28:09:75:2f:19:61:d9:ab:4d:ec:f3:44:\r\n c4:1c:01:95:6f:27:eb:70:07:98:4f:1e:05:d0:f3:\r\n 6c:49:45:e6:de:48:7a:59:f0:c2:93:6a:37:9c:02:\r\n 72:4f:bd:14:36:26:a1:70:97:d4:fe:4b:24:e8:cd:\r\n 29:1e:61:1a:85:b0:6f:96:06:83:10:13:d6:89:9f:\r\n bd:07:67:f1:42:de:9b:63:67:8b:96:f9:06:ef:7c:\r\n 93:4b:6a:f9:39:31:32:7f:98:59:ef:ce:91:be:05:\r\n ce:f0:82:33:d8:76:06:4c:9f\r\npublicExponent: 65537 (0x10001)\r\nprivateExponent:\r\n 00:8c:4f:3b:7c:ba:ee:bc:ea:ee:d6:58:7d:61:ff:\r\n 3d:35:9e:21:3f:35:87:a9:80:67:59:e1:26:8e:09:\r\n 6f:4b:1d:6f:4d:8b:11:7a:04:49:fc:d2:ef:50:dc:\r\n 51:e0:ce:65:52:f2:6f:8d:cc:bd:86:15:90:8a:11:\r\n c5:d9:5e:ba:fc:2b:fc:e3:a0:cd:c8:f0:9a:05:76:\r\n 06:82:07:a9:bd:14:cc:c7:7e:54:b9:32:5b:40:7a:\r\n 35:0a:26:80:d7:30:98:d6:b7:71:d5:9d:f4:0d:f2:\r\n 28:b5:a9:0c:2e:6d:78:19:86:a9:31:b0:a1:43:1c:\r\n 57:2c:78:a9:42:b2:49:d8:71\r\nprime1:\r\n 00:ec:07:79:1d:e2:50:14:77:af:99:18:1b:14:d4:\r\n 0c:25:0c:20:26:0d:dd:c7:75:0e:08:d3:77:72:ce:\r\n 2d:57:80:9d:18:bb:60:7b:b2:62:4e:21:a1:e6:84:\r\n 96:91:31:15:cc:5b:89:5b:5a:83:07:96:51:e4:d4:\r\n e6:3a:40:99:03\r\nprime2:\r\n 00:e0:d7:5a:07:0e:cc:a6:17:22:f8:ec:51:b1:7b:\r\n 17:af:3a:87:7b:f1:e4:6d:40:48:28:d2:c0:9c:93:\r\n e0:f1:8f:79:07:8f:00:e0:49:1d:0e:8c:65:41:ba:\r\n c8:20:e2:ae:78:54:75:6b:f0:41:e5:d1:9c:2e:23:\r\n 49:79:53:35:35\r\nexponent1:\r\n 15:17:15:db:75:bd:72:16:bf:ba:0e:4d:5d:2f:15:\r\n 66:ba:0e:a5:57:d7:d9:5a:bc:46:4d:9e:fe:c3:2d:\r\n 8a:04:14:05:81:b8:bd:54:d3:33:e8:0d:6f:6b:a9:\r\n 88:8f:ba:42:e8:6a:fd:9e:b8:d6:94:b7:fc:9a:89:\r\n 77:eb:0d:c1\r\nexponent2:\r\n 5c:5a:38:61:63:c3:cd:88:fd:55:6f:84:12:b9:73:\r\n be:06:f5:75:84:a3:05:f8:fc:6a:c0:3e:5b:52:26:\r\n 78:32:2d:4d:5c:80:c8:9f:5f:6f:05:5d:e6:04:b9:\r\n 85:40:76:d7:78:21:8f:07:6d:99:df:62:1e:55:62:\r\n 2d:92:6e:ed\r\ncoefficient:\r\n 00:c5:62:ea:ee:85:5c:eb:e6:07:12:58:a5:63:5a:\r\n 8f:e3:b3:df:c5:1e:cc:01:cd:87:d4:12:3f:45:8e:\r\n a9:4c:83:51:31:5a:e5:8d:11:a1:e3:84:b8:b4:e1:\r\n 12:33:eb:2d:4c:4e:8c:49:e2:0d:50:aa:ca:38:e3:\r\n e6:c2:29:86:17\r\nCertificate Request:\r\n Data:\r\n Version: 0 (0x0)\r\n Subject: C=US, CN=*\\x00thoughtcrime.noisebridge.net, ST=California, L=San Francisco, O=Noisebridge, OU=Moxie Marlinspike Fan Club\r\n Subject Public Key Info:\r\n Public Key Algorithm: rsaEncryption\r\n RSA Public Key: (1024 bit)\r\n Modulus (1024 bit):\r\n 00:cf:4d:17:42:00:8d:0c:41:95:31:8c:40:30:bc:\r\n 5e:42:b6:28:09:75:2f:19:61:d9:ab:4d:ec:f3:44:\r\n c4:1c:01:95:6f:27:eb:70:07:98:4f:1e:05:d0:f3:\r\n 6c:49:45:e6:de:48:7a:59:f0:c2:93:6a:37:9c:02:\r\n 72:4f:bd:14:36:26:a1:70:97:d4:fe:4b:24:e8:cd:\r\n 29:1e:61:1a:85:b0:6f:96:06:83:10:13:d6:89:9f:\r\n bd:07:67:f1:42:de:9b:63:67:8b:96:f9:06:ef:7c:\r\n 93:4b:6a:f9:39:31:32:7f:98:59:ef:ce:91:be:05:\r\n