ID OPENVAS:861463
Type openvas
Reporter Copyright (C) 2009 Greenbone Networks GmbH
Modified 2017-07-10T00:00:00
Description
Check for the Version of mono
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for mono FEDORA-2007-068
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_affected = "mono on Fedora Core 5";
tag_insight = "The Mono runtime implements a JIT engine for the ECMA CLI
virtual machine (as well as a byte code interpreter, the
class loader, the garbage collector, threading system and
metadata access libraries.";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00069.html");
script_id(861463);
script_version("$Revision: 6622 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)");
script_tag(name:"cvss_base", value:"6.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
script_xref(name: "FEDORA", value: "2007-068");
script_cve_id("CVE-2006-6104", "CVE-2006-5072");
script_name( "Fedora Update for mono FEDORA-2007-068");
script_summary("Check for the Version of mono");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora_core", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC5")
{
if ((res = isrpmvuln(pkg:"mono", rpm:"mono~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-winforms", rpm:"x86_64/mono-winforms~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-data-firebird", rpm:"x86_64/mono-data-firebird~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-locale-extras", rpm:"x86_64/mono-locale-extras~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-web", rpm:"x86_64/mono-web~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/debug/mono-debuginfo", rpm:"x86_64/debug/mono-debuginfo~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/ibm-data-db2", rpm:"x86_64/ibm-data-db2~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/bytefx-data-mysql", rpm:"x86_64/bytefx-data-mysql~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-core", rpm:"x86_64/mono-core~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-jscript", rpm:"x86_64/mono-jscript~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-devel", rpm:"x86_64/mono-devel~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-data-sqlite", rpm:"x86_64/mono-data-sqlite~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-data-oracle", rpm:"x86_64/mono-data-oracle~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-basic", rpm:"x86_64/mono-basic~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-extras", rpm:"x86_64/mono-extras~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-data-sybase", rpm:"x86_64/mono-data-sybase~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-nunit", rpm:"x86_64/mono-nunit~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-data", rpm:"x86_64/mono-data~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"x86_64/mono-data-postgresql", rpm:"x86_64/mono-data-postgresql~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-data-firebird", rpm:"i386/mono-data-firebird~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-nunit", rpm:"i386/mono-nunit~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-basic", rpm:"i386/mono-basic~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-jscript", rpm:"i386/mono-jscript~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-data", rpm:"i386/mono-data~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-data-oracle", rpm:"i386/mono-data-oracle~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-devel", rpm:"i386/mono-devel~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-data-postgresql", rpm:"i386/mono-data-postgresql~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/bytefx-data-mysql", rpm:"i386/bytefx-data-mysql~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-locale-extras", rpm:"i386/mono-locale-extras~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/ibm-data-db2", rpm:"i386/ibm-data-db2~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-core", rpm:"i386/mono-core~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-data-sybase", rpm:"i386/mono-data-sybase~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/debug/mono-debuginfo", rpm:"i386/debug/mono-debuginfo~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-web", rpm:"i386/mono-web~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-extras", rpm:"i386/mono-extras~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-winforms", rpm:"i386/mono-winforms~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"i386/mono-data-sqlite", rpm:"i386/mono-data-sqlite~1.1.13.7~3.fc5.1", rls:"FC5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"bulletinFamily": "scanner", "viewCount": 0, "naslFamily": "Fedora Local Security Checks", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["2007-068", "https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00069.html"], "description": "Check for the Version of mono", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "a7b34c3caa9c0223711f7aadeb0cf7ff"}, {"key": "cvss", "hash": "20b312358ab5f293fffb562d006d88f6"}, {"key": "description", "hash": "6b017a7dd5d36208ba2a1fbb1a00a264"}, {"key": "href", "hash": "9a008ac016a2706b8b7ac02691c12c77"}, {"key": "modified", "hash": "0d134bf170d66438eb1e01173ee0187f"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "da44ad9d7bbf7baff043076d6ede80e6"}, {"key": "published", "hash": "35afa346a8e2805a0b04c27bc47830d3"}, {"key": "references", "hash": "1ede0622029e9c405f24880f9998ec96"}, {"key": "reporter", "hash": "b7e844243a0b30893b9118e3563e6521"}, {"key": "sourceData", "hash": "52fc591876afdad6df84dfc213c18621"}, {"key": "title", "hash": "de8e734f847fb223f75bd7fc286b9643"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "href": "http://plugins.openvas.org/nasl.php?oid=861463", "modified": "2017-07-10T00:00:00", "objectVersion": "1.3", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "id": "OPENVAS:861463", "title": "Fedora Update for mono FEDORA-2007-068", "hash": "08619ef7353189791c9d712b7ff06a8cc3a790f6d830eaba4165dcad756ac9aa", "edition": 2, "published": "2009-02-27T00:00:00", "type": "openvas", "history": [{"lastseen": "2017-07-02T21:14:20", "bulletin": {"hash": "693891a2f35f42a4e012f0d26b756ceb6449abc0e1dc5d738950e837807f35d5", "viewCount": 0, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["2007-068", "https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00069.html"], "description": "Check for the Version of mono", "hashmap": [{"key": "description", "hash": "6b017a7dd5d36208ba2a1fbb1a00a264"}, {"key": "references", "hash": "1ede0622029e9c405f24880f9998ec96"}, {"key": "href", "hash": "9a008ac016a2706b8b7ac02691c12c77"}, {"key": "reporter", "hash": "b7e844243a0b30893b9118e3563e6521"}, {"key": "title", "hash": "de8e734f847fb223f75bd7fc286b9643"}, {"key": "published", "hash": "35afa346a8e2805a0b04c27bc47830d3"}, {"key": "cvelist", "hash": "a7b34c3caa9c0223711f7aadeb0cf7ff"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}, {"key": "sourceData", "hash": "da8808ddebf8ddc5c31f75cf4f5f2dae"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "da44ad9d7bbf7baff043076d6ede80e6"}, {"key": "modified", "hash": "4ed7125049d645019b6eebcb04b5daf6"}, {"key": "cvss", "hash": "20b312358ab5f293fffb562d006d88f6"}], "naslFamily": "Fedora Local Security Checks", "modified": "2016-05-03T00:00:00", "objectVersion": "1.3", "href": "http://plugins.openvas.org/nasl.php?oid=861463", "published": "2009-02-27T00:00:00", "enchantments": {}, "id": "OPENVAS:861463", "title": "Fedora Update for mono FEDORA-2007-068", "bulletinFamily": "scanner", "edition": 1, "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mono FEDORA-2007-068\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mono on Fedora Core 5\";\ntag_insight = \"The Mono runtime implements a JIT engine for the ECMA CLI\n virtual machine (as well as a byte code interpreter, the\n class loader, the garbage collector, threading system and\n metadata access libraries.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00069.html\");\n script_id(861463);\n script_version(\"$Revision: 3213 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-05-03 13:50:44 +0200 (Tue, 03 May 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-068\");\n script_cve_id(\"CVE-2006-6104\", \"CVE-2006-5072\");\n script_name( \"Fedora Update for mono FEDORA-2007-068\");\n\n script_summary(\"Check for the Version of mono\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora_core\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mono\", rpm:\"mono~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-winforms\", rpm:\"x86_64/mono-winforms~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-firebird\", rpm:\"x86_64/mono-data-firebird~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-locale-extras\", rpm:\"x86_64/mono-locale-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-web\", rpm:\"x86_64/mono-web~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/mono-debuginfo\", rpm:\"x86_64/debug/mono-debuginfo~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/ibm-data-db2\", rpm:\"x86_64/ibm-data-db2~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/bytefx-data-mysql\", rpm:\"x86_64/bytefx-data-mysql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-core\", rpm:\"x86_64/mono-core~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-jscript\", rpm:\"x86_64/mono-jscript~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-devel\", rpm:\"x86_64/mono-devel~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-sqlite\", rpm:\"x86_64/mono-data-sqlite~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-oracle\", rpm:\"x86_64/mono-data-oracle~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-basic\", rpm:\"x86_64/mono-basic~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-extras\", rpm:\"x86_64/mono-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-sybase\", rpm:\"x86_64/mono-data-sybase~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-nunit\", rpm:\"x86_64/mono-nunit~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data\", rpm:\"x86_64/mono-data~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-postgresql\", rpm:\"x86_64/mono-data-postgresql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-firebird\", rpm:\"i386/mono-data-firebird~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-nunit\", rpm:\"i386/mono-nunit~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-basic\", rpm:\"i386/mono-basic~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-jscript\", rpm:\"i386/mono-jscript~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data\", rpm:\"i386/mono-data~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-oracle\", rpm:\"i386/mono-data-oracle~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-devel\", rpm:\"i386/mono-devel~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-postgresql\", rpm:\"i386/mono-data-postgresql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/bytefx-data-mysql\", rpm:\"i386/bytefx-data-mysql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-locale-extras\", rpm:\"i386/mono-locale-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/ibm-data-db2\", rpm:\"i386/ibm-data-db2~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-core\", rpm:\"i386/mono-core~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-sybase\", rpm:\"i386/mono-data-sybase~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/mono-debuginfo\", rpm:\"i386/debug/mono-debuginfo~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-web\", rpm:\"i386/mono-web~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-extras\", rpm:\"i386/mono-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-winforms\", rpm:\"i386/mono-winforms~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-sqlite\", rpm:\"i386/mono-data-sqlite~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "type": "openvas", "history": [], "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2006-5072", "CVE-2006-6104"], "lastseen": "2017-07-02T21:14:20", "pluginID": "861463"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2006-5072", "CVE-2006-6104"], "lastseen": "2017-07-25T10:57:15", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mono FEDORA-2007-068\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mono on Fedora Core 5\";\ntag_insight = \"The Mono runtime implements a JIT engine for the ECMA CLI\n virtual machine (as well as a byte code interpreter, the\n class loader, the garbage collector, threading system and\n metadata access libraries.