Search...

[SECURITY] [DSA 1761-1] New moodle packages fix file disclosure

2009-04-03T00:00:00

ID SECURITYVULNS:DOC:21571
Type securityvulns
Reporter Securityvulns
Modified 2009-04-03T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Debian Security Advisory DSA-1761-1 security@debian.org http://www.debian.org/security/ Nico Golde April 3rd, 2009 http://www.debian.org/security/faq

Package : moodle Vulnerability : missing input sanitization Problem type : remote Debian-specific: no CVE ID : CVE-2009-1171 Debian Bug : 522116

Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn't check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files.

Note that this doesn't affect installations that only use the mimetex environment.

For the oldstable distribution (etch), this problem has been fixed in version 1.6.3-2+etch3.

For the stable distribution (lenny), this problem has been fixed in version 1.8.2.dfsg-3+lenny2.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in version 1.8.2.dfsg-5.

We recommend that you upgrade your moodle packages.

Upgrade instructions

wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update will update the internal database apt-get upgrade will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch

Debian (oldstable)

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.dsc Size/MD5 checksum: 793 bb2ea87c38661c49b936a357eeb14b0c http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.diff.gz Size/MD5 checksum: 27511 974a829196380027ac19e82ecd4a6e82

Architecture independent packages:

http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3_all.deb Size/MD5 checksum: 6583190 7d5c0c3103021541b308f54bfc2e2d55

Debian GNU/Linux 5.0 alias lenny

Debian (stable)

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.diff.gz Size/MD5 checksum: 49345 31b07d8aab91762d31e2f73dcc6a468c http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.dsc Size/MD5 checksum: 1390 e7a4b2fe58e3b53f6c4bf6327a007509

Architecture independent packages:

http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2_all.deb Size/MD5 checksum: 8713446 6a9345748982edab6a52047abe6779f6

These files will probably be moved into the stable distribution on its next update.

For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknWEKsACgkQHYflSXNkfP8dGQCfTBLt9yBJwXeP3DycLWtgcDVQ j3cAn3DJJ7RaJFocrI0532MZa/09ziQL =JjDY -----END PGP SIGNATURE-----

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:DOC:21571", "bulletinFamily": "software", "title": "[SECURITY] [DSA 1761-1] New moodle packages fix file disclosure", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1761-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nApril 3rd, 2009 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : moodle\r\nVulnerability : missing input sanitization\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2009-1171\r\nDebian Bug : 522116\r\n\r\n\r\nChristian J. Eibl discovered that the TeX filter of Moodle, a web-based\r\ncourse management system, doesn't check user input for certain TeX commands\r\nwhich allows an attacker to include and display the content of arbitrary system\r\nfiles.\r\n\r\nNote that this doesn't affect installations that only use the mimetex\r\nenvironment.\r\n\r\nFor the oldstable distribution (etch), this problem has been fixed in\r\nversion 1.6.3-2+etch3.\r\n\r\nFor the stable distribution (lenny), this problem has been fixed in\r\nversion 1.8.2.dfsg-3+lenny2.\r\n\r\nFor the testing distribution (squeeze), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1.8.2.dfsg-5.\r\n\r\n\r\nWe recommend that you upgrade your moodle packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nDebian (oldstable)\r\n- ------------------\r\n\r\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.dsc\r\n Size/MD5 checksum: 793 bb2ea87c38661c49b936a357eeb14b0c\r\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.diff.gz\r\n Size/MD5 checksum: 27511 974a829196380027ac19e82ecd4a6e82\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3_all.deb\r\n Size/MD5 checksum: 6583190 7d5c0c3103021541b308f54bfc2e2d55\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nDebian (stable)\r\n- ---------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.diff.gz\r\n Size/MD5 checksum: 49345 31b07d8aab91762d31e2f73dcc6a468c\r\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.dsc\r\n Size/MD5 checksum: 1390 e7a4b2fe58e3b53f6c4bf6327a007509\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2_all.deb\r\n Size/MD5 checksum: 8713446 6a9345748982edab6a52047abe6779f6\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niEYEARECAAYFAknWEKsACgkQHYflSXNkfP8dGQCfTBLt9yBJwXeP3DycLWtgcDVQ\r\nj3cAn3DJJ7RaJFocrI0532MZa/09ziQL\r\n=JjDY\r\n-----END PGP SIGNATURE-----", "published": "2009-04-03T00:00:00", "modified": "2009-04-03T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21571", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2009-1171"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:29", "edition": 1, "viewCount": 62, "enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2018-08-31T11:10:29", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "UBUNTU_USN-791-2.NASL", "DEBIAN_DSA-1761.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:63727", "OPENVAS:64321", "OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:63726", "OPENVAS:136141256231063726", "OPENVAS:136141256231063734", "OPENVAS:64320"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2018-08-31T11:10:29", "rev": 2}, "vulnersScore": 6.9}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}