ce:f0:82:33:d8:76:06:4c:9f\r\n Exponent: 65537 (0x10001)\r\n Attributes:\r\n a0:00\r\n Signature Algorithm: md5WithRSAEncryption\r\n 64:e6:b2:77:45:74:c3:dc:f6:3d:e7:73:7f:0f:fb:dd:d7:30:\r\n c3:0f:30:d5:52:2c:6b:41:ad:40:2b:4b:07:2a:de:80:69:d4:\r\n a7:0b:6f:ed:cc:62:e7:4d:e1:fc:1e:81:0d:94:b9:c8:9b:14:\r\n 0a:10:d4:8e:f9:53:76:11:51:1d:c9:80:ca:15:e5:78:02:e1:\r\n d1:89:95:b5:4a:3f:e0:f7:f3:35:ad:1f:7d:85:5b:8c:f5:de:\r\n 70:05:8f:4f:1d:cb:23:83:dd:63:b7:2f:1a:8c:a1:3c:67:d9:\r\n f9:fc:63:c0:dc:bb:72:56:13:f6:3d:db:8e:d5:dc:01:9a:20:\r\n a2:dc\r\n-----BEGIN RSA PRIVATE KEY-----\r\nMIICXQIBAAKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+tw\r\nB5hPHgXQ82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQ\r\nE9aJn70HZ/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQAB\r\nAoGBAIxPO3y67rzq7tZYfWH/PTWeIT81h6mAZ1nhJo4Jb0sdb02LEXoESfzS71Dc\r\nUeDOZVLyb43MvYYVkIoRxdleuvwr/OOgzcjwmgV2BoIHqb0UzMd+VLkyW0B6NQom\r\ngNcwmNa3cdWd9A3yKLWpDC5teBmGqTGwoUMcVyx4qUKySdhxAkEA7Ad5HeJQFHev\r\nmRgbFNQMJQwgJg3dx3UOCNN3cs4tV4CdGLtge7JiTiGh5oSWkTEVzFuJW1qDB5ZR\r\n5NTmOkCZAwJBAODXWgcOzKYXIvjsUbF7F686h3vx5G1ASCjSwJyT4PGPeQePAOBJ\r\nHQ6MZUG6yCDirnhUdWvwQeXRnC4jSXlTNTUCQBUXFdt1vXIWv7oOTV0vFWa6DqVX\r\n19lavEZNnv7DLYoEFAWBuL1U0zPoDW9rqYiPukLoav2euNaUt/yaiXfrDcECQFxa\r\nOGFjw82I/VVvhBK5c74G9XWEowX4/GrAPltSJngyLU1cgMifX28FXeYEuYVAdtd4\r\nIY8HbZnfYh5VYi2Sbu0CQQDFYuruhVzr5gcSWKVjWo/js9/FHswBzYfUEj9FjqlM\r\ng1ExWuWNEaHjhLi04RIz6y1MToxJ4g1Qqso44+bCKYYX\r\n-----END RSA PRIVATE KEY-----\r\n-----BEGIN CERTIFICATE REQUEST-----\r\nMIIB3jCCAUcCADCBnjELMAkGA1UEBhMCVVMxJzAlBgNVBAMUHioAdGhvdWdodGNy\r\naW1lLm5vaXNlYnJpZGdlLm5ldDETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE\r\nBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLTm9pc2VicmlkZ2UxIzAhBgNVBAsT\r\nGk1veGllIE1hcmxpbnNwaWtlIEZhbiBDbHViMIGfMA0GCSqGSIb3DQEBAQUAA4GN\r\nADCBiQKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+twB5hP\r\nHgXQ82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQE9aJ\r\nn70HZ/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQABoAAw\r\nDQYJKoZIhvcNAQEEBQADgYEAZOayd0V0w9z2Pedzfw/73dcwww8w1VIsa0GtQCtL\r\nByregGnUpwtv7cxi503h/B6BDZS5yJsUChDUjvlTdhFRHcmAyhXleALh0YmVtUo/\r\n4PfzNa0ffYVbjPXecAWPTx3LI4PdY7cvGoyhPGfZ+fxjwNy7clYT9j3bjtXcAZog\r\notw=\r\n-----END CERTIFICATE REQUEST-----\r\n-----BEGIN CERTIFICATE-----\r\nMIIGTjCCBbegAwIBAgIDExefMA0GCSqGSIb3DQEBBQUAMIIBEjELMAkGA1UEBhMC\r\nRVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2Vsb25hMSkwJwYD\r\nVQQKEyBJUFMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgcy5sLjEuMCwGA1UEChQl\r\nZ2VuZXJhbEBpcHNjYS5jb20gQy5JLkYuICBCLUI2MjIxMDY5NTEuMCwGA1UECxMl\r\naXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMl\r\naXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEgMB4GCSqGSIb3\r\nDQEJARYRZ2VuZXJhbEBpcHNjYS5jb20wHhcNMDkwNzMwMDcxNDQyWhcNMTEwNzMw\r\nMDcxNDQyWjCBnjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU\r\nBgNVBAcTDVNhbiBGcmFuY2lzY28xFDASBgNVBAoTC05vaXNlYnJpZGdlMSMwIQYD\r\nVQQLExpNb3hpZSBNYXJsaW5zcGlrZSBGYW4gQ2x1YjEnMCUGA1UEAxQeKgB0aG91\r\nZ2h0Y3JpbWUubm9pc2VicmlkZ2UubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\r\niQKBgQDPTRdCAI0MQZUxjEAwvF5CtigJdS8ZYdmrTezzRMQcAZVvJ+twB5hPHgXQ\r\n82xJRebeSHpZ8MKTajecAnJPvRQ2JqFwl9T+SyTozSkeYRqFsG+WBoMQE9aJn70H\r\nZ/FC3ptjZ4uW+QbvfJNLavk5MTJ/mFnvzpG+Bc7wgjPYdgZMnwIDAQABo4IDITCC\r\nAx0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwCwYDVR0PBAQDAgP4MBMG\r\nA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBStfpIwBXE+eXWUWtE3s5JqXon2\r\nTzAfBgNVHSMEGDAWgBQOB2DUOckbW12QeyPI0jSdSppGOTAJBgNVHREEAjAAMBwG\r\nA1UdEgQVMBOBEWdlbmVyYWxAaXBzY2EuY29tMHIGCWCGSAGG+EIBDQRlFmNPcmdh\r\nbml6YXRpb24gSW5mb3JtYXRpb24gTk9UIFZBTElEQVRFRC4gQ0xBU0VBMSBTZXJ2\r\nZXIgQ2VydGlmaWNhdGUgaXNzdWVkIGJ5IGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS8w\r\nLwYJYIZIAYb4QgECBCIWIGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIv\r\nMEMGCWCGSAGG+EIBBAQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAy\r\nL2lwc2NhMjAwMkNMQVNFQTEuY3JsMEYGCWCGSAGG+EIBAwQ5FjdodHRwczovL3d3\r\ndy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jldm9jYXRpb25DTEFTRUExLmh0bWw/MEMG\r\nCWCGSAGG+EIBBwQ2FjRodHRwczovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL3Jl\r\nbmV3YWxDTEFTRUExLmh0bWw/MEEGCWCGSAGG+EIBCAQ0FjJodHRwczovL3d3dy5p\r\ncHNjYS5jb20vaXBzY2EyMDAyL3BvbGljeUNMQVNFQTEuaHRtbDCBgwYDVR0fBHww\r\nejA5oDegNYYzaHR0cDovL3d3dy5pcHNjYS5jb20vaXBzY2EyMDAyL2lwc2NhMjAw\r\nMkNMQVNFQTEuY3JsMD2gO6A5hjdodHRwOi8vd3d3YmFjay5pcHNjYS5jb20vaXBz\r\nY2EyMDAyL2lwc2NhMjAwMkNMQVNFQTEuY3JsMDIGCCsGAQUFBwEBBCYwJDAiBggr\r\nBgEFBQcwAYYWaHR0cDovL29jc3AuaXBzY2EuY29tLzANBgkqhkiG9w0BAQUFAAOB\r\ngQAjzXaLBu+/+RP0vQ6WjW/Pxgm4WQYhecqZ2+7ZFbsUCMJPQ8XE2uv+rIteGnRF\r\nZr3hYb+dVlfUnethjPhazZW+/hU4FePqmlbTtmMe+zMLThiScyC8y3EW4L4BZYcp\r\np1drPlZIj2RmSgPQ99oToUk5O6t+LMg1N14ajr9TpM8yNQ==\r\n-----END CERTIFICATE-----\r\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/33128/"}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "modified": "2009-09-03T00:29:02", "published": "2009-09-03T00:29:02", "id": "FEDORA:86DDF10F898", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: qt-4.5.2-3.fc11", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1725", "CVE-2009-2700"], "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "modified": "2009-09-03T00:29:12", "published": "2009-09-03T00:29:12", "id": "FEDORA:3DC7510F888", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: qt-4.5.2-3.fc10", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}