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00069.html\");\n script_id(861463);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-068\");\n script_cve_id(\"CVE-2006-6104\", \"CVE-2006-5072\");\n script_name( \"Fedora Update for mono FEDORA-2007-068\");\n\n script_summary(\"Check for the Version of mono\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mono\", rpm:\"mono~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-winforms\", rpm:\"x86_64/mono-winforms~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-firebird\", rpm:\"x86_64/mono-data-firebird~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-locale-extras\", rpm:\"x86_64/mono-locale-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-web\", rpm:\"x86_64/mono-web~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/mono-debuginfo\", rpm:\"x86_64/debug/mono-debuginfo~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/ibm-data-db2\", rpm:\"x86_64/ibm-data-db2~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/bytefx-data-mysql\", rpm:\"x86_64/bytefx-data-mysql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-core\", rpm:\"x86_64/mono-core~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-jscript\", rpm:\"x86_64/mono-jscript~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-devel\", rpm:\"x86_64/mono-devel~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-sqlite\", rpm:\"x86_64/mono-data-sqlite~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-oracle\", rpm:\"x86_64/mono-data-oracle~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-basic\", rpm:\"x86_64/mono-basic~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-extras\", rpm:\"x86_64/mono-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-sybase\", rpm:\"x86_64/mono-data-sybase~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-nunit\", rpm:\"x86_64/mono-nunit~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data\", rpm:\"x86_64/mono-data~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-postgresql\", rpm:\"x86_64/mono-data-postgresql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-firebird\", rpm:\"i386/mono-data-firebird~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-nunit\", rpm:\"i386/mono-nunit~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-basic\", rpm:\"i386/mono-basic~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-jscript\", rpm:\"i386/mono-jscript~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data\", rpm:\"i386/mono-data~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-oracle\", rpm:\"i386/mono-data-oracle~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-devel\", rpm:\"i386/mono-devel~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-postgresql\", rpm:\"i386/mono-data-postgresql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/bytefx-data-mysql\", rpm:\"i386/bytefx-data-mysql~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-locale-extras\", rpm:\"i386/mono-locale-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/ibm-data-db2\", rpm:\"i386/ibm-data-db2~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-core\", rpm:\"i386/mono-core~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-sybase\", rpm:\"i386/mono-data-sybase~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/mono-debuginfo\", rpm:\"i386/debug/mono-debuginfo~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-web\", rpm:\"i386/mono-web~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-extras\", rpm:\"i386/mono-extras~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-winforms\", rpm:\"i386/mono-winforms~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-sqlite\", rpm:\"i386/mono-data-sqlite~1.1.13.7~3.fc5.1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "pluginID": "861463"}
{"cve": [{"lastseen": "2018-10-18T15:05:38", "references": ["http://fedoranews.org/cms/node/2401", "http://www.ubuntu.com/usn/usn-397-1", "http://securityreason.com/securityalert/2082", "http://www.vupen.com/english/advisories/2006/5099", "http://fedoranews.org/cms/node/2400", "http://securitytracker.com/id?1017430", "http://www.securityfocus.com/archive/1/454962/100/0/threaded", "http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html", "http://www.securityfocus.com/bid/21687", "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:234", "http://security.gentoo.org/glsa/glsa-200701-12.xml"], "description": "The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20.", "edition": 3, "reporter": "NVD", "published": "2006-12-21T14:28:00", "title": "CVE-2006-6104", "type": "cve", "enchantments": {"score": {"modified": "2018-10-18T15:05:38", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:2092", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2006-6104"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:2092", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2092"}], "modified": "2018-10-17T17:46:39", "cpe": ["cpe:/a:mono:xsp:1.1", "cpe:/a:mono:xsp:2.0", "cpe:/a:mono:xsp:1.2.1"], "id": "CVE-2006-6104", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6104", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-20T10:49:34", "references": ["http://fedoranews.org/cms/node/2401", "http://www.vupen.com/english/advisories/2006/3911", "https://exchange.xforce.ibmcloud.com/vulnerabilities/29353", "http://www.ubuntu.com/usn/usn-357-1", "http://www.securityfocus.com/bid/20340", "http://www.mandriva.com/security/advisories?name=MDKSA-2006:188", "http://security.gentoo.org/glsa/glsa-200611-23.xml", "http://www.novell.com/linux/security/advisories/2006_73_mono.html"], "description": "The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack.", "edition": 2, "reporter": "NVD", "published": "2006-10-10T00:06:00", "title": "CVE-2006-5072", "type": "cve", "enchantments": {"score": {"modified": "2017-07-20T10:49:34", "vector": "NONE", "value": 7.2}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2006-5072"], "scanner": [], "modified": "2017-07-19T21:33:29", "cpe": ["cpe:/a:mono:mono:2.0", "cpe:/a:mono:mono:1.0"], "id": "CVE-2006-5072", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5072", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-02T00:01:47", "references": ["http://www.nessus.org/u?4b5bc1c1"], "pluginID": "24198", "description": "A security problem was found and fixed in mono class libraries that affects the Mono web server implementation.\n\nBy appending spaces to URLs attackers could download the source code of ASP.net scripts that would normally get executed by the web server.\n\nAfter upgrading the packages you need to restart any running mono web server.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2007-01-17T00:00:00", "title": "Fedora Core 5 : mono-1.1.13.7-3.fc5.1 (2007-068)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5072", "CVE-2006-6104"], "modified": "2015-10-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mono-devel", "p-cpe:/a:fedoraproject:fedora:mono-data-oracle", "p-cpe:/a:fedoraproject:fedora:mono-debuginfo", "p-cpe:/a:fedoraproject:fedora:mono-basic", "p-cpe:/a:fedoraproject:fedora:mono-data-sybase", "p-cpe:/a:fedoraproject:fedora:mono-web", "p-cpe:/a:fedoraproject:fedora:ibm-data-db2", "cpe:/o:fedoraproject:fedora_core:5", "p-cpe:/a:fedoraproject:fedora:mono-data", "p-cpe:/a:fedoraproject:fedora:mono-data-firebird", "p-cpe:/a:fedoraproject:fedora:bytefx-data-mysql", "p-cpe:/a:fedoraproject:fedora:mono-nunit", "p-cpe:/a:fedoraproject:fedora:mono-jscript", "p-cpe:/a:fedoraproject:fedora:mono-extras", "p-cpe:/a:fedoraproject:fedora:mono-data-postgresql", "p-cpe:/a:fedoraproject:fedora:mono-data-sqlite", "p-cpe:/a:fedoraproject:fedora:mono-winforms", "p-cpe:/a:fedoraproject:fedora:mono-locale-extras", "p-cpe:/a:fedoraproject:fedora:mono-core"], "id": "FEDORA_2007-068.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=24198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-068.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(24198);\n script_version (\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2015/10/21 21:46:28 $\");\n\n script_cve_id(\"CVE-2006-5072\", \"CVE-2006-6104\");\n script_xref(name:\"FEDORA\", value:\"2007-068\");\n\n script_name(english:\"Fedora Core 5 : mono-1.1.13.7-3.fc5.1 (2007-068)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security problem was found and fixed in mono class libraries that\naffects the Mono web server implementation.\n\nBy appending spaces to URLs attackers could download the source code\nof ASP.net scripts that would normally get executed by the web server.\n\nAfter upgrading the packages you need to restart any running mono web\nserver.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-January/001244.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4b5bc1c1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bytefx-data-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ibm-data-db2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-basic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-jscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-locale-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-nunit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-winforms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"bytefx-data-mysql-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"ibm-data-db2-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-basic-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-core-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-data-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-data-firebird-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-data-oracle-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-data-postgresql-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-data-sqlite-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-data-sybase-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-debuginfo-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-devel-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-extras-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-jscript-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-locale-extras-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-nunit-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-web-1.1.13.7-3.fc5.1\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"mono-winforms-1.1.13.7-3.fc5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bytefx-data-mysql / ibm-data-db2 / mono-basic / mono-core / etc\");\n}\n", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-14T03:05:13", "references": ["https://usn.ubuntu.com/397-1/"], "pluginID": "27983", "description": "Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application's source.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2007-11-10T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 : mono vulnerability (USN-397-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2018-11-13T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libmono-data-tds2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-utils", "p-cpe:/a:canonical:ubuntu_linux:mono-common", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-web2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-sqlite2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-cairo2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-cscompmgd8.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-winforms2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip2.84-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0", "p-cpe:/a:canonical:ubuntu_linux:libmono-sqlite1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-ldap2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-accessibility1.0-cil", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:libmono-bytefx0.7.6.2-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-cairo1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-oracle2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-mjs", "p-cpe:/a:canonical:ubuntu_linux:libmono-system2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-winforms1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-oracle1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0-dbg", "p-cpe:/a:canonical:ubuntu_linux:mono-runtime", "p-cpe:/a:canonical:ubuntu_linux:libmono-corlib2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-gac", "p-cpe:/a:canonical:ubuntu_linux:mono-mcs", "p-cpe:/a:canonical:ubuntu_linux:libmono-data-tds1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-accessibility2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-gmcs", "p-cpe:/a:canonical:ubuntu_linux:libmono-security1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-data1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip0.6-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-peapi2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono0", "p-cpe:/a:canonical:ubuntu_linux:libmono-ldap2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-bytefx0.7.6.1-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-corlib1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-devel", "p-cpe:/a:canonical:ubuntu_linux:libmono2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-jay", "p-cpe:/a:canonical:ubuntu_linux:libmono-microsoft-build2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-messaging2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0", "p-cpe:/a:canonical:ubuntu_linux:libmono-relaxng1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-data2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-peapi1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-c5-1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-npgsql2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-firebirdsql1.7-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-microsoft8.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-ldap1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-runtime2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-assemblies-base", "p-cpe:/a:canonical:ubuntu_linux:libmono-security2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-web1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-microsoft7.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono-jit", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0-dbg", "p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip0.84-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-cscompmgd7.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-messaging1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-ldap1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:mono", "p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip2.6-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-dev", "p-cpe:/a:canonical:ubuntu_linux:libmono-npgsql1.0-cil", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libmono1.