{"ubuntucve": [{"id": "UB:CVE-2009-1171", "hash": "aa05b949732c901a6b5f1fe285a7648c", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2009-1171", "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before\n1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a \"$$\" sequence, which causes LaTeX\nto include the contents of the file.", "published": "2009-03-30T00:00:00", "modified": "2009-03-30T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2009-1171", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171", "https://ubuntu.com/security/notices/USN-791-2", "https://ubuntu.com/security/notices/USN-791-1", "https://nvd.nist.gov/vuln/detail/CVE-2009-1171", "https://launchpad.net/bugs/cve/CVE-2009-1171", "https://security-tracker.debian.org/tracker/CVE-2009-1171"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-07-31T02:05:32", "history": [{"bulletin": {"id": "UB:CVE-2009-1171", "hash": "fc6f0cdff72eeb7db24838cdce866d05", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2009-1171", "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before\n1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a \"$$\" sequence, which causes LaTeX\nto include the contents of the file.", "published": "2009-03-30T00:00:00", "modified": "2009-03-30T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2009-1171", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171", "https://ubuntu.com/security/notices/USN-791-2", "https://ubuntu.com/security/notices/USN-791-1", "https://nvd.nist.gov/vuln/detail/CVE-2009-1171", "https://launchpad.net/bugs/cve/CVE-2009-1171", "https://security-tracker.debian.org/tracker/CVE-2009-1171"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-07-01T01:02:02", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "openvas", "idList": ["OPENVAS:66500", "OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:63727", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63726", "OPENVAS:64321"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "nessus", "idList": ["UBUNTU_USN-791-2.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_11_1_MOODLE-090417.NASL", "SUSE_11_0_MOODLE-090417.NASL", "DEBIAN_DSA-1761.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "SUSE_MOODLE-6198.NASL"]}, {"type": "fedora", "idList": ["FEDORA:0C0B6208959", "FEDORA:7E1DF10F85C", "FEDORA:4424B20894E"]}], "modified": "2021-07-01T01:02:02", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-07-01T01:02:02", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "moodle"}], "bugs": []}, "lastseen": "2021-07-01T01:02:02", "differentElements": ["cvss2"], "edition": 1}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:63891", "OPENVAS:136141256231066500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:66500", "OPENVAS:136141256231063891", "OPENVAS:136141256231063734", "OPENVAS:63734", "OPENVAS:63726", "OPENVAS:63727", "OPENVAS:64321", "OPENVAS:136141256231063727"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793"]}, {"type": "nessus", "idList": ["UBUNTU_USN-791-1.NASL", "DEBIAN_DSA-1761.NASL", "FEDORA_2009-3280.NASL", "FEDORA_2009-3283.NASL", "SUSE_MOODLE-6198.NASL", "SUSE_11_1_MOODLE-090417.NASL", "SUSE_11_0_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "fedora", "idList": ["FEDORA:0C0B6208959", "FEDORA:4424B20894E", "FEDORA:7E1DF10F85C"]}], "modified": "2021-07-31T02:05:32", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-07-31T02:05:32", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "moodle"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}], "cve": [{"id": "CVE-2009-1171", "bulletinFamily": "NVD", "title": "CVE-2009-1171", "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a \"$$\" sequence, which causes LaTeX to include the contents of the file.", "published": "2009-03-30T22:30:00", "modified": "2020-12-01T14:43:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171", "reporter": "cve@mitre.org", "references": ["https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html", "http://www.debian.org/security/2009/dsa-1761", "https://www.exploit-db.com/exploits/8297", "https://usn.ubuntu.com/791-2/", "http://secunia.com/advisories/34517", "http://secunia.com/advisories/34600", "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html", "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "http://tracker.moodle.org/browse/MDL-18552", "http://www.securityfocus.com/bid/34278", "http://secunia.com/advisories/34557", "http://secunia.com/advisories/35570", "http://www.securityfocus.com/archive/1/502231/100/0/threaded"], "cvelist": ["CVE-2009-1171"], "type": "cve", "lastseen": "2021-04-21T20:47:47", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.0"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.4"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:moodle:moodle:1.6.6", "cpe:/a:moodle:moodle:1.9.4", "cpe:/a:moodle:moodle:1.8.7", "cpe:/a:moodle:moodle:1.8.2", "cpe:/a:moodle:moodle:1.9.2", "cpe:/a:moodle:moodle:1.8.6", "cpe:/a:moodle:moodle:1.7.4", "cpe:/a:moodle:moodle:1.6.0", "cpe:/a:moodle:moodle:1.6.3", "cpe:/a:moodle:moodle:1.6.7", "cpe:/a:moodle:moodle:1.8.4", "cpe:/a:moodle:moodle:1.6.2", "cpe:/a:moodle:moodle:1.6.1", "cpe:/a:moodle:moodle:1.6.5", "cpe:/a:moodle:moodle:1.7.1", "cpe:/a:moodle:moodle:1.7.3", "cpe:/a:moodle:moodle:1.6.8", "cpe:/a:moodle:moodle:1.9.1", "cpe:/a:moodle:moodle:1.8.1", "cpe:/a:moodle:moodle:1.8.5", "cpe:/a:moodle:moodle:1.7.2", "cpe:/a:moodle:moodle:1.6.4", "cpe:/a:moodle:moodle:1.7.5", "cpe:/a:moodle:moodle:1.9.3", "cpe:/a:moodle:moodle:1.8.3", "cpe:/a:moodle:moodle:1.8.8", "cpe:/a:moodle:moodle:1.7.6"], "cpe23": ["cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2009-1171"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-20"], "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a \"$$\" sequence, which causes LaTeX to include the contents of the file.", "edition": 5, "enchantments": {"dependencies": {"modified": "2021-02-02T05:40:00", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2021-02-02T05:40:00", "rev": 2, "value": 5.4, "vector": "NONE"}}, "extraReferences": [{"name": "34278", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/34278"}, {"name": "FEDORA-2009-3283", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html"}, {"name": "SUSE-SR:2009:009", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"}, {"name": "http://tracker.moodle.org/browse/MDL-18552", "refsource": "MISC", "tags": [], "url": "http://tracker.moodle.org/browse/MDL-18552"}, {"name": "20090327 Moodle: Sensitive File Disclosure", "refsource": "BUGTRAQ", "tags": [], "url": "http://www.securityfocus.com/archive/1/502231/100/0/threaded"}, {"name": "DSA-1761", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2009/dsa-1761"}, {"name": "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "refsource": "CONFIRM", "tags": ["Exploit"], "url": "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5"}, {"name": "35570", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/35570"}, {"name": "34517", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34517"}, {"name": "USN-791-2", "refsource": "UBUNTU", "tags": [], "url": "https://usn.ubuntu.com/791-2/"}, {"name": "34557", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34557"}, {"name": "8297", "refsource": "EXPLOIT-DB", "tags": [], "url": "https://www.exploit-db.com/exploits/8297"}, {"name": "FEDORA-2009-3280", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html"}, {"name": "34600", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34600"}], "hash": "d29fbe39d22016e4a0ffa8c69b0ad849762b0d07f63fd522809ce5321c5c924b", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "4c5095aa0a8ad4049b7693b420a5ae6e", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "0c5c85ea8a969f3824fd0f00c7dbd3af", "key": "published"}, {"hash": "fa70579722dbda76c16be97bfd879b31", "key": "affectedSoftware"}, {"hash": "bc892efb19798f26be4638e3c7aac571", "key": "cpe23"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "dd858eeb4238f72c43fe0be40d332d89", "key": "references"}, {"hash": "76932d2b2ebea367ec223f5208ce851b", "key": "extraReferences"}, {"hash": "c3c6af2ea3daad8211706e7d513c7f8f", "key": "cpeConfiguration"}, {"hash": "a325b160c4e0421cc05be001a409ef6b", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "4301aab4b9b98f4de5498df1b29e44ac", "key": "modified"}, {"hash": "876f47c4ebc2b9e0dd17afaa22819f2a", "key": "cvss"}, {"hash": "6f6233bf1111e781eea17729ea7a7a6e", "key": "href"}, {"hash": "49189942332e93af05d6e7b298e0830a", "key": "cpe"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d23f37a7fea5aa78af03a798baed3464", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171", "id": "CVE-2009-1171", "immutableFields": [], "lastseen": "2021-02-02T05:40:00", "modified": "2020-12-01T14:43:00", "objectVersion": "1.5", "published": "2009-03-30T22:30:00", "references": ["https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html", "http://www.debian.org/security/2009/dsa-1761", "https://www.exploit-db.com/exploits/8297", "https://usn.ubuntu.com/791-2/", "http://secunia.com/advisories/34517", "http://secunia.com/advisories/34600", "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html", "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "http://tracker.moodle.org/browse/MDL-18552", "http://www.securityfocus.com/bid/34278", "http://secunia.com/advisories/34557", "http://secunia.com/advisories/35570", "http://www.securityfocus.com/archive/1/502231/100/0/threaded"], "reporter": "cve@mitre.org", "title": "CVE-2009-1171", "type": "cve", "viewCount": 6}, "different_elements": ["cpeConfiguration"], "edition": 5, "lastseen": "2021-02-02T05:40:00"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.0"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.4"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:moodle:moodle:1.6.6", "cpe:/a:moodle:moodle:1.9.4", "cpe:/a:moodle:moodle:1.8.7", "cpe:/a:moodle:moodle:1.8.2", "cpe:/a:moodle:moodle:1.9.2", "cpe:/a:moodle:moodle:1.8.6", "cpe:/a:moodle:moodle:1.7.4", "cpe:/a:moodle:moodle:1.6.0", "cpe:/a:moodle:moodle:1.6.3", "cpe:/a:moodle:moodle:1.6.7", "cpe:/a:moodle:moodle:1.8.4", "cpe:/a:moodle:moodle:1.6.2", "cpe:/a:moodle:moodle:1.6.1", "cpe:/a:moodle:moodle:1.6.5", "cpe:/a:moodle:moodle:1.7.1", "cpe:/a:moodle:moodle:1.7.3", "cpe:/a:moodle:moodle:1.6.8", "cpe:/a:moodle:moodle:1.9.1", "cpe:/a:moodle:moodle:1.8.1", "cpe:/a:moodle:moodle:1.8.5", "cpe:/a:moodle:moodle:1.7.2", "cpe:/a:moodle:moodle:1.6.4", "cpe:/a:moodle:moodle:1.7.5", "cpe:/a:moodle:moodle:1.9.3", "cpe:/a:moodle:moodle:1.8.3", "cpe:/a:moodle:moodle:1.8.8", "cpe:/a:moodle:moodle:1.7.6"], "cpe23": ["cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2009-1171"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-20"], "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a \"$$\" sequence, which causes LaTeX to include the contents of the file.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-12-02T13:56:53", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2020-12-02T13:56:53", "rev": 2, "value": 5.4, "vector": "NONE"}}, "extraReferences": [], "hash": "08fda4833d926f3bfa36f19627f87100ba417f53670234d70521625216d6c99c", "hashmap": [{"hash": "4c5095aa0a8ad4049b7693b420a5ae6e", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "0c5c85ea8a969f3824fd0f00c7dbd3af", "key": "published"}, {"hash": "fa70579722dbda76c16be97bfd879b31", "key": "affectedSoftware"}, {"hash": "bc892efb19798f26be4638e3c7aac571", "key": "cpe23"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "dd858eeb4238f72c43fe0be40d332d89", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "c3c6af2ea3daad8211706e7d513c7f8f", "key": "cpeConfiguration"}, {"hash": "a325b160c4e0421cc05be001a409ef6b", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "4301aab4b9b98f4de5498df1b29e44ac", "key": "modified"}, {"hash": "876f47c4ebc2b9e0dd17afaa22819f2a", "key": "cvss"}, {"hash": "6f6233bf1111e781eea17729ea7a7a6e", "key": "href"}, {"hash": "49189942332e93af05d6e7b298e0830a", "key": "cpe"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d23f37a7fea5aa78af03a798baed3464", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171", "id": "CVE-2009-1171", "lastseen": "2020-12-02T13:56:53", "modified": "2020-12-01T14:43:00", "objectVersion": "1.3", "published": "2009-03-30T22:30:00", "references": ["https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html", "http://www.debian.org/security/2009/dsa-1761", "https://www.exploit-db.com/exploits/8297", "https://usn.ubuntu.com/791-2/", "http://secunia.com/advisories/34517", "http://secunia.com/advisories/34600", "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html", "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "http://tracker.moodle.org/browse/MDL-18552", "http://www.securityfocus.com/bid/34278", "http://secunia.com/advisories/34557", "http://secunia.com/advisories/35570", "http://www.securityfocus.com/archive/1/502231/100/0/threaded"], "reporter": "cve@mitre.org", "title": "CVE-2009-1171", "type": "cve", "viewCount": 5}, "differentElements": ["extraReferences"], "edition": 4, "lastseen": "2020-12-02T13:56:53"}, {"bulletin": {"affectedSoftware": [{"name": "moodle moodle", "operator": "eq", "version": "1.6.7"}, {"name": "moodle moodle", "operator": "eq", "version": "1.9.1"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.2"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.1"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.5"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6.2"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.8"}, {"name": "moodle moodle", "operator": "eq", "version": "1.9.4"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.3"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6.3"}, {"name": "moodle moodle", "operator": "eq", "version": "1.7.1"}, {"name": "moodle moodle", "operator": "eq", "version": "1.7.6"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.4"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6.5"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.7"}, {"name": "moodle moodle", "operator": "eq", "version": "1.7.3"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8.6"}, {"name": "moodle moodle", "operator": "eq", "version": "1.8"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6.8"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6.1"}, {"name": "moodle moodle", "operator": "eq", "version": "1.7.2"}, {"name": "moodle moodle", "operator": "eq", "version": "1.9.3"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6.4"}, {"name": "moodle moodle", "operator": "eq", "version": "1.9.2"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6.6"}, {"name": "moodle moodle", "operator": "eq", "version": "1.6"}, {"name": "moodle moodle", "operator": "eq", "version": "1.7"}, {"name": "moodle moodle", "operator": "eq", "version": "1.7.4"}, {"name": "moodle moodle", "operator": "eq", "version": "1.9"}, {"name": "moodle moodle", "operator": "eq", "version": "1.7.5"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:moodle:moodle:1.6.6", "cpe:/a:moodle:moodle:1.9.4", "cpe:/a:moodle:moodle:1.8.7", "cpe:/a:moodle:moodle:1.8.2", "cpe:/a:moodle:moodle:1.9.2", "cpe:/a:moodle:moodle:1.8.6", "cpe:/a:moodle:moodle:1.7.4", "cpe:/a:moodle:moodle:1.6.3", "cpe:/a:moodle:moodle:1.6.7", "cpe:/a:moodle:moodle:1.8.4", "cpe:/a:moodle:moodle:1.6.2", "cpe:/a:moodle:moodle:1.7", "cpe:/a:moodle:moodle:1.6.1", "cpe:/a:moodle:moodle:1.8", "cpe:/a:moodle:moodle:1.6.5", "cpe:/a:moodle:moodle:1.7.1", "cpe:/a:moodle:moodle:1.7.3", "cpe:/a:moodle:moodle:1.6.8", "cpe:/a:moodle:moodle:1.9.1", "cpe:/a:moodle:moodle:1.6", "cpe:/a:moodle:moodle:1.8.1", "cpe:/a:moodle:moodle:1.8.5", "cpe:/a:moodle:moodle:1.9", "cpe:/a:moodle:moodle:1.7.2", "cpe:/a:moodle:moodle:1.6.4", "cpe:/a:moodle:moodle:1.7.5", "cpe:/a:moodle:moodle:1.9.3", "cpe:/a:moodle:moodle:1.8.3", "cpe:/a:moodle:moodle:1.8.8", "cpe:/a:moodle:moodle:1.7.6"], "cpe23": ["cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*"], "cvelist": ["CVE-2009-1171"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-20"], "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a \"$$\" sequence, which causes LaTeX to include the contents of the file.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:09:58", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2019-05-29T18:09:58", "rev": 2, "value": 5.4, "vector": "NONE"}}, "hash": "ac42a0ae3f0e151daaa1b33b0cb25163cf1642c50b4d5fdea2e69c458059464c", "hashmap": [{"hash": "4c5095aa0a8ad4049b7693b420a5ae6e", "key": "cvss2"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "0c5c85ea8a969f3824fd0f00c7dbd3af", "key": "published"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "a20783060c9e0f76d00f823ed72197e5", "key": "modified"}, {"hash": "dd858eeb4238f72c43fe0be40d332d89", "key": "references"}, {"hash": "2d9bee2a2bff3a2e07c03ca8cf584a75", "key": "affectedSoftware"}, {"hash": "db45ea9899a71b7c56cb7d51e84bb2fd", "key": "cpe"}, {"hash": "a325b160c4e0421cc05be001a409ef6b", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "876f47c4ebc2b9e0dd17afaa22819f2a", "key": "cvss"}, {"hash": "6f6233bf1111e781eea17729ea7a7a6e", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d23f37a7fea5aa78af03a798baed3464", "key": "title"}, {"hash": "5b8fc72651c70f1ba350faa08041004b", "key": "cpe23"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171", "id": "CVE-2009-1171", "lastseen": "2019-05-29T18:09:58", "modified": "2018-10-10T19:34:00", "objectVersion": "1.3", "published": "2009-03-30T22:30:00", "references": ["https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html", "http://www.debian.org/security/2009/dsa-1761", "https://www.exploit-db.com/exploits/8297", "https://usn.ubuntu.com/791-2/", "http://secunia.com/advisories/34517", "http://secunia.com/advisories/34600", "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html", "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "http://tracker.moodle.org/browse/MDL-18552", "http://www.securityfocus.com/bid/34278", "http://secunia.com/advisories/34557", "http://secunia.com/advisories/35570", "http://www.securityfocus.com/archive/1/502231/100/0/threaded"], "reporter": "cve@mitre.org", "title": "CVE-2009-1171", "type": "cve", "viewCount": 2}, "differentElements": ["affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:09:58"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:moodle:moodle:1.6.6", "cpe:/a:moodle:moodle:1.9.4", "cpe:/a:moodle:moodle:1.8.7", "cpe:/a:moodle:moodle:1.8.2", "cpe:/a:moodle:moodle:1.9.2", "cpe:/a:moodle:moodle:1.8.6", "cpe:/a:moodle:moodle:1.7.4", "cpe:/a:moodle:moodle:1.6.3", "cpe:/a:moodle:moodle:1.6.7", "cpe:/a:moodle:moodle:1.8.4", "cpe:/a:moodle:moodle:1.6.2", "cpe:/a:moodle:moodle:1.7", "cpe:/a:moodle:moodle:1.6.1", "cpe:/a:moodle:moodle:1.8", "cpe:/a:moodle:moodle:1.6.5", "cpe:/a:moodle:moodle:1.7.1", "cpe:/a:moodle:moodle:1.7.3", "cpe:/a:moodle:moodle:1.6.8", "cpe:/a:moodle:moodle:1.9.1", "cpe:/a:moodle:moodle:1.6", "cpe:/a:moodle:moodle:1.8.1", "cpe:/a:moodle:moodle:1.8.5", "cpe:/a:moodle:moodle:1.9", "cpe:/a:moodle:moodle:1.7.2", "cpe:/a:moodle:moodle:1.6.4", "cpe:/a:moodle:moodle:1.7.5", "cpe:/a:moodle:moodle:1.9.3", "cpe:/a:moodle:moodle:1.8.3", "cpe:/a:moodle:moodle:1.8.8", "cpe:/a:moodle:moodle:1.7.6"], "cpe23": ["cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2009-1171"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-20"], "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a \"$$\" sequence, which causes LaTeX to include the contents of the file.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T13:53:46", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2020-09-21T13:53:46", "rev": 2, "value": 5.4, "vector": "NONE"}}, "hash": "ab2aa8702de04bfbaac673c496831e78161f7d5e741e2d8416d2a7cdba80f635", "hashmap": [{"hash": "4c5095aa0a8ad4049b7693b420a5ae6e", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "0c5c85ea8a969f3824fd0f00c7dbd3af", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "bf294401411e23ba1f590d1fb6392345", "key": "affectedSoftware"}, {"hash": "a20783060c9e0f76d00f823ed72197e5", "key": "modified"}, {"hash": "dd858eeb4238f72c43fe0be40d332d89", "key": "references"}, {"hash": "db45ea9899a71b7c56cb7d51e84bb2fd", "key": "cpe"}, {"hash": "a325b160c4e0421cc05be001a409ef6b", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "876f47c4ebc2b9e0dd17afaa22819f2a", "key": "cvss"}, {"hash": "6f6233bf1111e781eea17729ea7a7a6e", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d23f37a7fea5aa78af03a798baed3464", "key": "title"}, {"hash": "5b8fc72651c70f1ba350faa08041004b", "key": "cpe23"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171", "id": "CVE-2009-1171", "lastseen": "2020-09-21T13:53:46", "modified": "2018-10-10T19:34:00", "objectVersion": "1.3", "published": "2009-03-30T22:30:00", "references": ["https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html", "http://www.debian.org/security/2009/dsa-1761", "https://www.exploit-db.com/exploits/8297", "https://usn.ubuntu.com/791-2/", "http://secunia.com/advisories/34517", "http://secunia.com/advisories/34600", "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html", "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "http://tracker.moodle.org/browse/MDL-18552", "http://www.securityfocus.com/bid/34278", "http://secunia.com/advisories/34557", "http://secunia.com/advisories/35570", "http://www.securityfocus.com/archive/1/502231/100/0/threaded"], "reporter": "cve@mitre.org", "title": "CVE-2009-1171", "type": "cve", "viewCount": 2}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T13:53:46"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:moodle:moodle:1.6.6", "cpe:/a:moodle:moodle:1.9.4", "cpe:/a:moodle:moodle:1.8.7", "cpe:/a:moodle:moodle:1.8.2", "cpe:/a:moodle:moodle:1.9.2", "cpe:/a:moodle:moodle:1.8.6", "cpe:/a:moodle:moodle:1.7.4", "cpe:/a:moodle:moodle:1.6.3", "cpe:/a:moodle:moodle:1.6.7", "cpe:/a:moodle:moodle:1.8.4", "cpe:/a:moodle:moodle:1.6.2", "cpe:/a:moodle:moodle:1.7", "cpe:/a:moodle:moodle:1.6.1", "cpe:/a:moodle:moodle:1.8", "cpe:/a:moodle:moodle:1.6.5", "cpe:/a:moodle:moodle:1.7.1", "cpe:/a:moodle:moodle:1.7.3", "cpe:/a:moodle:moodle:1.6.8", "cpe:/a:moodle:moodle:1.9.1", "cpe:/a:moodle:moodle:1.6", "cpe:/a:moodle:moodle:1.8.1", "cpe:/a:moodle:moodle:1.8.5", "cpe:/a:moodle:moodle:1.9", "cpe:/a:moodle:moodle:1.7.2", "cpe:/a:moodle:moodle:1.6.4", "cpe:/a:moodle:moodle:1.7.5", "cpe:/a:moodle:moodle:1.9.3", "cpe:/a:moodle:moodle:1.8.3", "cpe:/a:moodle:moodle:1.8.8", "cpe:/a:moodle:moodle:1.7.6"], "cpe23": ["cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2009-1171"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cwe": ["CWE-20"], "description": "The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a \"$$\" sequence, which causes LaTeX to include the contents of the file.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T11:54:12", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2020-10-03T11:54:12", "rev": 2, "value": 5.4, "vector": "NONE"}}, "hash": "433f2d8ee82d69f682824e55b5f7048e829342dddbfc45c9f6415c114dcfcdb7", "hashmap": [{"hash": "4c5095aa0a8ad4049b7693b420a5ae6e", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "0c5c85ea8a969f3824fd0f00c7dbd3af", "key": "published"}, {"hash": "ff9765b0facc5e63480710b6433b65b5", "key": "cpeConfiguration"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "bf294401411e23ba1f590d1fb6392345", "key": "affectedSoftware"}, {"hash": "a20783060c9e0f76d00f823ed72197e5", "key": "modified"}, {"hash": "dd858eeb4238f72c43fe0be40d332d89", "key": "references"}, {"hash": "db45ea9899a71b7c56cb7d51e84bb2fd", "key": "cpe"}, {"hash": "a325b160c4e0421cc05be001a409ef6b", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "876f47c4ebc2b9e0dd17afaa22819f2a", "key": "cvss"}, {"hash": "6f6233bf1111e781eea17729ea7a7a6e", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d23f37a7fea5aa78af03a798baed3464", "key": "title"}, {"hash": "5b8fc72651c70f1ba350faa08041004b", "key": "cpe23"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171", "id": "CVE-2009-1171", "lastseen": "2020-10-03T11:54:12", "modified": "2018-10-10T19:34:00", "objectVersion": "1.3", "published": "2009-03-30T22:30:00", "references": ["https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html", "http://www.debian.org/security/2009/dsa-1761", "https://www.exploit-db.com/exploits/8297", "https://usn.ubuntu.com/791-2/", "http://secunia.com/advisories/34517", "http://secunia.com/advisories/34600", "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html", "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "http://tracker.moodle.org/browse/MDL-18552", "http://www.securityfocus.com/bid/34278", "http://secunia.com/advisories/34557", "http://secunia.com/advisories/35570", "http://www.securityfocus.com/archive/1/502231/100/0/threaded"], "reporter": "cve@mitre.org", "title": "CVE-2009-1171", "type": "cve", "viewCount": 5}, "differentElements": ["cpe23", "modified", "cpe", "affectedSoftware", "cpeConfiguration"], "edition": 3, "lastseen": "2020-10-03T11:54:12"}], "edition": 6, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "fa70579722dbda76c16be97bfd879b31"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "49189942332e93af05d6e7b298e0830a"}, {"key": "cpe23", "hash": "bc892efb19798f26be4638e3c7aac571"}, {"key": "cpeConfiguration", "hash": "e5da5c533212df47ed9b603a96d6385c"}, {"key": "cvelist", "hash": "284eed3b1f61c6014a6323bdffd1a197"}, {"key": "cvss", "hash": "876f47c4ebc2b9e0dd17afaa22819f2a"}, {"key": "cvss2", "hash": "4c5095aa0a8ad4049b7693b420a5ae6e"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "226da5129ffaaee3d5b48e506b957d58"}, {"key": "description", "hash": "a325b160c4e0421cc05be001a409ef6b"}, {"key": "extraReferences", "hash": "76932d2b2ebea367ec223f5208ce851b"}, {"key": "href", "hash": "6f6233bf1111e781eea17729ea7a7a6e"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "4301aab4b9b98f4de5498df1b29e44ac"}, {"key": "published", "hash": "0c5c85ea8a969f3824fd0f00c7dbd3af"}, {"key": "references", "hash": "dd858eeb4238f72c43fe0be40d332d89"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "d23f37a7fea5aa78af03a798baed3464"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "582299807ee38731c6c6039e1d96e818b8f024818cc56206f8bc1b41684d99e3", "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:63891", "OPENVAS:136141256231066500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:66500", "OPENVAS:136141256231063891", "OPENVAS:136141256231063734", "OPENVAS:63734", "OPENVAS:63726", "OPENVAS:63727", "OPENVAS:64321", "OPENVAS:136141256231063727"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793"]}, {"type": "nessus", "idList": ["UBUNTU_USN-791-1.NASL", "DEBIAN_DSA-1761.NASL", "FEDORA_2009-3280.NASL", "FEDORA_2009-3283.NASL", "SUSE_MOODLE-6198.NASL", "SUSE_11_1_MOODLE-090417.NASL", "SUSE_11_0_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "fedora", "idList": ["FEDORA:0C0B6208959", "FEDORA:4424B20894E", "FEDORA:7E1DF10F85C"]}], "modified": "2021-04-21T20:47:47", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2021-04-21T20:47:47", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:moodle:moodle:1.6.6", "cpe:/a:moodle:moodle:1.9.4", "cpe:/a:moodle:moodle:1.8.7", "cpe:/a:moodle:moodle:1.8.2", "cpe:/a:moodle:moodle:1.9.2", "cpe:/a:moodle:moodle:1.8.6", "cpe:/a:moodle:moodle:1.7.4", "cpe:/a:moodle:moodle:1.6.0", "cpe:/a:moodle:moodle:1.6.3", "cpe:/a:moodle:moodle:1.6.7", "cpe:/a:moodle:moodle:1.8.4", "cpe:/a:moodle:moodle:1.6.2", "cpe:/a:moodle:moodle:1.6.1", "cpe:/a:moodle:moodle:1.6.5", "cpe:/a:moodle:moodle:1.7.1", "cpe:/a:moodle:moodle:1.7.3", "cpe:/a:moodle:moodle:1.6.8", "cpe:/a:moodle:moodle:1.9.1", "cpe:/a:moodle:moodle:1.8.1", "cpe:/a:moodle:moodle:1.8.5", "cpe:/a:moodle:moodle:1.7.2", "cpe:/a:moodle:moodle:1.6.4", "cpe:/a:moodle:moodle:1.7.5", "cpe:/a:moodle:moodle:1.9.3", "cpe:/a:moodle:moodle:1.8.3", "cpe:/a:moodle:moodle:1.8.8", "cpe:/a:moodle:moodle:1.7.6"], "affectedSoftware": [{"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.9.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.2"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.7"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.5"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.3"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.6"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.1"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.6.0"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.4"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.8.8"}, {"cpeName": "moodle:moodle", "name": "moodle", "operator": "eq", "version": "1.7.4"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*"], "cwe": ["CWE-20"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "34278", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/34278"}, {"name": "FEDORA-2009-3283", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html"}, {"name": "SUSE-SR:2009:009", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"}, {"name": "http://tracker.moodle.org/browse/MDL-18552", "refsource": "MISC", "tags": [], "url": "http://tracker.moodle.org/browse/MDL-18552"}, {"name": "20090327 Moodle: Sensitive File Disclosure", "refsource": "BUGTRAQ", "tags": [], "url": "http://www.securityfocus.com/archive/1/502231/100/0/threaded"}, {"name": "DSA-1761", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2009/dsa-1761"}, {"name": "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5", "refsource": "CONFIRM", "tags": ["Exploit"], "url": "http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5"}, {"name": "35570", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/35570"}, {"name": "34517", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34517"}, {"name": "USN-791-2", "refsource": "UBUNTU", "tags": [], "url": "https://usn.ubuntu.com/791-2/"}, {"name": "34557", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34557"}, {"name": "8297", "refsource": "EXPLOIT-DB", "tags": [], "url": "https://www.exploit-db.com/exploits/8297"}, {"name": "FEDORA-2009-3280", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html"}, {"name": "34600", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34600"}], "immutableFields": []}], "debian": [{"id": "DEBIAN:DSA-1761-1:ACA60", "bulletinFamily": "unix", "title": "[SECURITY] [DSA 1761-1] New moodle packages fix file disclosure", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1761-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nApril 3rd, 2009 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : moodle\nVulnerability : missing input sanitization\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2009-1171\nDebian Bug : 522116\n\n\nChristian J. Eibl discovered that the TeX filter of Moodle, a web-based\ncourse management system, doesn't check user input for certain TeX commands\nwhich allows an attacker to include and display the content of arbitrary system\nfiles.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.8.2.dfsg-5.\n\n\nWe recommend that you upgrade your moodle packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.dsc\n Size/MD5 checksum: 793 bb2ea87c38661c49b936a357eeb14b0c\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.diff.gz\n Size/MD5 checksum: 27511 974a829196380027ac19e82ecd4a6e82\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3_all.deb\n Size/MD5 checksum: 6583190 7d5c0c3103021541b308f54bfc2e2d55\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.diff.gz\n Size/MD5 checksum: 49345 31b07d8aab91762d31e2f73dcc6a468c\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.dsc\n Size/MD5 checksum: 1390 e7a4b2fe58e3b53f6c4bf6327a007509\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2_all.deb\n Size/MD5 checksum: 8713446 6a9345748982edab6a52047abe6779f6\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "published": "2009-04-03T13:37:56", "modified": "2009-04-03T13:37:56", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00072.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2009-1171"], "type": "debian", "lastseen": "2019-05-30T02:22:39", "history": [{"lastseen": "2019-05-30T02:22:39", "different_elements": ["cvss2"], "edition": 2, "bulletin": {"lastseen": "2019-05-30T02:22:39", "references": [], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1761-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nApril 3rd, 2009 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : moodle\nVulnerability : missing input sanitization\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2009-1171\nDebian Bug : 522116\n\n\nChristian J. Eibl discovered that the TeX filter of Moodle, a web-based\ncourse management system, doesn't check user input for certain TeX commands\nwhich allows an attacker to include and display the content of arbitrary system\nfiles.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.8.2.dfsg-5.\n\n\nWe recommend that you upgrade your moodle packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.dsc\n Size/MD5 checksum: 793 bb2ea87c38661c49b936a357eeb14b0c\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.diff.gz\n Size/MD5 checksum: 27511 974a829196380027ac19e82ecd4a6e82\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3_all.deb\n Size/MD5 checksum: 6583190 7d5c0c3103021541b308f54bfc2e2d55\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.diff.gz\n Size/MD5 checksum: 49345 31b07d8aab91762d31e2f73dcc6a468c\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.dsc\n Size/MD5 checksum: 1390 e7a4b2fe58e3b53f6c4bf6327a007509\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2_all.deb\n Size/MD5 checksum: 8713446 6a9345748982edab6a52047abe6779f6\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 2, "cvss3": {}, "reporter": "Debian", "history": [], "published": "2009-04-03T13:37:56", "enchantments": {"score": {"rev": 2, "modified": "2019-05-30T02:22:39", "vector": "NONE", "value": 7.2}, "dependencies": {"rev": 2, "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "modified": "2019-05-30T02:22:39"}}, "title": "[SECURITY] [DSA 1761-1] New moodle packages fix file disclosure", "type": "debian", "objectVersion": "1.5", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-1171"], "immutableFields": [], "modified": "2009-04-03T13:37:56", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00072.html", "id": "DEBIAN:DSA-1761-1:ACA60", "viewCount": 2, "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "hashmap": [{"hash": "eb4a6af43fde1f50ec9464b77a7834d6", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "45da35813787461bfcc8e02c1e18b752", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "6fe8b98c53e8d099686936732785d471", "key": "reporter"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "6e9552c9bd8e61c8f277c21220160234", "key": "type"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "1f12f7f90bff539e3cc87aba0a1ffac8", "key": "published"}, {"hash": "6420ea574bdb7353fe8b7be082752cec", "key": "title"}, {"hash": "876f47c4ebc2b9e0dd17afaa22819f2a", "key": "cvss"}, {"hash": "1f12f7f90bff539e3cc87aba0a1ffac8", "key": "modified"}], "hash": "3e728100a3e685785376659ae1f8b19884e60ad0a6f9d1195c27ff8a8acd3419"}}, {"lastseen": "2018-10-16T22:15:04", "edition": 1, "differentElements": ["cvss"], "bulletin": {"lastseen": "2018-10-16T22:15:04", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "4", "packageVersion": "1.6.3-2+etch3", "arch": "all", "packageFilename": "moodle_1.6.3-2+etch3_all.deb", "packageName": "moodle", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.8.2.dfsg-3+lenny2", "arch": "all", "packageFilename": "moodle_1.8.2.dfsg-3+lenny2_all.deb", "packageName": "moodle", "operator": "lt"}], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1761-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nApril 3rd, 2009 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : moodle\nVulnerability : missing input sanitization\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2009-1171\nDebian Bug : 522116\n\n\nChristian J. Eibl discovered that the TeX filter of Moodle, a web-based\ncourse management system, doesn't check user input for certain TeX commands\nwhich allows an attacker to include and display the content of arbitrary system\nfiles.