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-relaxng2.0-cil", "p-cpe:/a:canonical:ubuntu_linux:libmono-system-runtime1.0-cil"], "id": "UBUNTU_USN-397-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27983", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-397-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27983);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/13 12:30:48\");\n\n script_cve_id(\"CVE-2006-6104\");\n script_bugtraq_id(21687);\n script_xref(name:\"USN\", value:\"397-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 : mono vulnerability (USN-397-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jose Ramon Palanco discovered that the mono System.Web class did not\nconsistently verify local file paths. As a result, the source code for\nmono web applications could be retrieved remotely, possibly leading to\nfurther compromise via the application's source.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/397-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-accessibility1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-accessibility2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-bytefx0.7.6.1-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-bytefx0.7.6.2-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-c5-1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-cairo1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-cairo2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-corlib1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-corlib2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-cscompmgd7.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-cscompmgd8.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-data-tds1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-data-tds2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-firebirdsql1.7-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-ldap1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-ldap2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-microsoft-build2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-microsoft7.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-microsoft8.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-npgsql1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-npgsql2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-oracle1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-oracle2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-peapi1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-peapi2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-relaxng1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-relaxng2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-security1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-security2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip0.6-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip0.84-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip2.6-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-sharpzip2.84-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-sqlite1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-sqlite2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-data1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-data2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-ldap1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-ldap2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-messaging1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-messaging2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-runtime1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-runtime2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-web1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system-web2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-system2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-winforms1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-winforms2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono1.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono2.0-cil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-assemblies-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-gac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-gmcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-jay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-jit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-mcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-mjs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmono-dev\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmono0\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-assemblies-base\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-1.0\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-1.0-dbg\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-2.0\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-2.0-dbg\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-common\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-devel\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-gac\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-gmcs\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-jay\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-jit\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-mcs\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-utils\", pkgver:\"1.1.13.6-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-accessibility1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-accessibility2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-bytefx0.7.6.1-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-bytefx0.7.6.2-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-c5-1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-cairo1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-cairo2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-corlib1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-corlib2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-cscompmgd7.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-cscompmgd8.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-data-tds1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-data-tds2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-dev\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-firebirdsql1.7-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-ldap1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-ldap2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-microsoft-build2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-microsoft7.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-microsoft8.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-npgsql1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-npgsql2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-oracle1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-oracle2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-peapi1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-peapi2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-relaxng1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-relaxng2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-security1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-security2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-sharpzip0.6-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-sharpzip0.84-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-sharpzip2.6-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-sharpzip2.84-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-sqlite1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-sqlite2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-data1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-data2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-ldap1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-ldap2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-messaging1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-messaging2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-runtime1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-runtime2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-web1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system-web2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-system2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-winforms1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono-winforms2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono0\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono1.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libmono2.0-cil\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-classlib-1.0\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-classlib-2.0\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-common\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-devel\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-gac\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-gmcs\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-jay\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-jit\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-mcs\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-mjs\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-runtime\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mono-utils\", pkgver:\"1.1.17.1-1ubuntu7.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmono-accessibility1.0-cil / libmono-accessibility2.0-cil / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-11-29T19:32:11", "references": ["http://www.nessus.org/u?7eb7aad8", "https://www.securityfocus.com/archive/1/454962/30/0/threaded", "http://www.nessus.org/u?e26e3abc"], "pluginID": "23934", "description": "The remote host is running Mono XSP, a lightweight web server for hosting ASP.NET applications. \n\nThe version of Mono XSP installed on the remote Windows host fails to properly validate filename extensions in URLs. A remote attacker may be able to leverage this issue to disclose the source of scripts hosted by the affected application using specially crafted requests with URL-encoded space characters.", "edition": 6, "reporter": "Tenable", "published": "2006-12-23T00:00:00", "title": "Mono XSP for ASP.NET Server Crafted Request Script Source Code Disclosure", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CGI abuses", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2018-11-28T00:00:00", "cpe": [], "id": "MONO_XSP_SOURCE_DISCLOSURE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=23934", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(23934);\n script_version(\"1.18\");\n\n script_cve_id(\"CVE-2006-6104\");\n script_bugtraq_id(21687);\n\n script_name(english:\"Mono XSP for ASP.NET Server Crafted Request Script Source Code Disclosure\");\n script_summary(english:\"Tries to retrieve ASPX source code using XSP\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by an information disclosure\nvulnerability.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Mono XSP, a lightweight web server for\nhosting ASP.NET applications. \n\nThe version of Mono XSP installed on the remote Windows host fails to\nproperly validate filename extensions in URLs. A remote attacker may\nbe able to leverage this issue to disclose the source of scripts\nhosted by the affected application using specially crafted requests\nwith URL-encoded space characters.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7eb7aad8\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/454962/30/0/threaded\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e26e3abc\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mono version 1.2.2 / 1.1.13.8.2 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/12/23\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/12/20\");\n script_cvs_date(\"Date: 2018/11/28 22:47:41\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_end_attributes();\n\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"http_version.nasl\", \"webmirror.nasl\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\n\nport = get_http_port(default:80);\n\nbanner = get_http_banner(port:port);\nif (! banner) exit(1, \"No web banner on port \"+port);\n\nif (\"Server: Mono.WebServer\" >!< banner) exit(0, \"Mono.webServer is not running on port \"+port);\n\n files = get_kb_list(string(\"www/\", port, \"/content/extensions/aspx\"));\n if (isnull(files)) files = make_list(\"/index.aspx\", \"/Default.aspx\");\n\n n = 0;\n foreach file (files)\n {\n w = http_send_recv3(method:\"GEt\", item:string(file, \"%20\"), port:port);\n if (isnull(w)) exit(1, \"The web server on port \"+port+\" did not answer\");\n res = w[2];\n\n if (\n \"<%@ \" >< res && \n egrep(pattern:\"<%@ +language=\", string:res, icase:TRUE)\n )\n {\n if (report_verbosity > 1)\n report = string(\n \"Here is the source that Nessus was able to retrieve : \\n\",\n \"\\n\",\n \" \", file, \" :\\n\",\n \"\\n\",\n res\n );\n else report = NULL;\n security_warning(port:port, extra:report); \n exit(0);\n }\n n++;\n if (n > 20) exit(0);\n }\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-12-08T03:43:53", "references": [], "pluginID": "24617", "description": "XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic.\n\nUpdated packages have been patched to correct this issue.", "edition": 6, "reporter": "Tenable", "published": "2007-02-18T00:00:00", "title": "Mandrake Linux Security Advisory : mono (MDKSA-2006:234)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2018-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libmono0", "p-cpe:/a:mandriva:linux:mono-data-sqlite", "p-cpe:/a:mandriva:linux:jay", "p-cpe:/a:mandriva:linux:mono", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:mono-doc", "p-cpe:/a:mandriva:linux:lib64mono0", "p-cpe:/a:mandriva:linux:libmono-runtime", "p-cpe:/a:mandriva:linux:lib64mono0-devel", "p-cpe:/a:mandriva:linux:libmono0-devel"], "id": "MANDRAKE_MDKSA-2006-234.