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.8.2.dfsg-5.\n\n\nWe recommend that you upgrade your moodle packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.dsc\n Size/MD5 checksum: 793 bb2ea87c38661c49b936a357eeb14b0c\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3.diff.gz\n Size/MD5 checksum: 27511 974a829196380027ac19e82ecd4a6e82\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch3_all.deb\n Size/MD5 checksum: 6583190 7d5c0c3103021541b308f54bfc2e2d55\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.diff.gz\n Size/MD5 checksum: 49345 31b07d8aab91762d31e2f73dcc6a468c\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2.dsc\n Size/MD5 checksum: 1390 e7a4b2fe58e3b53f6c4bf6327a007509\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfsg-3+lenny2_all.deb\n Size/MD5 checksum: 8713446 6a9345748982edab6a52047abe6779f6\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "history": [], "published": "2009-04-03T13:37:56", "enchantments": {"score": {"modified": "2018-10-16T22:15:04", "vector": "NONE", "value": 5.0}, "dependencies": {"references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "modified": "2018-10-16T22:15:04"}}, "title": "[SECURITY] [DSA 1761-1] New moodle packages fix file disclosure", "type": "debian", "objectVersion": "1.3", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1171"], "modified": "2009-04-03T13:37:56", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00072.html", "id": "DEBIAN:DSA-1761-1:ACA60", "viewCount": 0, "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "hashmap": [{"hash": "eb4a6af43fde1f50ec9464b77a7834d6", "key": "href"}, {"hash": "a98a32dcbb7e21959ae47efe5169c90b", "key": "affectedPackage"}, {"hash": "45da35813787461bfcc8e02c1e18b752", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "3c236091754d2db00c1c42f811b3ada4", "key": "cvss"}, {"hash": "6fe8b98c53e8d099686936732785d471", "key": "reporter"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "6e9552c9bd8e61c8f277c21220160234", "key": "type"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1f12f7f90bff539e3cc87aba0a1ffac8", "key": "published"}, {"hash": "6420ea574bdb7353fe8b7be082752cec", "key": "title"}, {"hash": "1f12f7f90bff539e3cc87aba0a1ffac8", "key": "modified"}], "hash": "a368891e17f102a758f022e846d47919f8d7e32cfa7473a3e2d5b60ce203c991"}}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "284eed3b1f61c6014a6323bdffd1a197"}, {"key": "cvss", "hash": "876f47c4ebc2b9e0dd17afaa22819f2a"}, {"key": "cvss2", "hash": "4c5095aa0a8ad4049b7693b420a5ae6e"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "45da35813787461bfcc8e02c1e18b752"}, {"key": "href", "hash": "eb4a6af43fde1f50ec9464b77a7834d6"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1f12f7f90bff539e3cc87aba0a1ffac8"}, {"key": "published", "hash": "1f12f7f90bff539e3cc87aba0a1ffac8"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "6fe8b98c53e8d099686936732785d471"}, {"key": "title", "hash": "6420ea574bdb7353fe8b7be082752cec"}, {"key": "type", "hash": "6e9552c9bd8e61c8f277c21220160234"}], "hash": "932ed00e611fd34af13337baf6206b1ceed135c213182c36e37e2b936ff71b24", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "modified": "2019-05-30T02:22:39", "rev": 2}, "score": {"value": 7.2, "vector": "NONE", "modified": "2019-05-30T02:22:39", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "Debian", "OSVersion": "4", "arch": "all", "operator": "lt", "packageFilename": "moodle_1.6.3-2+etch3_all.deb", "packageName": "moodle", "packageVersion": "1.6.3-2+etch3"}, {"OS": "Debian", "OSVersion": "5", "arch": "all", "operator": "lt", "packageFilename": "moodle_1.8.2.dfsg-3+lenny2_all.deb", "packageName": "moodle", "packageVersion": "1.8.2.dfsg-3+lenny2"}], "scheme": null, "immutableFields": [], "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}}], "exploitdb": [{"id": "EDB-ID:8297", "hash": "6977c84c6ee4e5aa0a26ad0b97f77c212360da3cc7727cc2a61aaba97020cbff", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability", "description": "Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability. CVE-2009-1171. Webapps exploit for php platform", "published": "2009-03-27T00:00:00", "modified": "2009-03-27T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/8297/", "reporter": "Christian J. Eibl", "references": [], "cvelist": ["CVE-2009-1171"], "lastseen": "2016-02-01T05:11:33", "history": [{"lastseen": "2016-02-01T05:11:33", "different_elements": ["cvss2"], "edition": 1, "bulletin": {"lastseen": "2016-02-01T05:11:33", "references": [], "description": "Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability. CVE-2009-1171. Webapps exploit for php platform", "edition": 1, "cvss3": {}, "reporter": "Christian J. Eibl", "history": [], "published": "2009-03-27T00:00:00", "enchantments": {"score": {"rev": 2, "modified": "2016-02-01T05:11:33", "vector": "NONE", "value": 5.8}, "dependencies": {"rev": 2, "references": [{"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "modified": "2016-02-01T05:11:33"}}, "title": "Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability", "type": "exploitdb", "objectVersion": "1.5", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-1171"], "immutableFields": [], "modified": "2009-03-27T00:00:00", "href": "https://www.exploit-db.com/exploits/8297/", "id": "EDB-ID:8297", "viewCount": 14, "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "f53bcd7963ad45935fb13d7098a208be", "key": "modified"}, {"hash": "3c236091754d2db00c1c42f811b3ada4", "key": "cvss"}, {"hash": "392da8e6c3a2daf5e01a7f83e38c9696", "key": "title"}, {"hash": "c3d0b5a44e4a760338e317daa9490102", "key": "href"}, {"hash": "916b5dbd201b469998d9b4a4c8bc4e08", "key": "type"}, {"hash": "f53bcd7963ad45935fb13d7098a208be", "key": "published"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "468b86447b747fe13bb68ea3eb060333", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "2452a9f62decd2736cbbb5588041ef41", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}], "hash": "f80f4bc50d9f9177f7cb48ff5b9bd455bb083e2547b4b2f84209150d0d42956d"}}], "viewCount": 14, "enchantments": {"score": {"value": 5.8, "vector": "NONE", "modified": "2016-02-01T05:11:33", "rev": 2}, "dependencies": {"references": [{"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "modified": "2016-02-01T05:11:33", "rev": 2}}, "objectVersion": "1.5", "sourceHref": "https://www.exploit-db.com/download/8297/", "sourceData": "Moodle File Disclosure Vulnerability\n\nSystems Affected\t\tMoodle series <1.6.9+, <1.7.7+, <1.8.9, <1.9.5\nSeverity\t\t\t\tCritical\nProbability of being vulnerable\t\tRather Low\nVendor\t\t\t\thttp://moodle.org/\nFiled Bug\t\t\t#MDL-18552\nAuthor\t\t\t\tChristian J. Eibl\nDate\t\t\t\t20090327\n\nI. BACKGROUND\n\nMoodle is an open source (webbased) learning management system with \nusers all over the world in educational institutes, schools, or \ncompanies. See vendor homepage for details.\n\nII. DESCRIPTION\n\nAn input filter for TeX formulas can be exploited to disclose files \nreadable by the web server. This includes the moodle configuration \nfile with all authentication data and server locations for directly \nconnecting to backend database.\nTeX filter by default is off and in case of being activated mostly no \ncomplete LaTeX environment on a server system will be available.\n\nIII. DETECTION OF VULNERABILITY\n\nSince Moodle 1.6 a complete LaTeX environment is preferred over the \nshipped mimetex program for rendering TeX formulas to images that can \nbe included in HTML pages.\n\nIn any text input area, e.g., forum, type something like \"$$ \\jobname \n$$\" (without quotes). If the result looks like\n- \"$$ \\jobname $$\":\t\tTeX filter not activated\n- \"[jobname ?]\":\t\t\tTeX filter activated, but mimetex used\n- \"a91dbb...\" (hash):\t\tTeX filter active and LaTeX used (vuln.)\n\nSince LaTeX per se is very powerful for file inclusion and even \nwrites, the vulnerability depends on LaTeX environment and its \nconfiguration. \n\nIV. EXPLOIT PoC\n\nIf LaTeX is not configured to restrict file inclusion (default!), then \nabsolute paths and relative ones can be used. As proof of concept \nenter:\n\"$$ \\input{/etc/passwd} $$\"\n\nIn case the system is vulnerable, this will read the /etc/passwd file \nand will render the contents to an image included in the text. Hence, \ncontent is disclosed.\n\nRendering takes place in temporary folder by default which should not \nbe in the scope of the web server. Otherwise even arbitrary code could \nbe injected to compromise the whole web environment.\nBy using relative paths with background knowledge of Moodle's path \norganization, it is easy to disclose the configuration file with \nsensitive data.\n\nV. WORKAROUND\n\nSeveral alternatives:\n1) deactivate TeX filter, if not needed\n2) use more restrictive mimetex program for rendering\n3) change LaTeX configuration (set \"openin_any=p\" for paranoid!)\n\n... or upgrade to latest development version where patch should be \napplied by now.\n\nVI. TIMELINE\n\n20090312 Bug discovered\n20090313 Vendor contact / Bug filed (MDL-18552)\n20090314 Response and confirmation by vendor\n20090315 First patch proposed\n20090327 Bug marked resolved and patch in tree\n\n# milw0rm.com [2009-03-27]\n", "osvdbidlist": ["52998"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "immutableFields": [], "scheme": null, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "284eed3b1f61c6014a6323bdffd1a197"}, {"key": "cvss", "hash": "3c236091754d2db00c1c42f811b3ada4"}, {"key": "cvss2", "hash": "4c5095aa0a8ad4049b7693b420a5ae6e"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "468b86447b747fe13bb68ea3eb060333"}, {"key": "href", "hash": "c3d0b5a44e4a760338e317daa9490102"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "f53bcd7963ad45935fb13d7098a208be"}, {"key": "published", "hash": "f53bcd7963ad45935fb13d7098a208be"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "2452a9f62decd2736cbbb5588041ef41"}, {"key": "title", "hash": "392da8e6c3a2daf5e01a7f83e38c9696"}, {"key": "type", "hash": "916b5dbd201b469998d9b4a4c8bc4e08"}]}], "openvas": [{"id": "OPENVAS:64321", "hash": "5fef2519ea92f351004b31d0b89442a8", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu USN-791-2 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory USN-791-2.", "published": "2009-06-30T00:00:00", "modified": "2018-02-01T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64321", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.ubuntu.com/usn/usn-791-2/"], "cvelist": ["CVE-2009-1171"], "lastseen": "2018-02-02T13:15:45", "history": [{"lastseen": "2017-07-02T21:13:47", "bulletin": {"id": "OPENVAS:64321", "hash": "d7c78cdb4a46e58b5c718b7d866f3b1fb8d857faa55cef9dfaeaf575719e669b", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu USN-791-2 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory USN-791-2.", "published": "2009-06-30T00:00:00", "modified": "2017-02-08T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64321", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-1171"], "lastseen": "2017-07-02T21:13:47", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "64321", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_791_2.nasl 5231 2017-02-08 11:52:34Z teissa $\n# Description: Auto-generated from advisory USN-791-2 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 9.04:\n moodle 1.9.4.dfsg-0ubuntu1.1\n\nAfter a standard system upgrade you need to access the Moodle instance\nand accept the database update to clear any invalid cached data.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-791-2\";\n\ntag_insight = \"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post\na specially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user, leading\nto a loss of privacy. (CVE-2009-1171, MSA-09-0009)\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory USN-791-2.\";\n\n \n\n\nif(description)\n{\n script_id(64321);\n script_version(\"$Revision: 5231 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-08 12:52:34 +0100 (Wed, 08 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1171\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Ubuntu USN-791-2 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:canonical:ubuntu_linux\", \"login/SSH/success\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.9.4.dfsg-0ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}, {"lastseen": "2017-07-25T10:56:02", "bulletin": {"id": "OPENVAS:64321", "hash": "943e9384f67b8be5ac05b35f09397901626521882927a2986e560bf4d79a5b4e", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu USN-791-2 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory USN-791-2.", "published": "2009-06-30T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64321", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-1171"], "lastseen": "2017-07-25T10:56:02", "history": [], "viewCount": 1, "enchantments": {}, "objectVersion": "1.4", "pluginID": "64321", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_791_2.nasl 6639 2017-07-10 10:52:06Z cfischer $\n# Description: Auto-generated from advisory USN-791-2 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 9.04:\n moodle 1.9.4.dfsg-0ubuntu1.1\n\nAfter a standard system upgrade you need to access the Moodle instance\nand accept the database update to clear any invalid cached data.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-791-2\";\n\ntag_insight = \"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post\na specially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user, leading\nto a loss of privacy. (CVE-2009-1171, MSA-09-0009)\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory USN-791-2.\";\n\n \n\n\nif(description)\n{\n script_id(64321);\n script_version(\"$Revision: 6639 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 12:52:06 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1171\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Ubuntu USN-791-2 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.9.4.dfsg-0ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["references", "modified", "sourceData"], "edition": 2}, {"lastseen": "2017-12-04T11:27:49", "bulletin": {"id": "OPENVAS:64321", "hash": "e6c235e5a72a54cfa0170e4b1d33d100f8fccbe8345552816fa858629cd2a0da", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu USN-791-2 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory USN-791-2.", "published": "2009-06-30T00:00:00", "modified": "2017-12-01T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64321", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.ubuntu.com/usn/usn-791-2/"], "cvelist": ["CVE-2009-1171"], "lastseen": "2017-12-04T11:27:49", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 3.5, "modified": "2017-12-04T11:27:49"}}, "objectVersion": "1.4", "pluginID": "64321", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_791_2.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_791_2.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-791-2 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 9.04:\n moodle 1.9.4.dfsg-0ubuntu1.1\n\nAfter a standard system upgrade you need to access the Moodle instance\nand accept the database update to clear any invalid cached data.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-791-2\";\n\ntag_insight = \"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post\na specially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user, leading\nto a loss of privacy. (CVE-2009-1171, MSA-09-0009)\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory USN-791-2.\";\n\n \n\n\nif(description)\n{\n script_id(64321);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1171\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Ubuntu USN-791-2 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-791-2/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.9.4.dfsg-0ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 3}], "viewCount": 4, "enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2018-02-02T13:15:45", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "UBUNTU_USN-791-2.NASL", "DEBIAN_DSA-1761.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:63727", "OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:63726", "OPENVAS:136141256231063726", "OPENVAS:136141256231063734", "OPENVAS:64320", "OPENVAS:63891"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2018-02-02T13:15:45", "rev": 2}}, "objectVersion": "1.5", "pluginID": "64321", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_791_2.nasl 8616 2018-02-01 08:24:13Z cfischer $\n# $Id: ubuntu_791_2.nasl 8616 2018-02-01 08:24:13Z cfischer $\n# Description: Auto-generated from advisory USN-791-2 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 9.04:\n moodle 1.9.4.dfsg-0ubuntu1.1\n\nAfter a standard system upgrade you need to access the Moodle instance\nand accept the database update to clear any invalid cached data.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-791-2\";\n\ntag_insight = \"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post\na specially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user, leading\nto a loss of privacy. (CVE-2009-1171, MSA-09-0009)\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory USN-791-2.\";\n\n \n\n\nif(description)\n{\n script_id(64321);\n script_version(\"$Revision: 8616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-01 09:24:13 +0100 (Thu, 01 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2009-1171\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Ubuntu USN-791-2 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-791-2/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.9.4.dfsg-0ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(port:0, data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Ubuntu Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": []}, {"id": "OPENVAS:136141256231063734", "hash": "db84425bfb43f49d01c9eab311be1fdb", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1761-1 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory DSA 1761-1.", "published": "2009-04-06T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/", "score": 4.3}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063734", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-1171"], "lastseen": "2018-04-06T11:40:01", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 5.8, "vector": "NONE", "modified": "2018-04-06T11:40:01", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:63727", "OPENVAS:64321", "OPENVAS:63734", "OPENVAS:63726", "OPENVAS:136141256231063726", "OPENVAS:136141256231066500", "OPENVAS:64320", "OPENVAS:63891"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "UBUNTU_USN-791-2.NASL", "DEBIAN_DSA-1761.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2018-04-06T11:40:01", "rev": 2}}, "objectVersion": "1.5", "pluginID": "136141256231063734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1761_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1761-1 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Christian J. Eibl discovered that the TeX filter of Moodle, a web-based\ncourse management system, doesn't check user input for certain TeX commands\nwhich allows an attacker to include and display the content of arbitrary system\nfiles.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.8.2.dfsg-5.\n\n\nWe recommend that you upgrade your moodle packages.\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory DSA 1761-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201761-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63734\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1761-1 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.6.3-2+etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2.dfsg-3+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": []}, {"id": "OPENVAS:63734", "hash": "3ab97b40e1ffb24a2bc757b2b7222f00", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1761-1 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory DSA 1761-1.", "published": "2009-04-06T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63734", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-1171"], "lastseen": "2017-07-24T12:57:01", "history": [{"lastseen": "2017-07-02T21:14:13", "bulletin": {"id": "OPENVAS:63734", "hash": "8899bacd93a968d455e801c9ffeed9a6f1d3ecb2ed658488b31b156d73669c58", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1761-1 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory DSA 1761-1.", "published": "2009-04-06T00:00:00", "modified": "2016-11-22T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63734", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-1171"], "lastseen": "2017-07-02T21:14:13", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "63734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1761_1.nasl 4587 2016-11-22 07:18:14Z teissa $\n# Description: Auto-generated from advisory DSA 1761-1 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Christian J. Eibl discovered that the TeX filter of Moodle, a web-based\ncourse management system, doesn't check user input for certain TeX commands\nwhich allows an attacker to include and display the content of arbitrary system\nfiles.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.8.2.dfsg-5.\n\n\nWe recommend that you upgrade your moodle packages.\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory DSA 1761-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201761-1\";\n\n\nif(description)\n{\n script_id(63734);\n script_version(\"$Revision: 4587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-11-22 08:18:14 +0100 (Tue, 22 Nov 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1761-1 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:debian:debian_linux\", \"login/SSH/success\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.6.3-2+etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2.dfsg-3+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 3, "enchantments": {"score": {"value": 5.8, "vector": "NONE", "modified": "2017-07-24T12:57:01", "rev": 2}, "dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:63727", "OPENVAS:64321", "OPENVAS:136141256231063891", "OPENVAS:63726", "OPENVAS:136141256231066500", "OPENVAS:136141256231063726", "OPENVAS:136141256231063734", "OPENVAS:64320"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "UBUNTU_USN-791-2.NASL", "DEBIAN_DSA-1761.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2017-07-24T12:57:01", "rev": 2}}, "objectVersion": "1.5", "pluginID": "63734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1761_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1761-1 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Christian J. Eibl discovered that the TeX filter of Moodle, a web-based\ncourse management system, doesn't check user input for certain TeX commands\nwhich allows an attacker to include and display the content of arbitrary system\nfiles.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.8.2.dfsg-5.\n\n\nWe recommend that you upgrade your moodle packages.\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory DSA 1761-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201761-1\";\n\n\nif(description)\n{\n script_id(63734);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1761-1 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.6.3-2+etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2.dfsg-3+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": []}, {"id": "OPENVAS:136141256231063727", "hash": "31b258e071dc72e897901daddb040dfe", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 9 FEDORA-2009-3283 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3283.", "published": "2009-04-06T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063727", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded", "http://www.milw0rm.com/exploits/8297", "http://www.securityfocus.com/bid/34278", "https://bugzilla.redhat.com/show_bug.cgi?id=493109"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2018-04-06T11:39:25", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 8.3, "vector": "NONE", "modified": "2018-04-06T11:39:25", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:136141256231063260", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63261", "OPENVAS:136141256231063261", "OPENVAS:136141256231063405", "OPENVAS:136141256231066500", "OPENVAS:63260", "OPENVAS:63726"]}, {"type": "fedora", "idList": ["FEDORA:0C0B6208959", "FEDORA:9CD3820851E", "FEDORA:02A37208D57", "FEDORA:A7D1C208DAD", "FEDORA:6D2242084D5", "FEDORA:AC75620876F", "FEDORA:BB65B208E31", "FEDORA:7E1DF10F85C", "FEDORA:0C0FC208485", "FEDORA:4424B20894E"]}, {"type": "cve", "idList": ["CVE-2008-4796", "CVE-2009-1171", "CVE-2008-5153", "CVE-2009-0499"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171", "UB:CVE-2008-5153", "UB:CVE-2009-0499", "UB:CVE-2008-4796"]}, {"type": "nessus", "idList": ["FEDORA_2009-0819.NASL", "FEDORA_2008-9502.NASL", "FEDORA_2009-0814.NASL", "SUSE_11_0_MOODLE-090417.NASL", "FREEBSD_PKG_3A4A3E9CA1FE11DD81BE001C2514716C.NASL", "FEDORA_2008-9508.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2008-9903.NASL", "FEDORA_2008-9257.NASL", "FEDORA_2008-9304.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "jvn", "idList": ["JVN:20502807"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1724-1:A27A9", "DEBIAN:DSA-1691-1:BBC41", "DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297", "EDB-ID:40920"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21355", "SECURITYVULNS:VULN:9793", "SECURITYVULNS:VULN:9681", "SECURITYVULNS:DOC:21571"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682159"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:127352", "PACKETSTORM:140169"]}, {"type": "threatpost", "idList": ["THREATPOST:FF116863B5F150527644B5466CE96667"]}, {"type": "seebug", "idList": ["SSV:92573"]}, {"type": "gentoo", "idList": ["GLSA-201702-26"]}, {"type": "amazon", "idList": ["ALAS-2017-899"]}], "modified": "2018-04-06T11:39:25", "rev": 2}}, "objectVersion": "1.5", "pluginID": "136141256231063727", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3283.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3283 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Moodle is a course management system (CMS) - a free, Open Source software\npackage designed using sound pedagogical principles, to help educators create\neffective online learning communities.\n\nUpdate Information:\n\nCVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+,\n1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a $$ sequence, which causes LaTeX to\ninclude the contents of the file.\n\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n\n\nUpstream further reported that the above patch is not sufficient and following\nchange should be used instead:\n For >=1.9.0: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=b950f126018a9e16a298d278375a0eedf791e5dd\n For 1.6.* - 1.8.*: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9bf1486e7ea9e8cda1e4522b96e07245459a0d\n\nChangeLog:\n\n* Wed Apr 1 2009 Jon Ciesla - 1.9.4-6\n- Patch for CVE-2009-1171, BZ 493109.\n* Tue Mar 24 2009 Jon Ciesla - 1.9.4-5\n- Update for freefont->gnu-free-fonts change.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3283\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3283.\";\n\n\n\nif(description)\n{\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\");\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/34278\");\nscript_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/8297\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.63727\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-3283 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\nscript_tag(name : \"insight\" , value : tag_insight);\nscript_tag(name : \"solution\" , value : tag_solution);\nscript_tag(name : \"summary\" , value : tag_summary);\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_tag(name:\"solution_type\", value:\"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493109\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:136141256231063726", "hash": "f1dc4b5b392f8057172165b402dd255a", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 10 FEDORA-2009-3280 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3280.", "published": "2009-04-06T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063726", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded", "http://www.milw0rm.com/exploits/8297", "http://www.securityfocus.com/bid/34278", "https://bugzilla.redhat.com/show_bug.cgi?id=493109"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2018-04-06T11:39:13", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 8.3, "vector": "NONE", "modified": "2018-04-06T11:39:13", "rev": 2}, "dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:0C0B6208959", "FEDORA:8EF9620874A", "FEDORA:9CD3820851E", "FEDORA:04197208D75", "FEDORA:A7D1C208DAD", "FEDORA:6D2242084D5", "FEDORA:BB65B208E31", "FEDORA:7E1DF10F85C", "FEDORA:0C0FC208485", "FEDORA:4424B20894E"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063260", "OPENVAS:66500", "OPENVAS:63405", "OPENVAS:63727", "OPENVAS:63261", "OPENVAS:136141256231063261", "OPENVAS:136141256231066500", "OPENVAS:63260", "OPENVAS:63726", "OPENVAS:136141256231063727"]}, {"type": "cve", "idList": ["CVE-2008-4796", "CVE-2009-1171", "CVE-2008-5153", "CVE-2009-0499"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171", "UB:CVE-2008-5153", "UB:CVE-2009-0499", "UB:CVE-2008-4796"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "nessus", "idList": ["FEDORA_2009-0819.NASL", "FEDORA_2009-0814.NASL", "SUSE_11_0_MOODLE-090417.NASL", "FEDORA_2008-9508.NASL", "FEDORA_2008-9903.NASL", "FREEBSD_PKG_3A4A3E9CA1FE11DD81BE001C2514716C.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2008-9502.NASL", "FEDORA_2008-9257.NASL", "FEDORA_2008-9304.NASL"]}, {"type": "jvn", "idList": ["JVN:20502807"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21355", "SECURITYVULNS:VULN:9793", "SECURITYVULNS:VULN:9681", "SECURITYVULNS:DOC:21571"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1724-1:A27A9", "DEBIAN:DSA-1691-1:BBC41", "DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297", "EDB-ID:40920"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682159"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:127352", "PACKETSTORM:140169"]}, {"type": "threatpost", "idList": ["THREATPOST:FF116863B5F150527644B5466CE96667"]}, {"type": "seebug", "idList": ["SSV:92573"]}, {"type": "gentoo", "idList": ["GLSA-201702-26"]}, {"type": "amazon", "idList": ["ALAS-2017-899"]}], "modified": "2018-04-06T11:39:13", "rev": 2}}, "objectVersion": "1.5", "pluginID": "136141256231063726", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3280.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3280 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Moodle is a course management system (CMS) - a free, Open Source software\npackage designed using sound pedagogical principles, to help educators create\neffective online learning communities.\n\nUpdate Information:\n\nCVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+,\n1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a $$ sequence, which causes LaTeX to\ninclude the contents of the file.\n\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n\n\nUpstream further reported that the above patch is not sufficient and following\nchange should be used instead:\n For >=1.9.0: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=b950f126018a9e16a298d278375a0eedf791e5dd\n For 1.6.* - 1.8.*: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9bf1486e7ea9e8cda1e4522b96e07245459a0d\n\nChangeLog:\n\n* Wed Apr 1 2009 Jon Ciesla - 1.9.4-6\n- Patch for CVE-2009-1171, BZ 493109.\n* Tue Mar 24 2009 Jon Ciesla - 1.9.4-5\n- Update for freefont->gnu-free-fonts change.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3280\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3280.