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=24617", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:234. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(24617);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/12/05 20:31:23\");\n\n script_cve_id(\"CVE-2006-6104\");\n script_bugtraq_id(21687);\n script_xref(name:\"MDKSA\", value:\"2006:234\");\n\n script_name(english:\"Mandrake Linux Security Advisory : mono (MDKSA-2006:234)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"XSP (the Mono ASP.NET server) is vulnerable to source disclosure\nattack which allow a malicious user to obtain the source code of the\nserver-side application. This vulnerability grants the attacker deeper\nknowledge of the Web application logic.\n\nUpdated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:jay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mono0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mono0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmono-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmono0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmono0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mono-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"jay-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mono0-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mono0-devel-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"libmono-runtime-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmono0-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmono0-devel-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mono-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mono-data-sqlite-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mono-doc-1.1.17.1-5.2mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-02T00:03:15", "references": ["http://www.nessus.org/u?3d0bee54"], "pluginID": "24197", "description": "A security problem was found and fixed in mono class libraries that affects the Mono web server implementation.\n\nBy appending spaces to URLs attackers could download the source code of ASP.net scripts that would normally get executed by the web server.\n\nAfter upgrading the packages you need to restart any running mono web server.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2007-01-17T00:00:00", "title": "Fedora Core 6 : mono-1.1.17.1-4.fc6 (2007-067)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2015-10-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mono-devel", "cpe:/o:fedoraproject:fedora_core:6", "p-cpe:/a:fedoraproject:fedora:mono-data-oracle", "p-cpe:/a:fedoraproject:fedora:mono-debuginfo", "p-cpe:/a:fedoraproject:fedora:mono-data-sybase", "p-cpe:/a:fedoraproject:fedora:mono-web", "p-cpe:/a:fedoraproject:fedora:ibm-data-db2", "p-cpe:/a:fedoraproject:fedora:mono-data", "p-cpe:/a:fedoraproject:fedora:mono-nunit-devel", "p-cpe:/a:fedoraproject:fedora:mono-data-firebird", "p-cpe:/a:fedoraproject:fedora:bytefx-data-mysql", "p-cpe:/a:fedoraproject:fedora:mono-nunit", "p-cpe:/a:fedoraproject:fedora:mono-jscript", "p-cpe:/a:fedoraproject:fedora:mono-extras", "p-cpe:/a:fedoraproject:fedora:mono-data-postgresql", "p-cpe:/a:fedoraproject:fedora:mono-data-sqlite", "p-cpe:/a:fedoraproject:fedora:mono-winforms", "p-cpe:/a:fedoraproject:fedora:mono-locale-extras", "p-cpe:/a:fedoraproject:fedora:mono-core"], "id": "FEDORA_2007-067.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=24197", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-067.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(24197);\n script_version (\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2015/10/21 21:46:28 $\");\n\n script_cve_id(\"CVE-2006-6104\");\n script_xref(name:\"FEDORA\", value:\"2007-067\");\n\n script_name(english:\"Fedora Core 6 : mono-1.1.17.1-4.fc6 (2007-067)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security problem was found and fixed in mono class libraries that\naffects the Mono web server implementation.\n\nBy appending spaces to URLs attackers could download the source code\nof ASP.net scripts that would normally get executed by the web server.\n\nAfter upgrading the packages you need to restart any running mono web\nserver.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-January/001243.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3d0bee54\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bytefx-data-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ibm-data-db2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-data-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-jscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-locale-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-nunit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-nunit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mono-winforms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"bytefx-data-mysql-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"ibm-data-db2-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-core-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-data-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-data-firebird-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-data-oracle-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-data-postgresql-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-data-sqlite-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-data-sybase-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-debuginfo-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-devel-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-extras-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-jscript-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-locale-extras-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-nunit-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-nunit-devel-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-web-1.1.17.1-4.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"mono-winforms-1.1.17.1-4.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bytefx-data-mysql / ibm-data-db2 / mono-core / mono-data / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-02T00:05:05", "references": ["https://security.gentoo.org/glsa/200701-12"], "pluginID": "24210", "description": "The remote host is affected by the vulnerability described in GLSA-200701-12 (Mono: Information disclosure)\n\n Jose Ramon Palanco has discovered that the System.Web class in the XSP for the ASP.NET server 1.1 through 2.0 in Mono does not properly validate or sanitize local pathnames which could allow server-side file content disclosure.\n Impact :\n\n An attacker could append a space character to a URI and obtain unauthorized access to the source code of server-side files. An attacker could also read credentials by requesting Web.Config%20 from a Mono server.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2007-01-17T00:00:00", "title": "GLSA-200701-12 : Mono: Information disclosure", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2018-07-11T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mono"], "id": "GENTOO_GLSA-200701-12.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=24210", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200701-12.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(24210);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/11 17:09:25\");\n\n script_cve_id(\"CVE-2006-6104\");\n script_bugtraq_id(21687);\n script_xref(name:\"GLSA\", value:\"200701-12\");\n\n script_name(english:\"GLSA-200701-12 : Mono: Information disclosure\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200701-12\n(Mono: Information disclosure)\n\n Jose Ramon Palanco has discovered that the System.Web class in the XSP\n for the ASP.NET server 1.1 through 2.0 in Mono does not properly\n validate or sanitize local pathnames which could allow server-side file\n content disclosure.\n \nImpact :\n\n An attacker could append a space character to a URI and obtain\n unauthorized access to the source code of server-side files. An\n attacker could also read credentials by requesting Web.Config%20 from a\n Mono server.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200701-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Mono users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/mono-1.2.2.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/mono\", unaffected:make_list(\"ge 1.2.2.1\"), vulnerable:make_list(\"lt 1.2.2.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mono\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-12-08T03:32:31", "references": [], "pluginID": "24573", "description": "Sebastian Krahmer of the SUSE security team found that the System.CodeDom.Compiler classes in mono used temporary files in an insecure way that could allow a symbolic link attack to overwrite arbitrary files with the privileges of the user running a program that made use of those classes.\n\nUpdated packages have been patched to correct this issue.", "edition": 6, "reporter": "Tenable", "published": "2007-02-18T00:00:00", "title": "Mandrake Linux Security Advisory : mono (MDKSA-2006:188)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5072"], "modified": "2018-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libmono0", "p-cpe:/a:mandriva:linux:mono-data-sqlite", "p-cpe:/a:mandriva:linux:jay", "p-cpe:/a:mandriva:linux:mono", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:mono-doc", "p-cpe:/a:mandriva:linux:lib64mono0", "p-cpe:/a:mandriva:linux:libmono-runtime", "p-cpe:/a:mandriva:linux:lib64mono0-devel", "p-cpe:/a:mandriva:linux:libmono0-devel"], "id": "MANDRAKE_MDKSA-2006-188.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=24573", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:188. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(24573);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/12/05 20:31:23\");\n\n script_cve_id(\"CVE-2006-5072\");\n script_bugtraq_id(20340);\n script_xref(name:\"MDKSA\", value:\"2006:188\");\n\n script_name(english:\"Mandrake Linux Security Advisory : mono (MDKSA-2006:188)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sebastian Krahmer of the SUSE security team found that the\nSystem.CodeDom.Compiler classes in mono used temporary files in an\ninsecure way that could allow a symbolic link attack to overwrite\narbitrary files with the privileges of the user running a program that\nmade use of those classes.\n\nUpdated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:jay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mono0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mono0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmono-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmono0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmono0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mono-data-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mono-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"jay-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mono0-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64mono0-devel-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"libmono-runtime-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmono0-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libmono0-devel-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mono-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mono-data-sqlite-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mono-doc-1.1.17.1-5.1mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:01:09", "references": ["https://security.gentoo.org/glsa/200611-23"], "pluginID": "23745", "description": "The remote host is affected by the vulnerability described in GLSA-200611-23 (Mono: Insecure temporary file creation)\n\n Sebastian Krahmer of the SuSE Security Team discovered that the System.CodeDom.Compiler classes of Mono create temporary files with insecure permissions.\n Impact :\n\n A local attacker could create links in the temporary file directory, pointing to a valid file somewhere on the filesystem. When an affected class is called, this could result in the file being overwritten with the rights of the user running the script.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2006-11-30T00:00:00", "title": "GLSA-200611-23 : Mono: Insecure temporary file creation", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5072"], "modified": "2018-07-11T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mono"], "id": "GENTOO_GLSA-200611-23.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=23745", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200611-23.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(23745);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/11 17:09:25\");\n\n script_cve_id(\"CVE-2006-5072\");\n script_bugtraq_id(20340);\n script_xref(name:\"GLSA\", value:\"200611-23\");\n\n script_name(english:\"GLSA-200611-23 : Mono: Insecure temporary file creation\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200611-23\n(Mono: Insecure temporary file creation)\n\n Sebastian Krahmer of the SuSE Security Team discovered that the\n System.CodeDom.Compiler classes of Mono create temporary files with\n insecure permissions.\n \nImpact :\n\n A local attacker could create links in the temporary file directory,\n pointing to a valid file somewhere on the filesystem. When an affected\n class is called, this could result in the file being overwritten with\n the rights of the user running the script.