\";\n\n\n\nif(description)\n{\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\");\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/34278\");\nscript_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/8297\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.63726\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-3280 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\nscript_tag(name : \"insight\" , value : tag_insight);\nscript_tag(name : \"solution\" , value : tag_solution);\nscript_tag(name : \"summary\" , value : tag_summary);\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_tag(name:\"solution_type\", value:\"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493109\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:63727", "hash": "a352aa48335c1e7c02641acccd84b24e", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 9 FEDORA-2009-3283 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3283.", "published": "2009-04-06T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63727", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded", "http://www.milw0rm.com/exploits/8297", "http://www.securityfocus.com/bid/34278", "https://bugzilla.redhat.com/show_bug.cgi?id=493109"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2017-07-25T10:56:48", "history": [{"lastseen": "2017-07-02T21:14:08", "differentElements": ["modified", "sourceData"], "edition": 1, "bulletin": {"id": "OPENVAS:63727", "hash": "084ecc2e47df7a76a4f4a4a9453ab5252970dcc3de3e28577af898d7f13d4814", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 9 FEDORA-2009-3283 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3283.", "published": "2009-04-06T00:00:00", "modified": "2016-12-08T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63727", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded", "http://www.milw0rm.com/exploits/8297", "http://www.securityfocus.com/bid/34278", "https://bugzilla.redhat.com/show_bug.cgi?id=493109"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2017-07-02T21:14:08", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "63727", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3283.nasl 4722 2016-12-08 18:05:08Z teissa $\n# Description: Auto-generated from advisory FEDORA-2009-3283 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Moodle is a course management system (CMS) - a free, Open Source software\npackage designed using sound pedagogical principles, to help educators create\neffective online learning communities.\n\nUpdate Information:\n\nCVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+,\n1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a $$ sequence, which causes LaTeX to\ninclude the contents of the file.\n\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n\n\nUpstream further reported that the above patch is not sufficient and following\nchange should be used instead:\n For >=1.9.0: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=b950f126018a9e16a298d278375a0eedf791e5dd\n For 1.6.* - 1.8.*: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9bf1486e7ea9e8cda1e4522b96e07245459a0d\n\nChangeLog:\n\n* Wed Apr 1 2009 Jon Ciesla - 1.9.4-6\n- Patch for CVE-2009-1171, BZ 493109.\n* Tue Mar 24 2009 Jon Ciesla - 1.9.4-5\n- Update for freefont->gnu-free-fonts change.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3283\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3283.\";\n\n\n\nif(description)\n{\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\");\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/34278\");\nscript_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/8297\");\n script_id(63727);\n script_version(\"$Revision: 4722 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-08 19:05:08 +0100 (Thu, 08 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-3283 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/rpms\");\nscript_tag(name : \"insight\" , value : tag_insight);\nscript_tag(name : \"solution\" , value : tag_solution);\nscript_tag(name : \"summary\" , value : tag_summary);\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_tag(name:\"solution_type\", value:\"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493109\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks"}}], "viewCount": 9, "enchantments": {"score": {"value": 8.3, "vector": "NONE", "modified": "2017-07-25T10:56:48", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:136141256231063261", "OPENVAS:136141256231063726", "OPENVAS:63405", "OPENVAS:136141256231063727", "OPENVAS:63261", "OPENVAS:136141256231063260", "OPENVAS:66500", "OPENVAS:63726", "OPENVAS:63260", "OPENVAS:136141256231066500"]}, {"type": "fedora", "idList": ["FEDORA:6D2242084D5", "FEDORA:9CD3820851E", "FEDORA:0C0FC208485", "FEDORA:A7D1C208DAD", "FEDORA:0C0B6208959", "FEDORA:02A37208D57", "FEDORA:04197208D75", "FEDORA:4424B20894E", "FEDORA:BB65B208E31", "FEDORA:7E1DF10F85C"]}, {"type": "cve", "idList": ["CVE-2009-1171", "CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4796", "UB:CVE-2009-0499", "UB:CVE-2009-1171", "UB:CVE-2008-5153"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "nessus", "idList": ["SUSE_11_0_MOODLE-090417.NASL", "FREEBSD_PKG_3A4A3E9CA1FE11DD81BE001C2514716C.NASL", "FEDORA_2009-0819.NASL", "FEDORA_2009-0814.NASL", "FEDORA_2008-9304.NASL", "FEDORA_2008-9508.NASL", "FEDORA_2008-9903.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2008-9502.NASL", "FEDORA_2008-9257.NASL"]}, {"type": "jvn", "idList": ["JVN:20502807"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1691-1:BBC41", "DEBIAN:DSA-1761-1:ACA60", "DEBIAN:DSA-1724-1:A27A9"]}, {"type": "exploitdb", "idList": ["EDB-ID:40920", "EDB-ID:8297"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21355", "SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793", "SECURITYVULNS:VULN:9681"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682159"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:140169", "PACKETSTORM:127352"]}, {"type": "threatpost", "idList": ["THREATPOST:FF116863B5F150527644B5466CE96667"]}, {"type": "seebug", "idList": ["SSV:92573"]}, {"type": "gentoo", "idList": ["GLSA-201702-26"]}, {"type": "amazon", "idList": ["ALAS-2017-899"]}], "modified": "2017-07-25T10:56:48", "rev": 2}}, "objectVersion": "1.5", "pluginID": "63727", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3283.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3283 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Moodle is a course management system (CMS) - a free, Open Source software\npackage designed using sound pedagogical principles, to help educators create\neffective online learning communities.\n\nUpdate Information:\n\nCVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+,\n1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a $$ sequence, which causes LaTeX to\ninclude the contents of the file.\n\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n\n\nUpstream further reported that the above patch is not sufficient and following\nchange should be used instead:\n For >=1.9.0: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=b950f126018a9e16a298d278375a0eedf791e5dd\n For 1.6.* - 1.8.*: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9bf1486e7ea9e8cda1e4522b96e07245459a0d\n\nChangeLog:\n\n* Wed Apr 1 2009 Jon Ciesla - 1.9.4-6\n- Patch for CVE-2009-1171, BZ 493109.\n* Tue Mar 24 2009 Jon Ciesla - 1.9.4-5\n- Update for freefont->gnu-free-fonts change.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3283\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3283.\";\n\n\n\nif(description)\n{\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\");\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/34278\");\nscript_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/8297\");\n script_id(63727);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-3283 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\nscript_tag(name : \"insight\" , value : tag_insight);\nscript_tag(name : \"solution\" , value : tag_solution);\nscript_tag(name : \"summary\" , value : tag_summary);\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_tag(name:\"solution_type\", value:\"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493109\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.4~6.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:63726", "hash": "fc2ae84f1bb43d087124b04b5703dcf6", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 10 FEDORA-2009-3280 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3280.", "published": "2009-04-06T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63726", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded", "http://www.milw0rm.com/exploits/8297", "http://www.securityfocus.com/bid/34278", "https://bugzilla.redhat.com/show_bug.cgi?id=493109"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2017-07-25T10:56:44", "history": [{"lastseen": "2017-07-02T21:14:06", "bulletin": {"id": "OPENVAS:63726", "hash": "304762ec7a19f8e5324c716d3aab40e2cc1a470f57eba8ca4c48165b73805b54", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 10 FEDORA-2009-3280 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3280.", "published": "2009-04-06T00:00:00", "modified": "2016-12-08T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63726", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded", "http://www.milw0rm.com/exploits/8297", "http://www.securityfocus.com/bid/34278", "https://bugzilla.redhat.com/show_bug.cgi?id=493109"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2017-07-02T21:14:06", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "63726", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3280.nasl 4722 2016-12-08 18:05:08Z teissa $\n# Description: Auto-generated from advisory FEDORA-2009-3280 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Moodle is a course management system (CMS) - a free, Open Source software\npackage designed using sound pedagogical principles, to help educators create\neffective online learning communities.\n\nUpdate Information:\n\nCVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+,\n1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a $$ sequence, which causes LaTeX to\ninclude the contents of the file.\n\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n\n\nUpstream further reported that the above patch is not sufficient and following\nchange should be used instead:\n For >=1.9.0: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=b950f126018a9e16a298d278375a0eedf791e5dd\n For 1.6.* - 1.8.*: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9bf1486e7ea9e8cda1e4522b96e07245459a0d\n\nChangeLog:\n\n* Wed Apr 1 2009 Jon Ciesla - 1.9.4-6\n- Patch for CVE-2009-1171, BZ 493109.\n* Tue Mar 24 2009 Jon Ciesla - 1.9.4-5\n- Update for freefont->gnu-free-fonts change.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3280\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3280.\";\n\n\n\nif(description)\n{\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\");\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/34278\");\nscript_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/8297\");\n script_id(63726);\n script_version(\"$Revision: 4722 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-08 19:05:08 +0100 (Thu, 08 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-3280 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/rpms\");\nscript_tag(name : \"insight\" , value : tag_insight);\nscript_tag(name : \"solution\" , value : tag_solution);\nscript_tag(name : \"summary\" , value : tag_summary);\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_tag(name:\"solution_type\", value:\"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493109\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 8, "enchantments": {"score": {"value": 8.2, "vector": "NONE", "modified": "2017-07-25T10:56:44", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:136141256231063261", "OPENVAS:136141256231063726", "OPENVAS:63405", "OPENVAS:136141256231063727", "OPENVAS:63261", "OPENVAS:63727", "OPENVAS:136141256231063260", "OPENVAS:66500", "OPENVAS:63260", "OPENVAS:136141256231066500"]}, {"type": "fedora", "idList": ["FEDORA:6D2242084D5", "FEDORA:9CD3820851E", "FEDORA:0C0FC208485", "FEDORA:A7D1C208DAD", "FEDORA:0C0B6208959", "FEDORA:02A37208D57", "FEDORA:04197208D75", "FEDORA:4424B20894E", "FEDORA:BB65B208E31", "FEDORA:7E1DF10F85C"]}, {"type": "cve", "idList": ["CVE-2009-1171", "CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4796", "UB:CVE-2009-0499", "UB:CVE-2009-1171", "UB:CVE-2008-5153"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "nessus", "idList": ["SUSE_11_0_MOODLE-090417.NASL", "FREEBSD_PKG_3A4A3E9CA1FE11DD81BE001C2514716C.NASL", "FEDORA_2009-0819.NASL", "FEDORA_2009-0814.NASL", "FEDORA_2008-9304.NASL", "FEDORA_2008-9508.NASL", "FEDORA_2008-9903.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2008-9502.NASL", "FEDORA_2008-9257.NASL"]}, {"type": "jvn", "idList": ["JVN:20502807"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1691-1:BBC41", "DEBIAN:DSA-1761-1:ACA60", "DEBIAN:DSA-1724-1:A27A9"]}, {"type": "exploitdb", "idList": ["EDB-ID:40920", "EDB-ID:8297"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21355", "SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793", "SECURITYVULNS:VULN:9681"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682159"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:140169", "PACKETSTORM:127352"]}, {"type": "threatpost", "idList": ["THREATPOST:FF116863B5F150527644B5466CE96667"]}, {"type": "seebug", "idList": ["SSV:92573"]}, {"type": "gentoo", "idList": ["GLSA-201702-26"]}, {"type": "amazon", "idList": ["ALAS-2017-899"]}], "modified": "2017-07-25T10:56:44", "rev": 2}}, "objectVersion": "1.5", "pluginID": "63726", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3280.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3280 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Moodle is a course management system (CMS) - a free, Open Source software\npackage designed using sound pedagogical principles, to help educators create\neffective online learning communities.\n\nUpdate Information:\n\nCVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+,\n1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read\narbitrary files via an input command in a $$ sequence, which causes LaTeX to\ninclude the contents of the file.\n\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n\n\nUpstream further reported that the above patch is not sufficient and following\nchange should be used instead:\n For >=1.9.0: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=b950f126018a9e16a298d278375a0eedf791e5dd\n For 1.6.* - 1.8.*: http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9bf1486e7ea9e8cda1e4522b96e07245459a0d\n\nChangeLog:\n\n* Wed Apr 1 2009 Jon Ciesla - 1.9.4-6\n- Patch for CVE-2009-1171, BZ 493109.\n* Tue Mar 24 2009 Jon Ciesla - 1.9.4-5\n- Update for freefont->gnu-free-fonts change.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3280\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-3280.\";\n\n\n\nif(description)\n{\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\");\nscript_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/34278\");\nscript_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/8297\");\n script_id(63726);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-3280 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\nscript_tag(name : \"insight\" , value : tag_insight);\nscript_tag(name : \"solution\" , value : tag_solution);\nscript_tag(name : \"summary\" , value : tag_summary);\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_tag(name:\"solution_type\", value:\"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493109\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.4~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:136141256231066500", "hash": "d4fa969510d73c3f4e9bef91be6e1cd8", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 10 FEDORA-2009-13040 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-13040.", "published": "2009-12-14T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066500", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=544766"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2018-04-06T11:37:14", "history": [], "viewCount": 3, "enchantments": {"score": {"value": 8.5, "vector": "NONE", "modified": "2018-04-06T11:37:14", "rev": 2}, "dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:03C1920876B", "FEDORA:0C0FC208485", "FEDORA:0C0B6208959", "FEDORA:02A37208D57", "FEDORA:9CD3820851E", "FEDORA:4424B20894E", "FEDORA:8EF9620874A", "FEDORA:04197208D75", "FEDORA:BB65B208E31", "FEDORA:7E1DF10F85C", "FEDORA:6D2242084D5", "FEDORA:A7D1C208DAD", "FEDORA:AC75620876F", "FEDORA:5FA58208D69"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063410", "OPENVAS:136141256231063261", "OPENVAS:860855", "OPENVAS:1361412562310800240", "OPENVAS:860245", "OPENVAS:63260", "OPENVAS:63734", "OPENVAS:800240", "OPENVAS:66500", "OPENVAS:63261", "OPENVAS:136141256231063727", "OPENVAS:63060", "OPENVAS:63726", "OPENVAS:136141256231063405", "OPENVAS:860120", "OPENVAS:136141256231063390", "OPENVAS:136141256231063734", "OPENVAS:136141256231063260", "OPENVAS:63390", "OPENVAS:63727", "OPENVAS:63410", "OPENVAS:860625", "OPENVAS:860342", "OPENVAS:61799", "OPENVAS:64321", "OPENVAS:63405", "OPENVAS:1361412562310106473", "OPENVAS:64320", "OPENVAS:860079", "OPENVAS:136141256231063726", "OPENVAS:860699"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171", "UB:CVE-2008-4796", "UB:CVE-2008-5153", "UB:CVE-2009-0499"]}, {"type": "cve", "idList": ["CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171", "CVE-2008-4796"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1761.NASL", "FEDORA_2008-9502.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "DEBIAN_DSA-1691.NASL", "FEDORA_2008-9903.NASL", "FEDORA_2008-9304.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-0814.NASL", "SUSE_11_1_MOODLE-090417.NASL", "FREEBSD_PKG_3A4A3E9CA1FE11DD81BE001C2514716C.