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200611-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Mono users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/mono-1.1.13.8.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/11/30\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/10/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/mono\", unaffected:make_list(\"ge 1.1.13.8.1\"), vulnerable:make_list(\"lt 1.1.13.8.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mono\");\n}\n", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:32:32", "references": ["https://usn.ubuntu.com/357-1/"], "pluginID": "27937", "description": "Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program.\nUnder some circumstances, a local attacker could also exploit this to inject arbitrary code into running Mono processes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.10 / 6.06 LTS : mono vulnerability (USN-357-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5072"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mono-utils", "p-cpe:/a:canonical:ubuntu_linux:mono-common", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0-dbg", "p-cpe:/a:canonical:ubuntu_linux:mono-gac", "p-cpe:/a:canonical:ubuntu_linux:mono-mcs", "p-cpe:/a:canonical:ubuntu_linux:mono-gmcs", "p-cpe:/a:canonical:ubuntu_linux:libmono0", "p-cpe:/a:canonical:ubuntu_linux:mono-devel", "p-cpe:/a:canonical:ubuntu_linux:mono-jay", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0", "cpe:/o:canonical:ubuntu_linux:5.10", "p-cpe:/a:canonical:ubuntu_linux:mono-assemblies-base", "p-cpe:/a:canonical:ubuntu_linux:mono-jit", "p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0-dbg", "p-cpe:/a:canonical:ubuntu_linux:mono", "p-cpe:/a:canonical:ubuntu_linux:libmono-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-357-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27937", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-357-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27937);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/12/01 15:12:38\");\n\n script_cve_id(\"CVE-2006-5072\");\n script_xref(name:\"USN\", value:\"357-1\");\n\n script_name(english:\"Ubuntu 5.10 / 6.06 LTS : mono vulnerability (USN-357-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sebastian Krahmer of the SuSE security team discovered that the\nSystem.CodeDom.Compiler classes used temporary files in an insecure\nway. This could allow a symbolic link attack to create or overwrite\narbitrary files with the privileges of the user invoking the program.\nUnder some circumstances, a local attacker could also exploit this to\ninject arbitrary code into running Mono processes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/357-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmono0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-assemblies-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-1.0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-classlib-2.0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-gac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-gmcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-jay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-jit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-mcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mono-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.10|6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.10 / 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libmono-dev\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libmono0\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-assemblies-base\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-classlib-1.0\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-classlib-1.0-dbg\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-classlib-2.0\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-classlib-2.0-dbg\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-common\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-devel\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-gac\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-gmcs\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-jay\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-jit\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-mcs\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mono-utils\", pkgver:\"1.1.8.3-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmono-dev\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmono0\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-assemblies-base\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-1.0\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-1.0-dbg\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-2.0\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-classlib-2.0-dbg\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-common\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-devel\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-gac\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-gmcs\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-jay\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-jit\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-mcs\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mono-utils\", pkgver:\"1.1.13.6-0ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmono-dev / libmono0 / mono / mono-assemblies-base / etc\");\n}\n", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:47:32", "references": ["http://www.nessus.org/u?9cfc3edb", "http://www.ubuntu.com/usn/usn-357-1"], "pluginID": "22516", "description": "Sebastian Krahmer reports :\n\nSebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program.\nUnder some circumstances, a local attacker could also exploit this to inject arbitrary code into running Mono processes.", "edition": 5, "reporter": "Tenable", "published": "2006-10-10T00:00:00", "title": "FreeBSD : mono -- 'System.CodeDom.Compiler' Insecure Temporary Creation (5a39a22e-5478-11db-8f1a-000a48049292)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5072"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:mono"], "id": "FREEBSD_PKG_5A39A22E547811DB8F1A000A48049292.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=22516", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22516);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:40\");\n\n script_cve_id(\"CVE-2006-5072\");\n script_xref(name:\"Secunia\", value:\"22237\");\n\n script_name(english:\"FreeBSD : mono -- 'System.CodeDom.Compiler' Insecure Temporary Creation (5a39a22e-5478-11db-8f1a-000a48049292)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sebastian Krahmer reports :\n\nSebastian Krahmer of the SuSE security team discovered that the\nSystem.CodeDom.Compiler classes used temporary files in an insecure\nway. This could allow a symbolic link attack to create or overwrite\narbitrary files with the privileges of the user invoking the program.\nUnder some circumstances, a local attacker could also exploit this to\ninject arbitrary code into running Mono processes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.ubuntu.com/usn/usn-357-1\"\n );\n # https://vuxml.freebsd.org/freebsd/5a39a22e-5478-11db-8f1a-000a48049292.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9cfc3edb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mono\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mono<1.1.13.8.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:28", "references": [], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:23435](https://secuniaresearch.flexerasoftware.com/advisories/23435/)\n[Secunia Advisory ID:23727](https://secuniaresearch.flexerasoftware.com/advisories/23727/)\n[Secunia Advisory ID:23776](https://secuniaresearch.flexerasoftware.com/advisories/23776/)\n[Secunia Advisory ID:23779](https://secuniaresearch.flexerasoftware.com/advisories/23779/)\n[Secunia Advisory ID:23432](https://secuniaresearch.flexerasoftware.com/advisories/23432/)\n[Secunia Advisory ID:23462](https://secuniaresearch.flexerasoftware.com/advisories/23462/)\n[Secunia Advisory ID:23597](https://secuniaresearch.flexerasoftware.com/advisories/23597/)\n[Related OSVDB ID: 32391](https://vulners.com/osvdb/OSVDB:32391)\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html\nOther Advisory URL: http://www.ubuntu.com/usn/usn-397-1\nOther Advisory URL: http://fedoranews.org/cms/node/2401\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200701-12.xml\nOther Advisory URL: http://eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html\nOther Advisory URL: http://fedoranews.org/cms/node/2400\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:234\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-12/0327.html\n[CVE-2006-6104](https://vulners.com/cve/CVE-2006-6104)\nBugtraq ID: 21687\n", "edition": 1, "reporter": "OSVDB", "published": "2006-12-20T06:33:52", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Mono XSP for ASP.NET Server System.Web Class Web.Config Credential Disclosure", "type": "osvdb", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2006-6104"], "modified": "2006-12-20T06:33:52", "href": "https://vulners.com/osvdb/OSVDB:32392", "id": "OSVDB:32392", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:28", "references": [], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:23435](https://secuniaresearch.flexerasoftware.com/advisories/23435/)\n[Secunia Advisory ID:23776](https://secuniaresearch.flexerasoftware.com/advisories/23776/)\n[Secunia Advisory ID:23727](https://secuniaresearch.flexerasoftware.com/advisories/23727/)\n[Secunia Advisory ID:23779](https://secuniaresearch.flexerasoftware.com/advisories/23779/)\n[Secunia Advisory ID:23432](https://secuniaresearch.flexerasoftware.com/advisories/23432/)\n[Secunia Advisory ID:23462](https://secuniaresearch.flexerasoftware.com/advisories/23462/)\n[Secunia Advisory ID:23597](https://secuniaresearch.flexerasoftware.com/advisories/23597/)\n[Related OSVDB ID: 32392](https://vulners.com/osvdb/OSVDB:32392)\nOther Advisory URL: http://www.ubuntu.com/usn/usn-397-1\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html\nOther Advisory URL: http://fedoranews.org/cms/node/2401\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200701-12.xml\nOther Advisory URL: http://eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:234\nOther Advisory URL: http://fedoranews.org/cms/node/2400\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-12/0327.html\n[CVE-2006-6104](https://vulners.com/cve/CVE-2006-6104)\nBugtraq ID: 21687\n", "edition": 1, "reporter": "OSVDB", "published": "2006-12-20T06:33:52", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mono XSP for ASP.NET Server System.Web Class Source Code Disclosure", "type": "osvdb", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2006-6104"], "modified": "2006-12-20T06:33:52", "href": "https://vulners.com/osvdb/OSVDB:32391", "id": "OSVDB:32391", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:26", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://lists.suse.com/archive/suse-security-announce/2006-Dec/0001.html)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:188)\n[Secunia Advisory ID:22614](https://secuniaresearch.flexerasoftware.com/advisories/22614/)\n[Secunia Advisory ID:23154](https://secuniaresearch.flexerasoftware.com/advisories/23154/)\n[Secunia Advisory ID:22277](https://secuniaresearch.flexerasoftware.com/advisories/22277/)\n[Secunia Advisory ID:23213](https://secuniaresearch.flexerasoftware.com/advisories/23213/)\n[Secunia Advisory ID:23776](https://secuniaresearch.flexerasoftware.com/advisories/23776/)\n[Secunia Advisory ID:22237](https://secuniaresearch.flexerasoftware.com/advisories/22237/)\nOther Advisory URL: http://fedoranews.org/cms/node/2401\nOther Advisory URL: http://www.ubuntu.com/usn/usn-357-1\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200611-23.xml\nISS X-Force ID: 29353\nFrSIRT Advisory: ADV-2006-3911\n[CVE-2006-5072](https://vulners.com/cve/CVE-2006-5072)\nBugtraq ID: 20340\n", "reporter": "OSVDB", "published": "2006-10-04T04:34:34", "title": "Novell Mono System.CodeDom.Compiler Symlink Arbitrary File Overwrite", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2006-5072"], "modified": "2006-10-04T04:34:34", "href": "https://vulners.com/osvdb/OSVDB:29504", "id": "OSVDB:29504", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-12-12T11:20:55", "references": ["2007-002"], "pluginID": "850112", "description": "Check for the Version of mono-web", "edition": 3, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-01-28T00:00:00", "title": "SuSE Update for mono-web SUSE-SA:2007:002", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2017-12-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850112", "id": "OPENVAS:850112", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2007_002.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for mono-web SUSE-SA:2007:002\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A security problem was found and fixed in the Mono / C# web server\n implementation.\n\n By appending spaces to URLs attackers could download the source code\n of ASP.net scripts that would normally get executed by the web server.\n\n This issue is tracked by the Mitre CVE ID CVE-2006-6104 and only\n affects SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise 10.\n\n Older products are not affected.\n\n The updated packages for this problem were released on December 29th 2006.\";\n\ntag_impact = \"remote source code disclosure\";\ntag_affected = \"mono-web on openSUSE 10.2, SUSE LINUX 10.1, SUSE SLED 10, SUSE SLES 10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850112);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"SUSE-SA\", value: \"2007-002\");\n script_cve_id(\"CVE-2006-6104\");\n script_name( \"SuSE Update for mono-web SUSE-SA:2007:002\");\n\n script_summary(\"Check for the Version of mono-web\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"SLED10\")\n{\n\n if ((res = isrpmvuln(pkg:\"bytefx-data-mysql\", rpm:\"bytefx-data-mysql~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-basic\", rpm:\"mono-basic~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-core\", rpm:\"mono-core~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-core-32bit\", rpm:\"mono-core-32bit~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data\", rpm:\"mono-data~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-firebird\", rpm:\"mono-data-firebird~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-oracle\", rpm:\"mono-data-oracle~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-postgresql\", rpm:\"mono-data-postgresql~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sqlite\", rpm:\"mono-data-sqlite~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sybase\", rpm:\"mono-data-sybase~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-devel\", rpm:\"mono-devel~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-extras\", rpm:\"mono-extras~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-jscript\", rpm:\"mono-jscript~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-locale-extras\", rpm:\"mono-locale-extras~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-nunit\", rpm:\"mono-nunit~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-web\", rpm:\"mono-web~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-winforms\", rpm:\"mono-winforms~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ibm-data-db2\", rpm:\"ibm-data-db2~1.1.13.8~2.15\", rls:\"SLED10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"bytefx-data-mysql\", rpm:\"bytefx-data-mysql~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ibm-data-db2\", rpm:\"ibm-data-db2~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-core\", rpm:\"mono-core~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data\", rpm:\"mono-data~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-firebird\", rpm:\"mono-data-firebird~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-oracle\", rpm:\"mono-data-oracle~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-postgresql\", rpm:\"mono-data-postgresql~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sqlite\", rpm:\"mono-data-sqlite~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sybase\", rpm:\"mono-data-sybase~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-devel\", rpm:\"mono-devel~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-extras\", rpm:\"mono-extras~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-jscript\", rpm:\"mono-jscript~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-locale-extras\", rpm:\"mono-locale-extras~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-nunit\", rpm:\"mono-nunit~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-web\", rpm:\"mono-web~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-winforms\", rpm:\"mono-winforms~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-core-32bit\", rpm:\"mono-core-32bit~1.1.18.1~12.2\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES10\")\n{\n\n if ((res = isrpmvuln(pkg:\"bytefx-data-mysql\", rpm:\"bytefx-data-mysql~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-basic\", rpm:\"mono-basic~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-core\", rpm:\"mono-core~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-core-32bit\", rpm:\"mono-core-32bit~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data\", rpm:\"mono-data~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-firebird\", rpm:\"mono-data-firebird~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-oracle\", rpm:\"mono-data-oracle~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-postgresql\", rpm:\"mono-data-postgresql~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sqlite\", rpm:\"mono-data-sqlite~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sybase\", rpm:\"mono-data-sybase~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-devel\", rpm:\"mono-devel~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-extras\", rpm:\"mono-extras~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-jscript\", rpm:\"mono-jscript~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-locale-extras\", rpm:\"mono-locale-extras~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-nunit\", rpm:\"mono-nunit~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-web\", rpm:\"mono-web~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-winforms\", rpm:\"mono-winforms~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ibm-data-db2\", rpm:\"ibm-data-db2~1.1.13.8~2.15\", rls:\"SLES10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"bytefx-data-mysql\", rpm:\"bytefx-data-mysql~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ibm-data-db2\", rpm:\"ibm-data-db2~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-basic\", rpm:\"mono-basic~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-core\", rpm:\"mono-core~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data\", rpm:\"mono-data~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-firebird\", rpm:\"mono-data-firebird~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-oracle\", rpm:\"mono-data-oracle~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-postgresql\", rpm:\"mono-data-postgresql~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sqlite\", rpm:\"mono-data-sqlite~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-data-sybase\", rpm:\"mono-data-sybase~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-devel\", rpm:\"mono-devel~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-extras\", rpm:\"mono-extras~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-jscript\", rpm:\"mono-jscript~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-locale-extras\", rpm:\"mono-locale-extras~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-nunit\", rpm:\"mono-nunit~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-web\", rpm:\"mono-web~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mono-winforms\", rpm:\"mono-winforms~1.1.13.8~2.15\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:49", "references": [], "pluginID": "57972", "description": "The remote host is missing updates announced in\nadvisory GLSA 200701-12.", "edition": 2, "reporter": "Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "title": "Gentoo Security Advisory GLSA 200701-12 (mono)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57972", "id": "OPENVAS:57972", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mono does not properly sanitize pathnames allowing unauthorized information\ndisclosure.\";\ntag_solution = \"All Mono users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/mono-1.2.2.1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200701-12\nhttp://bugs.gentoo.org/show_bug.cgi?id=159886\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200701-12.\";\n\n \n\nif(description)\n{\n script_id(57972);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-6104\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200701-12 (mono)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-lang/mono\", unaffected: make_list(\"ge 1.2.2.1\"), vulnerable: make_list(\"lt 1.2.2.1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:56:01", "references": ["2007-067", "https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00068.html"], "pluginID": "861467", "description": "Check for the Version of mono", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-27T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for mono FEDORA-2007-067", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-6104"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861467", "id": "OPENVAS:861467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mono FEDORA-2007-067\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mono on Fedora Core 6\";\ntag_insight = \"The Mono runtime implements a JIT engine for the ECMA CLI\n virtual machine (as well as a byte code interpreter, the\n class loader, the garbage collector, threading system and\n metadata access libraries.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-January/msg00068.html\");\n script_id(861467);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:31:39 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2007-067\");\n script_cve_id(\"CVE-2006-6104\");\n script_name( \"Fedora Update for mono FEDORA-2007-067\");\n\n script_summary(\"Check for the Version of mono\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mono\", rpm:\"mono~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-jscript\", rpm:\"x86_64/mono-jscript~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-sybase\", rpm:\"x86_64/mono-data-sybase~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-sqlite\", rpm:\"x86_64/mono-data-sqlite~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-core\", rpm:\"x86_64/mono-core~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-web\", rpm:\"x86_64/mono-web~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-extras\", rpm:\"x86_64/mono-extras~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/bytefx-data-mysql\", rpm:\"x86_64/bytefx-data-mysql~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-nunit-devel\", rpm:\"x86_64/mono-nunit-devel~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-locale-extras\", rpm:\"x86_64/mono-locale-extras~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/ibm-data-db2\", rpm:\"x86_64/ibm-data-db2~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-winforms\", rpm:\"x86_64/mono-winforms~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-oracle\", rpm:\"x86_64/mono-data-oracle~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-firebird\", rpm:\"x86_64/mono-data-firebird~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-nunit\", rpm:\"x86_64/mono-nunit~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data-postgresql\", rpm:\"x86_64/mono-data-postgresql~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-data\", rpm:\"x86_64/mono-data~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/mono-debuginfo\", rpm:\"x86_64/debug/mono-debuginfo~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/mono-devel\", rpm:\"x86_64/mono-devel~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-sqlite\", rpm:\"i386/mono-data-sqlite~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-nunit\", rpm:\"i386/mono-nunit~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data\", rpm:\"i386/mono-data~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-jscript\", rpm:\"i386/mono-jscript~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-oracle\", rpm:\"i386/mono-data-oracle~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-core\", rpm:\"i386/mono-core~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/mono-debuginfo\", rpm:\"i386/debug/mono-debuginfo~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-winforms\", rpm:\"i386/mono-winforms~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-nunit-devel\", rpm:\"i386/mono-nunit-devel~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-devel\", rpm:\"i386/mono-devel~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-postgresql\", rpm:\"i386/mono-data-postgresql~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/bytefx-data-mysql\", rpm:\"i386/bytefx-data-mysql~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-sybase\", rpm:\"i386/mono-data-sybase~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-web\", rpm:\"i386/mono-web~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-data-firebird\", rpm:\"i386/mono-data-firebird~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/ibm-data-db2\", rpm:\"i386/ibm-data-db2~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-extras\", rpm:\"i386/mono-extras~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/mono-locale-extras\", rpm:\"i386/mono-locale-extras~1.1.17.1~4.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:22", "references": [], "pluginID": "57461", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-04T00:00:00", "title": "FreeBSD Ports: mono", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5072"], "modified": "2016-09-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57461", "id": "OPENVAS:57461", "sourceData": "#\n#VID 5a39a22e-5478-11db-8f1a-000a48049292\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: mono\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.ubuntu.com/usn/usn-357-1\nhttp://secunia.com/advisories/22237/\nhttp://www.vuxml.org/freebsd/5a39a22e-5478-11db-8f1a-000a48049292.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(57461);\n script_version(\"$Revision: 4128 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-22 07:37:51 +0200 (Thu, 22 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2006-5072\");\n script_tag(name:\"cvss_base\", value:\"6.