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_MOODLE-6108.NASL", "FEDORA_2009-1699.NASL", "ALA_ALAS-2017-899.NASL", "FEDORA_2008-9257.NASL", "FEDORA_2008-9508.NASL", "UBUNTU_USN-791-2.NASL", "FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090319.NASL", "DEBIAN_DSA-1724.NASL", "FEDORA_2009-3280.NASL", "FEDORA_2009-1641.NASL", "SUSE_MOODLE-6198.NASL", "SUSE_11_0_MOODLE-090320.NASL", "MOODLE_FORUM_CSRF.NASL", "FEDORA_2009-0819.NASL", "GENTOO_GLSA-201702-26.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "jvn", "idList": ["JVN:20502807"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21355", "SECURITYVULNS:VULN:9681", "SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1691-1:BBC41", "DEBIAN:DSA-1724-1:A27A9", "DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:40920", "EDB-ID:8297"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682159"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:127352", "PACKETSTORM:140169"]}, {"type": "threatpost", "idList": ["THREATPOST:FF116863B5F150527644B5466CE96667"]}, {"type": "seebug", "idList": ["SSV:92573"]}, {"type": "gentoo", "idList": ["GLSA-201702-26"]}, {"type": "amazon", "idList": ["ALAS-2017-899"]}], "modified": "2018-04-06T11:37:14", "rev": 2}}, "objectVersion": "1.5", "pluginID": "136141256231066500", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_13040.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-13040 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nMoodle upstream has released latest stable versions (1.9.7 and 1.8.11), fixing\nmultiple security issues. For details, please visit the referenced\nsecurity advisories.\n\nChangeLog:\n\n* Tue Dec 8 2009 Jon Ciesla - 1.9.7-1\n- Update to 1.9.7, BZ 544766.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13040\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-13040.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66500\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-13040 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=544766\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-dv\", rpm:\"moodle-dv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ur\", rpm:\"moodle-ur~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:66500", "hash": "c9143e3cf3b93452b775ff262bd7d75d", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 10 FEDORA-2009-13040 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-13040.", "published": "2009-12-14T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66500", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=544766"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2017-07-25T10:56:00", "history": [{"lastseen": "2017-07-02T21:13:47", "bulletin": {"id": "OPENVAS:66500", "hash": "37aa864c081cf20a21cfe96c7bd636ef670e5b06651a9f99b16c2cb1ceaf99aa", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 10 FEDORA-2009-13040 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-13040.", "published": "2009-12-14T00:00:00", "modified": "2016-12-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66500", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=544766"], "cvelist": ["CVE-2008-4796", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171"], "lastseen": "2017-07-02T21:13:47", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "66500", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_13040.nasl 4670 2016-12-05 08:06:45Z teissa $\n# Description: Auto-generated from advisory FEDORA-2009-13040 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nMoodle upstream has released latest stable versions (1.9.7 and 1.8.11), fixing\nmultiple security issues. For details, please visit the referenced\nsecurity advisories.\n\nChangeLog:\n\n* Tue Dec 8 2009 Jon Ciesla - 1.9.7-1\n- Update to 1.9.7, BZ 544766.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13040\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-13040.\";\n\n\n\nif(description)\n{\n script_id(66500);\n script_version(\"$Revision: 4670 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-05 09:06:45 +0100 (Mon, 05 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-13040 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=544766\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-dv\", rpm:\"moodle-dv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ur\", rpm:\"moodle-ur~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 6, "enchantments": {"score": {"value": 8.5, "vector": "NONE", "modified": "2017-07-25T10:56:00", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:136141256231063410", "OPENVAS:136141256231063261", "OPENVAS:860855", "OPENVAS:1361412562310800240", "OPENVAS:860245", "OPENVAS:63260", "OPENVAS:63734", "OPENVAS:800240", "OPENVAS:63261", "OPENVAS:136141256231063727", "OPENVAS:63060", "OPENVAS:63726", "OPENVAS:136141256231063405", "OPENVAS:860120", "OPENVAS:136141256231063390", "OPENVAS:136141256231063734", "OPENVAS:136141256231063260", "OPENVAS:63390", "OPENVAS:63727", "OPENVAS:63410", "OPENVAS:860625", "OPENVAS:860342", "OPENVAS:136141256231066500", "OPENVAS:61799", "OPENVAS:64321", "OPENVAS:63405", "OPENVAS:1361412562310106473", "OPENVAS:64320", "OPENVAS:860079", "OPENVAS:136141256231063726", "OPENVAS:860699"]}, {"type": "fedora", "idList": ["FEDORA:03C1920876B", "FEDORA:0C0FC208485", "FEDORA:0C0B6208959", "FEDORA:02A37208D57", "FEDORA:9CD3820851E", "FEDORA:4424B20894E", "FEDORA:8EF9620874A", "FEDORA:04197208D75", "FEDORA:BB65B208E31", "FEDORA:7E1DF10F85C", "FEDORA:6D2242084D5", "FEDORA:A7D1C208DAD", "FEDORA:AC75620876F", "FEDORA:5FA58208D69"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171", "UB:CVE-2008-4796", "UB:CVE-2008-5153", "UB:CVE-2009-0499"]}, {"type": "cve", "idList": ["CVE-2008-5153", "CVE-2009-0499", "CVE-2009-1171", "CVE-2008-4796"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1761.NASL", "FEDORA_2008-9502.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "DEBIAN_DSA-1691.NASL", "FEDORA_2008-9903.NASL", "FEDORA_2008-9304.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-0814.NASL", "SUSE_11_1_MOODLE-090417.NASL", "FREEBSD_PKG_3A4A3E9CA1FE11DD81BE001C2514716C.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_MOODLE-6108.NASL", "FEDORA_2009-1699.NASL", "ALA_ALAS-2017-899.NASL", "FEDORA_2008-9257.NASL", "FEDORA_2008-9508.NASL", "UBUNTU_USN-791-2.NASL", "FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090319.NASL", "DEBIAN_DSA-1724.NASL", "FEDORA_2009-3280.NASL", "FEDORA_2009-1641.NASL", "SUSE_MOODLE-6198.NASL", "SUSE_11_0_MOODLE-090320.NASL", "MOODLE_FORUM_CSRF.NASL", "FEDORA_2009-0819.NASL", "GENTOO_GLSA-201702-26.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "jvn", "idList": ["JVN:20502807"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1691-1:BBC41", "DEBIAN:DSA-1724-1:A27A9", "DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:40920", "EDB-ID:8297"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21355", "SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9681", "SECURITYVULNS:VULN:9793"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682159"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:127352", "PACKETSTORM:140169"]}, {"type": "threatpost", "idList": ["THREATPOST:FF116863B5F150527644B5466CE96667"]}, {"type": "seebug", "idList": ["SSV:92573"]}, {"type": "gentoo", "idList": ["GLSA-201702-26"]}, {"type": "amazon", "idList": ["ALAS-2017-899"]}], "modified": "2017-07-25T10:56:00", "rev": 2}}, "objectVersion": "1.5", "pluginID": "66500", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_13040.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-13040 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nMoodle upstream has released latest stable versions (1.9.7 and 1.8.11), fixing\nmultiple security issues. For details, please visit the referenced\nsecurity advisories.\n\nChangeLog:\n\n* Tue Dec 8 2009 Jon Ciesla - 1.9.7-1\n- Update to 1.9.7, BZ 544766.\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update moodle' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-13040\";\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory FEDORA-2009-13040.\";\n\n\n\nif(description)\n{\n script_id(66500);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-14 23:06:43 +0100 (Mon, 14 Dec 2009)\");\n script_cve_id(\"CVE-2009-1171\", \"CVE-2009-0499\", \"CVE-2008-5153\", \"CVE-2008-4796\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-13040 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=544766\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"moodle\", rpm:\"moodle~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-af\", rpm:\"moodle-af~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ar\", rpm:\"moodle-ar~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-be\", rpm:\"moodle-be~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bg\", rpm:\"moodle-bg~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bn\", rpm:\"moodle-bn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-bs\", rpm:\"moodle-bs~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ca\", rpm:\"moodle-ca~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cs\", rpm:\"moodle-cs~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-cy\", rpm:\"moodle-cy~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-da\", rpm:\"moodle-da~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de\", rpm:\"moodle-de~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-de_du\", rpm:\"moodle-de_du~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-dv\", rpm:\"moodle-dv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-el\", rpm:\"moodle-el~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-es\", rpm:\"moodle-es~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-et\", rpm:\"moodle-et~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-eu\", rpm:\"moodle-eu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fa\", rpm:\"moodle-fa~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fi\", rpm:\"moodle-fi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fil\", rpm:\"moodle-fil~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr\", rpm:\"moodle-fr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-fr_ca\", rpm:\"moodle-fr_ca~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ga\", rpm:\"moodle-ga~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gl\", rpm:\"moodle-gl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-gu\", rpm:\"moodle-gu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-he\", rpm:\"moodle-he~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hi\", rpm:\"moodle-hi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hr\", rpm:\"moodle-hr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hu\", rpm:\"moodle-hu~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-hy\", rpm:\"moodle-hy~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-id\", rpm:\"moodle-id~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-is\", rpm:\"moodle-is~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-it\", rpm:\"moodle-it~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ja\", rpm:\"moodle-ja~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ka\", rpm:\"moodle-ka~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kk\", rpm:\"moodle-kk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-km\", rpm:\"moodle-km~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-kn\", rpm:\"moodle-kn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ko\", rpm:\"moodle-ko~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lo\", rpm:\"moodle-lo~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lt\", rpm:\"moodle-lt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-lv\", rpm:\"moodle-lv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_tn\", rpm:\"moodle-mi_tn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mi_wwow\", rpm:\"moodle-mi_wwow~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mk\", rpm:\"moodle-mk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ml\", rpm:\"moodle-ml~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-mn\", rpm:\"moodle-mn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ms\", rpm:\"moodle-ms~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nl\", rpm:\"moodle-nl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-nn\", rpm:\"moodle-nn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no\", rpm:\"moodle-no~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-no_gr\", rpm:\"moodle-no_gr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pl\", rpm:\"moodle-pl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt\", rpm:\"moodle-pt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-pt_br\", rpm:\"moodle-pt_br~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ro\", rpm:\"moodle-ro~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ru\", rpm:\"moodle-ru~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-si\", rpm:\"moodle-si~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sk\", rpm:\"moodle-sk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sl\", rpm:\"moodle-sl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sm\", rpm:\"moodle-sm~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-so\", rpm:\"moodle-so~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sq\", rpm:\"moodle-sq~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr\", rpm:\"moodle-sr_cr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_cr_bo\", rpm:\"moodle-sr_cr_bo~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sr_lt\", rpm:\"moodle-sr_lt~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-sv\", rpm:\"moodle-sv~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta\", rpm:\"moodle-ta~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ta_lk\", rpm:\"moodle-ta_lk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-th\", rpm:\"moodle-th~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tl\", rpm:\"moodle-tl~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-to\", rpm:\"moodle-to~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-tr\", rpm:\"moodle-tr~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uk\", rpm:\"moodle-uk~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-ur\", rpm:\"moodle-ur~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-uz\", rpm:\"moodle-uz~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-vi\", rpm:\"moodle-vi~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_cn\", rpm:\"moodle-zh_cn~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"moodle-zh_tw\", rpm:\"moodle-zh_tw~1.9.7~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:64320", "hash": "dad51b20380aee458e067c32dea37cf4", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu USN-791-1 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory USN-791-1.\n\nFor details, please visit the referenced security advisories.", "published": "2009-06-30T00:00:00", "modified": "2017-12-01T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64320", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["http://www.ubuntu.com/usn/usn-791-1/"], "cvelist": ["CVE-2009-0501", "CVE-2008-4811", "CVE-2008-5432", "CVE-2008-5619", "CVE-2009-0502", "CVE-2008-4810", "CVE-2008-4796", "CVE-2008-6124", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-0500", "CVE-2009-1171", "CVE-2009-1669", "CVE-2007-3215"], "lastseen": "2017-12-04T11:28:25", "history": [{"lastseen": "2017-07-25T10:56:25", "bulletin": {"id": "OPENVAS:64320", "hash": "f61a4150d2f69b907e1fae514a720ba1e8bd8e8d61ce4179a04ee1189d253ad3", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu USN-791-1 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory USN-791-1.\n\nFor details, please visit the referenced security advisories.", "published": "2009-06-30T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64320", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-0501", "CVE-2008-4811", "CVE-2008-5432", "CVE-2008-5619", "CVE-2009-0502", "CVE-2008-4810", "CVE-2008-4796", "CVE-2008-6124", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-0500", "CVE-2009-1171", "CVE-2009-1669", "CVE-2007-3215"], "lastseen": "2017-07-25T10:56:25", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "64320", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_791_1.nasl 6639 2017-07-10 10:52:06Z cfischer $\n# Description: Auto-generated from advisory USN-791-1 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n moodle 1.8.2-1ubuntu4.2\n\nUbuntu 8.10:\n moodle 1.8.2-1.2ubuntu2.1\n\nAfter a standard system upgrade you need to access the Moodle instance\nand accept the database update to clear any invalid cached data.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-791-1\";\n\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory USN-791-1.\n\nFor details, please visit the referenced security advisories.