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: mono\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"mono\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.13.8.1\")<0) {\n txt += 'Package mono version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:44", "references": [], "pluginID": "57936", "description": "The remote host is missing updates announced in\nadvisory GLSA 200611-23.", "edition": 2, "reporter": "Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "Gentoo Security Advisory GLSA 200611-23 (mono)", "type": "openvas", "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-5072"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57936", "id": "OPENVAS:57936", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mono is vulnerable to linking attacks, potentially allowing a local user to\noverwrite arbitrary files.\";\ntag_solution = \"All Mono users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/mono-1.1.13.8.1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200611-23\nhttp://bugs.gentoo.org/show_bug.cgi?id=150264\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200611-23.\";\n\n \n\nif(description)\n{\n script_id(57936);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-5072\");\n script_tag(name:\"cvss_base\", value:\"6.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200611-23 (mono)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-lang/mono\", unaffected: make_list(\"ge 1.1.13.8.1\"), vulnerable: make_list(\"lt 1.1.13.8.1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-03T10:00:28", "osvdbidlist": ["32391"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Mono XSP 1.x/2.0 Source Code Information Disclosure Vulnerability. CVE-2006-6104. Remote exploit for linux platform", "reporter": "jose.palanco", "published": "2006-12-20T00:00:00", "type": "exploitdb", "title": "Mono XSP 1.x/2.0 Source Code Information Disclosure Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2006-6104"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2006-12-20T00:00:00", "id": "EDB-ID:29302", "href": "https://www.exploit-db.com/exploits/29302/", "sourceData": "source: http://www.securityfocus.com/bid/21687/info\r\n\r\nXSP is prone to a source code information-disclosure vulnerability because it fails to properly sanitize user-supplied input. \r\n\r\nAn attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process. Information obtained may aid in further attacks.\r\n\r\nhttp://www.example.com/app/Default.aspx%20", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/29302/"}], "gentoo": [{"lastseen": "2016-09-06T19:46:27", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=159886", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.2.2.1", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "dev-lang/mono", "operator": "lt"}], "edition": 1, "description": "### Background\n\nMono provides the necessary software to develop and run .NET client and server applications on various platforms. \n\n### Description\n\nJose Ramon Palanco has discovered that the System.Web class in the XSP for the ASP.NET server 1.1 through 2.0 in Mono does not properly validate or sanitize local pathnames which could allow server-side file content disclosure. \n\n### Impact\n\nAn attacker could append a space character to a URI and obtain unauthorized access to the source code of server-side files. An attacker could also read credentials by requesting Web.Config%20 from a Mono server. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Mono users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/mono-1.2.2.1\"", "reporter": "Gentoo Foundation", "published": "2007-01-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "gentoo", "title": "Mono: Information disclosure", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6104"], "modified": "2007-01-17T00:00:00", "id": "GLSA-200701-12", "href": "https://security.gentoo.org/glsa/200701-12", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-06T19:46:40", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=150264", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.1.13.8.1", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "dev-lang/mono", "operator": "lt"}], "edition": 1, "description": "### Background\n\nMono provides the necessary software to develop and run .NET client and server applications. \n\n### Description\n\nSebastian Krahmer of the SuSE Security Team discovered that the System.CodeDom.Compiler classes of Mono create temporary files with insecure permissions. \n\n### Impact\n\nA local attacker could create links in the temporary file directory, pointing to a valid file somewhere on the filesystem. When an affected class is called, this could result in the file being overwritten with the rights of the user running the script. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Mono users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/mono-1.1.13.8.1\"", "reporter": "Gentoo Foundation", "published": "2006-11-28T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "gentoo", "title": "Mono: Insecure temporary file creation", "bulletinFamily": "unix", "cvelist": ["CVE-2006-5072"], "modified": "2006-11-28T00:00:00", "id": "GLSA-200611-23", "href": "https://security.gentoo.org/glsa/200611-23", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:21", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2006-6104"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.10", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmono-system-web2.0-cil - 1.1.17.1-1ubuntu7.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mono-classlib-1.0 - 1.1.13.6-0ubuntu3.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.10", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libmono-system-web1.0-cil - 1.1.17.1-1ubuntu7.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mono-classlib-2.0 - 1.1.13.6-0ubuntu3.2", "operator": "lt"}], "description": "Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application\u2019s source.", "edition": 3, "reporter": "Ubuntu", "published": "2006-12-20T00:00:00", "title": "mono vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-6104"], "modified": "2006-12-20T00:00:00", "id": "USN-397-1", "href": "https://usn.ubuntu.com/397-1/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T00:10:23", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2006-5072"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mono-classlib-1.0 - 1.1.13.6-0ubuntu3.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "5.10", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mono-classlib-1.0 - 1.1.8.3-1ubuntu2.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mono-classlib-2.0 - 1.1.13.6-0ubuntu3.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "5.10", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mono-classlib-2.0 - 1.1.8.3-1ubuntu2.1", "operator": "lt"}], "description": "Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program. Under some circumstances, a local attacker could also exploit this to inject arbitrary code into running Mono processes.", "edition": 3, "reporter": "Ubuntu", "published": "2006-10-05T00:00:00", "title": "Mono vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-5072"], "modified": "2006-10-05T00:00:00", "id": "USN-357-1", "href": "https://usn.ubuntu.com/357-1/", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:38:49", "references": [], "affectedPackage": [{"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-nunit-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-extras-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-basic-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-nunit-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-basic-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-core-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-winforms-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-data-sybase-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-jscript-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-data-postgresql-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "bytefx-data-mysql-1.1.18.1-12.2.x86_64.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-core-1.1.13.8-2.15.i586.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-data-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-jscript-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-data-firebird-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-core-1.1.13.8-2.15.i586.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-extras-1.1.13.8-2.15.i586.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-core-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-devel-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-nunit-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-core-32bit-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-core-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-extras-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-winforms-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-web-1.1.13.8-2.15.i586.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-nunit-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-jscript-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-web-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-web-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-winforms-1.1.18.1-12.2.i586.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-core-x86-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-core-x86", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-core-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-web-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-data-postgresql-1.1.18.1-12.2.i586.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-core-1.1.13.8-2.15.i586.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-devel-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-jscript-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-devel-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-winforms-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "ibm-data-db2-1.1.18.1-12.2.x86_64.rpm", "packageName": "ibm-data-db2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-basic-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-locale-extras-1.1.18.1-12.2.i586.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-data-sqlite-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-winforms-1.1.13.8-2.15.i586.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "ibm-data-db2-1.1.18.1-12.2.ppc.rpm", "packageName": "ibm-data-db2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-devel-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-basic-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-web-1.1.13.8-2.15.i586.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-devel-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.ia64.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-extras-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "ibm-data-db2-1.1.13.8-2.15.i586.rpm", "packageName": "ibm-data-db2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-jscript-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-web-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-nunit-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "ibm-data-db2-1.1.13.8-2.15.x86_64.rpm", "packageName": "ibm-data-db2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.s390x.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-nunit-1.1.13.8-2.15.i586.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-nunit-1.1.13.8-2.15.i586.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-basic-1.1.13.8-2.15.i586.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-jscript-1.1.18.1-12.2.i586.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.i586.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-core-32bit-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-core-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-web-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-locale-extras-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-jscript-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.x86_64.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-web-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-data-1.1.18.1-12.2.i586.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-extras-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.i586.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-core-32bit-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-core-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-web-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-extras-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-basic-1.1.13.8-2.15.i586.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-devel-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "ibm-data-db2-1.1.18.1-12.2.i586.rpm", "packageName": "ibm-data-db2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-core-32bit-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-core-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-extras-1.1.13.8-2.15.i586.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-devel-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-data-sybase-1.1.18.1-12.2.i586.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-data-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-web-1.1.18.1-12.2.i586.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-nunit-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-core-32bit-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-core-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-nunit-1.1.18.1-12.2.i586.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.i586.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-data-sqlite-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-nunit-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-data-oracle-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-winforms-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-jscript-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-nunit-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.ppc.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-nunit-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-winforms-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-web-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-data-sybase-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-devel-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-data-sqlite-1.1.18.1-12.2.i586.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-data-oracle-1.1.18.1-12.2.i586.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-web-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-nunit-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-devel-1.1.18.1-12.2.i586.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-nunit-1.1.13.8-2.15.i586.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-extras-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-jscript-1.1.13.8-2.15.i586.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.x86_64.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-core-32bit-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-core-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-web-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-web-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-extras-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-core-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-devel-1.1.13.8-2.15.i586.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-web-1.1.13.8-2.15.i586.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-winforms-1.1.13.8-2.15.i586.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "ibm-data-db2-1.1.13.8-2.15.ppc.rpm", "packageName": "ibm-data-db2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.15.ppc.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-winforms-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-winforms-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-core-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "bytefx-data-mysql-1.1.18.1-12.2.i586.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-data-firebird-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-core-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-web-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-web", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-nunit-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-data-postgresql-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-core-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-basic-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "bytefx-data-mysql-1.1.18.1-12.2.ppc.rpm", "packageName": "bytefx-data-mysql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-basic-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-extras-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-devel-1.1.13.8-2.15.i586.rpm", "packageName": "mono-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.i586.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-core-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-postgresql-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-postgresql", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "x86_64", "packageFilename": "mono-data-oracle-1.1.18.1-12.2.x86_64.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-extras-1.1.18.1-12.2.i586.rpm", "packageName": "mono-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-winforms-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-winforms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-core-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-core-1.1.18.1-12.2.i586.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-core-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-core-x86-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-core-x86", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-jscript-1.1.13.8-2.15.i586.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18-9.1", "arch": "noarch", "packageFilename": "mono-basic-1.1.18-9.1.noarch.rpm", "packageName": "mono-basic", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-jscript-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-jscript", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-core-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ia64", "packageFilename": "mono-data-firebird-1.1.13.8-2.15.ia64.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-oracle-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-oracle", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-core-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-core", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "x86_64", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.x86_64.rpm", "packageName": "mono-data-sybase", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "i586", "packageFilename": "mono-data-firebird-1.1.18.1-12.2.i586.rpm", "packageName": "mono-data-firebird", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-data-sqlite-1.1.13.8-2.15.i586.rpm", "packageName": "mono-data-sqlite", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "i586", "packageFilename": "mono-locale-extras-1.1.13.8-2.15.i586.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "ppc", "packageFilename": "mono-nunit-1.1.13.8-2.15.ppc.rpm", "packageName": "mono-nunit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.2", "packageVersion": "1.1.18.1-12.2", "arch": "ppc", "packageFilename": "mono-locale-extras-1.1.18.1-12.2.ppc.rpm", "packageName": "mono-locale-extras", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.15", "arch": "s390x", "packageFilename": "mono-data-sybase-1.1.13.8-2.15.s390x.rpm", "packageName": "mono-data-sybase", "operator": "lt"}], "description": "A security problem was found and fixed in the Mono / C# web server implementation.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "reporter": "Suse", "published": "2007-01-04T18:49:55", "title": "remote source code disclosure in mono-web", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6104"], "modified": "2007-01-04T18:49:55", "id": "SUSE-SA:2007:002", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-01/msg00017.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-04T11:50:21", "references": [], "affectedPackage": [{"OS": "Novell Open Enterprise Server (OES)", "OSVersion": "any", "packageVersion": "1.1.7.7-0.11", "packageName": "mono-core", "packageFilename": "mono-core-1.1.7.7-0.11.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data", "packageFilename": "mono-data-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "Novell Open Enterprise Server (OES)", "OSVersion": "any", "packageVersion": "1.1.7.7-0.11", "packageName": "mono-web", "packageFilename": "mono-web-1.1.7.7-0.11.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core-x86", "packageFilename": "mono-core-x86-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-ikvm", "packageFilename": "mono-ikvm-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-ikvm", "packageFilename": "mono-ikvm-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-web", "packageFilename": "mono-web-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core-32bit", "packageFilename": "mono-core-32bit-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core-32bit", "packageFilename": "mono-core-32bit-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "Novell Open Enterprise Server (OES)", "OSVersion": "any", "packageVersion": "1.1.7.7-0.11", "packageName": "mono-data", "packageFilename": "mono-data-1.1.7.7-0.11.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-core", "packageFilename": "mono-core-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-ikvm", "packageFilename": "mono-ikvm-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-ikvm", "packageFilename": "mono-ikvm-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data", "packageFilename": "mono-data-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core-32bit", "packageFilename": "mono-core-32bit-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-web", "packageFilename": "mono-web-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-core", "packageFilename": "mono-core-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-core-32bit", "packageFilename": "mono-core-32bit-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-web", "packageFilename": "mono-web-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data", "packageFilename": "mono-data-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-core", "packageFilename": "mono-core-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data", "packageFilename": "mono-data-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-core", "packageFilename": "mono-core-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core-32bit", "packageFilename": "mono-core-32bit-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-web", "packageFilename": "mono-web-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "ibm-data-db2", "packageFilename": "ibm-data-db2-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-ikvm", "packageFilename": "mono-ikvm-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core-x86", "packageFilename": "mono-core-x86-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-basic", "packageFilename": "mono-basic-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-data", "packageFilename": "mono-data-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-jscript", "packageFilename": "mono-jscript-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-web", "packageFilename": "mono-web-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-web", "packageFilename": "mono-web-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.4-15.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-nunit", "packageFilename": "mono-nunit-1.1.13.8-2.10.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core-32bit", "packageFilename": "mono-core-32bit-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sqlite", "packageFilename": "mono-data-sqlite-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-core", "packageFilename": "mono-core-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "bytefx-data-mysql", "packageFilename": "bytefx-data-mysql-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data", "packageFilename": "mono-data-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-devel", "packageFilename": "mono-devel-1.1.8.3-6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-winforms", "packageFilename": "mono-winforms-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.1", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-sybase", "packageFilename": "mono-data-sybase-1.1.13.8-2.10.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-core", "packageFilename": "mono-core-1.1.8.3-6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "10.0", "packageVersion": "1.1.8.3-6.3", "packageName": "mono-extras", "packageFilename": "mono-extras-1.1.8.3-6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-postgresql", "packageFilename": "mono-data-postgresql-1.1.13.8-2.10.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-locale-extras", "packageFilename": "mono-locale-extras-1.1.13.8-2.10.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise SDK", "OSVersion": "10", "packageVersion": "1.1.13.8-2.10", "packageName": "mono-data-firebird", "packageFilename": "mono-data-firebird-1.1.13.8-2.10.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "9.3", "packageVersion": "1.1.4-15.2", "packageName": "mono-data-oracle", "packageFilename": "mono-data-oracle-1.1.4-15.2.i586.rpm", "arch": "i586", "operator": "lt"}], "description": "Sebastian Krahmer of SUSE Security found that the Mono System.Xml.Serialization class contained a /tmp race which potentially allows local attackers to execute code as the user using the Serialization method.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "reporter": "Suse", "published": "2006-12-01T17:34:31", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "title": "local privilege escalation in mono-core", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4800", "CVE-2006-6297", "CVE-2006-5072", "CVE-2006-5973", "CVE-2006-4799"], "modified": "2006-12-01T17:34:31", "id": "SUSE-SA:2006:073", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-12/msg00010.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:45", "references": ["http://www.ubuntu.com/usn/usn-357-1", "http://secunia.com/advisories/22237/"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.1.13.8.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mono", "operator": "lt"}], "description": "\nSebastian Krahmer reports:\n\nSebastian Krahmer of the SuSE security team discovered\n\t that the System.CodeDom.Compiler classes used temporary\n\t files in an insecure way. This could allow a symbolic link\n\t attack to create or overwrite arbitrary files with the\n\t privileges of the user invoking the program. Under some\n\t circumstances, a local attacker could also exploit this to\n\t inject arbitrary code into running Mono processes.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2006-10-04T00:00:00", "title": "mono -- \"System.CodeDom.Compiler\" Insecure Temporary Creation", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-5072"], "modified": "2006-10-04T00:00:00", "id": "5A39A22E-5478-11DB-8F1A-000A48049292", "href": "https://vuxml.freebsd.org/freebsd/5a39a22e-5478-11db-8f1a-000a48049292.html", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