\";\n\n \n\n\nif(description)\n{\n script_id(64320);\n script_version(\"$Revision: 6639 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 12:52:06 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2007-3215\", \"CVE-2008-4796\", \"CVE-2008-4810\", \"CVE-2008-4811\", \"CVE-2008-5153\", \"CVE-2008-5432\", \"CVE-2008-5619\", \"CVE-2008-6124\", \"CVE-2009-0499\", \"CVE-2009-0500\", \"CVE-2009-0501\", \"CVE-2009-0502\", \"CVE-2009-1171\", \"CVE-2009-1669\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-791-1 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2-1.2ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["references", "modified", "sourceData"], "edition": 2}, {"lastseen": "2017-07-02T21:13:57", "bulletin": {"id": "OPENVAS:64320", "hash": "447a4e056bcce3d41a7f5dc329e919facb84c853cd4194875eba05a3d7aaed6e", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu USN-791-1 (moodle)", "description": "The remote host is missing an update to moodle\nannounced via advisory USN-791-1.\n\nFor details, please visit the referenced security advisories.", "published": "2009-06-30T00:00:00", "modified": "2017-02-08T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=64320", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-0501", "CVE-2008-4811", "CVE-2008-5432", "CVE-2008-5619", "CVE-2009-0502", "CVE-2008-4810", "CVE-2008-4796", "CVE-2008-6124", "CVE-2008-5153", "CVE-2009-0499", "CVE-2009-0500", "CVE-2009-1171", "CVE-2009-1669", "CVE-2007-3215"], "lastseen": "2017-07-02T21:13:57", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "64320", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_791_1.nasl 5231 2017-02-08 11:52:34Z teissa $\n# Description: Auto-generated from advisory USN-791-1 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n moodle 1.8.2-1ubuntu4.2\n\nUbuntu 8.10:\n moodle 1.8.2-1.2ubuntu2.1\n\nAfter a standard system upgrade you need to access the Moodle instance\nand accept the database update to clear any invalid cached data.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-791-1\";\n\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory USN-791-1.\n\nFor details, please visit the referenced security advisories.\";\n\n \n\n\nif(description)\n{\n script_id(64320);\n script_version(\"$Revision: 5231 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-08 12:52:34 +0100 (Wed, 08 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2007-3215\", \"CVE-2008-4796\", \"CVE-2008-4810\", \"CVE-2008-4811\", \"CVE-2008-5153\", \"CVE-2008-5432\", \"CVE-2008-5619\", \"CVE-2008-6124\", \"CVE-2009-0499\", \"CVE-2009-0500\", \"CVE-2009-0501\", \"CVE-2009-0502\", \"CVE-2009-1171\", \"CVE-2009-1669\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-791-1 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:canonical:ubuntu_linux\", \"login/SSH/success\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2-1.2ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Ubuntu Local Security Checks"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "viewCount": 7, "enchantments": {"score": {"value": 7.9, "vector": "NONE", "modified": "2017-12-04T11:28:25", "rev": 2}, "dependencies": {"references": [{"type": "ubuntu", "idList": ["USN-791-1"]}, {"type": "nessus", "idList": ["SUSE_11_1_MOODLE-090319.NASL", "DEBIAN_DSA-1691.NASL", "SUSE_MOODLE-6108.NASL", "DEBIAN_DSA-1919.NASL", "DEBIAN_DSA-1724.NASL", "FEDORA_2009-1641.NASL", "FEDORA_2009-1699.NASL", "GENTOO_GLSA-201006-13.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_11_0_MOODLE-090320.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063390", "OPENVAS:63405", "OPENVAS:63390", "OPENVAS:136141256231066500", "OPENVAS:136141256231063727", "OPENVAS:136141256231063405", "OPENVAS:63727", "OPENVAS:63726", "OPENVAS:66500", "OPENVAS:136141256231063726"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:900BC2086F6", "FEDORA:0C0B6208959", "FEDORA:6D2242084D5", "FEDORA:EDB14208D99", "FEDORA:5F652208E18", "FEDORA:0C0FC208485", "FEDORA:4424B20894E", "FEDORA:BB65B208E31", "FEDORA:9CD3820851E"]}, {"type": "cve", "idList": ["CVE-2008-4810", "CVE-2009-0499", "CVE-2008-4796", "CVE-2008-5619", "CVE-2007-3215", "CVE-2008-6124", "CVE-2008-4811", "CVE-2008-5153", "CVE-2009-0500", "CVE-2008-5432"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4796", "UB:CVE-2008-5619", "UB:CVE-2009-0500", "UB:CVE-2008-4811", "UB:CVE-2008-5153", "UB:CVE-2008-5432", "UB:CVE-2008-6124", "UB:CVE-2007-3215", "UB:CVE-2008-4810", "UB:CVE-2009-0499"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21355", "SECURITYVULNS:DOC:27130", "SECURITYVULNS:DOC:21071", "SECURITYVULNS:VULN:9681"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1919-2:73FE7", "DEBIAN:DSA-1724-1:A27A9", "DEBIAN:DSA-1691-1:BBC41", "DEBIAN:DSA-1919-1:C1894", "DEBIAN:DSA-1315-1:C7F7F"]}, {"type": "gentoo", "idList": ["GLSA-201006-13"]}, {"type": "osvdb", "idList": ["OSVDB:37206"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:8538DA761581DA76919D1BA107260D3F"]}, {"type": "canvas", "idList": ["ROUNDCUBE"]}], "modified": "2017-12-04T11:28:25", "rev": 2}}, "objectVersion": "1.5", "pluginID": "64320", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_791_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_791_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-791-1 (moodle)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n moodle 1.8.2-1ubuntu4.2\n\nUbuntu 8.10:\n moodle 1.8.2-1.2ubuntu2.1\n\nAfter a standard system upgrade you need to access the Moodle instance\nand accept the database update to clear any invalid cached data.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-791-1\";\n\ntag_summary = \"The remote host is missing an update to moodle\nannounced via advisory USN-791-1.\n\nFor details, please visit the referenced security advisories.\";\n\n \n\n\nif(description)\n{\n script_id(64320);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2007-3215\", \"CVE-2008-4796\", \"CVE-2008-4810\", \"CVE-2008-4811\", \"CVE-2008-5153\", \"CVE-2008-5432\", \"CVE-2008-5619\", \"CVE-2008-6124\", \"CVE-2009-0499\", \"CVE-2009-0500\", \"CVE-2009-0501\", \"CVE-2009-0502\", \"CVE-2009-1171\", \"CVE-2009-1669\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-791-1 (moodle)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-791-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"moodle\", ver:\"1.8.2-1.2ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Ubuntu Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": []}, {"id": "OPENVAS:63891", "hash": "ae3b4c03e2998b6c4c4e78dbd0db7e32", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Security Summary SUSE-SR:2009:009", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "published": "2009-04-28T00:00:00", "modified": "2017-07-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63891", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-0196", "CVE-2009-0928", "CVE-2009-0586", "CVE-2009-0658", "CVE-2009-0792", "CVE-2009-0922", "CVE-2009-1241", "CVE-2008-4311", "CVE-2009-0927", "CVE-2009-0698", "CVE-2009-0365", "CVE-2009-0193", "CVE-2009-1062", "CVE-2009-1171", "CVE-2008-4989", "CVE-2009-0578", "CVE-2009-0790", "CVE-2009-1061"], "lastseen": "2017-07-26T08:55:42", "history": [{"lastseen": "2017-07-02T21:14:01", "differentElements": ["modified", "sourceData"], "edition": 1, "bulletin": {"id": "OPENVAS:63891", "hash": "570260e1d3cf19ef3c12b8ef7a64289233dc34c0591f89bbc0a25bb57ddcb3af", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Security Summary SUSE-SR:2009:009", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "published": "2009-04-28T00:00:00", "modified": "2017-02-07T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=63891", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-0196", "CVE-2009-0928", "CVE-2009-0586", "CVE-2009-0658", "CVE-2009-0792", "CVE-2009-0922", "CVE-2009-1241", "CVE-2008-4311", "CVE-2009-0927", "CVE-2009-0698", "CVE-2009-0365", "CVE-2009-0193", "CVE-2009-1062", "CVE-2009-1171", "CVE-2008-4989", "CVE-2009-0578", "CVE-2009-0790", "CVE-2009-1061"], "lastseen": "2017-07-02T21:14:01", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "63891", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_009.nasl 5220 2017-02-07 11:42:33Z teissa $\n# Description: Auto-generated from advisory SUSE-SR:2009:009\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63891);\n script_version(\"$Revision: 5220 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-07 12:42:33 +0100 (Tue, 07 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-4311\", \"CVE-2008-4989\", \"CVE-2009-0193\", \"CVE-2009-0196\", \"CVE-2009-0365\", \"CVE-2009-0578\", \"CVE-2009-0586\", \"CVE-2009-0658\", \"CVE-2009-0698\", \"CVE-2009-0790\", \"CVE-2009-0792\", \"CVE-2009-0922\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\", \"CVE-2009-1171\", \"CVE-2009-1241\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:novell:opensuse\", \"login/SSH/success\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager\", rpm:\"NetworkManager~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-devel\", rpm:\"NetworkManager-devel~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-doc\", rpm:\"NetworkManager-doc~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-glib\", rpm:\"NetworkManager-glib~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs\", rpm:\"aufs~cvs20081020~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-default\", rpm:\"aufs-kmp-default~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-pae\", rpm:\"aufs-kmp-pae~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-xen\", rpm:\"aufs-kmp-xen~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1\", rpm:\"dbus-1~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel\", rpm:\"dbus-1-devel~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel-doc\", rpm:\"dbus-1-devel-doc~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"deb\", rpm:\"deb~1.14.21~10.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base\", rpm:\"gstreamer-0_10-plugins-base~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-devel\", rpm:\"gstreamer-0_10-plugins-base-devel~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-doc\", rpm:\"gstreamer-0_10-plugins-base-doc~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-lang\", rpm:\"gstreamer-0_10-plugins-base-lang~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi\", rpm:\"kde4-akonadi~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi-devel\", rpm:\"kde4-akonadi-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akregator\", rpm:\"kde4-akregator~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-dolphin\", rpm:\"kde4-dolphin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kaddressbook\", rpm:\"kde4-kaddressbook~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kalarm\", rpm:\"kde4-kalarm~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdepasswd\", rpm:\"kde4-kdepasswd~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdialog\", rpm:\"kde4-kdialog~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm\", rpm:\"kde4-kdm~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm-branding-upstream\", rpm:\"kde4-kdm-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-keditbookmarks\", rpm:\"kde4-keditbookmarks~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kfind\", rpm:\"kde4-kfind~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kgreeter-plugins\", rpm:\"kde4-kgreeter-plugins~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kinfocenter\", rpm:\"kde4-kinfocenter~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kjots\", rpm:\"kde4-kjots~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kmail\", rpm:\"kde4-kmail~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knode\", rpm:\"kde4-knode~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knotes\", rpm:\"kde4-knotes~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konqueror\", rpm:\"kde4-konqueror~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konsole\", rpm:\"kde4-konsole~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kontact\", rpm:\"kde4-kontact~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-korganizer\", rpm:\"kde4-korganizer~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktimetracker\", rpm:\"kde4-ktimetracker~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktnef\", rpm:\"kde4-ktnef~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwin\", rpm:\"kde4-kwin~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwrite\", rpm:\"kde4-kwrite~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4\", rpm:\"kdebase4~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-libkonq\", rpm:\"kdebase4-libkonq~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-nsplugin\", rpm:\"kdebase4-nsplugin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-runtime\", rpm:\"kdebase4-runtime~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace\", rpm:\"kdebase4-workspace~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-branding-upstream\", rpm:\"kdebase4-workspace-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-devel\", rpm:\"kdebase4-workspace-devel~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-ksysguardd\", rpm:\"kdebase4-workspace-ksysguardd~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4\", rpm:\"kdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-devel\", rpm:\"kdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-wizards\", rpm:\"kdepim4-wizards~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepimlibs4\", rpm:\"kdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kio_iso\", rpm:\"kio_iso~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krusader\", rpm:\"krusader~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libakonadi4\", rpm:\"libakonadi4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas\", rpm:\"libgnomecanvas~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-devel\", rpm:\"libgnomecanvas-devel~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-doc\", rpm:\"libgnomecanvas-doc~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-lang\", rpm:\"libgnomecanvas-lang~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstinterfaces-0_10-0\", rpm:\"libgstinterfaces-0_10-0~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4\", rpm:\"libkdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4-devel\", rpm:\"libkdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4\", rpm:\"libkdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4-devel\", rpm:\"libkdepimlibs4-devel~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq-devel\", rpm:\"libkonq-devel~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq5\", rpm:\"libkonq5~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap0\", rpm:\"libpcap0~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev0\", rpm:\"libudev0~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~126~17.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id1\", rpm:\"libvolume_id1~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-gnome-vfs\", rpm:\"libxine1-gnome-vfs~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-pulse\", rpm:\"libxine1-pulse~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"module-init-tools\", rpm:\"module-init-tools~3.4~56.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"phonon-backend-xine\", rpm:\"phonon-backend-xine~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.71.11~7.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-audio\", rpm:\"bluez-audio~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.8~3.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~0.11.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls-devel\", rpm:\"gnutls-devel~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.4~49.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.2~4.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "SuSE Local Security Checks"}}], "viewCount": 2, "enchantments": {"score": {"value": 8.2, "vector": "NONE", "modified": "2017-07-26T08:55:42", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:65828", "OPENVAS:136141256231063686", "OPENVAS:136141256231063640", "OPENVAS:136141256231063820", "OPENVAS:136141256231063853", "OPENVAS:1361412562310900320", "OPENVAS:63820", "OPENVAS:136141256231063639", "OPENVAS:63640", "OPENVAS:136141256231063526", "OPENVAS:63526", "OPENVAS:136141256231063527", "OPENVAS:63611", "OPENVAS:1361412562310880835", "OPENVAS:63686", "OPENVAS:1361412562310900321", "OPENVAS:136141256231065847", "OPENVAS:65847", "OPENVAS:1361412562310900480", "OPENVAS:136141256231063611", "OPENVAS:880835", "OPENVAS:65652", "OPENVAS:136141256231065652", "OPENVAS:63527", "OPENVAS:136141256231063891", "OPENVAS:63853"]}, {"type": "nessus", "idList": ["SUSE_ACROREAD_JA-6161.NASL", "SUSE_11_0_NETWORKMANAGER-GNOME-090226.NASL", "CENTOS_RHSA-2009-0362.NASL", "ORACLELINUX_ELSA-2009-0361.NASL", "SUSE_11_0_ACROREAD-090325.NASL", "ADOBE_READER_91.NASL", "UBUNTU_USN-727-2.NASL", "REDHAT-RHSA-2009-0361.NASL", "SUSE_11_ACROREAD-090325.NASL", "UBUNTU_USN-727-1.NASL", "ADOBE_ACROBAT_91.NASL", "SUSE_ACROREAD-6121.NASL", "REDHAT-RHSA-2009-0376.NASL", "SUSE_11_ACROREAD_JA-090415.NASL", "SUSE_11_0_MODEMMANAGER-090226.NASL", "CENTOS_RHSA-2009-0361.NASL", "SUSE_NETWORKMANAGER-GNOME-6028.NASL", "GENTOO_GLSA-200904-17.NASL", "SUSE_ACROREAD-6120.NASL", "SUSE_11_1_ACROREAD-090325.NASL", "SUSE_11_1_NETWORKMANAGER-GNOME-090226.NASL"]}, {"type": "suse", "idList": ["SUSE-SA:2009:014", "SUSE-SA:2009:013"]}, {"type": "gentoo", "idList": ["GLSA-200904-17"]}, {"type": "redhat", "idList": ["RHSA-2009:0376", "RHSA-2009:0361"]}, {"type": "cve", "idList": ["CVE-2008-4989", "CVE-2009-0922", "CVE-2009-0792", "CVE-2009-0790", "CVE-2009-0586", "CVE-2009-0365", "CVE-2009-0927", "CVE-2009-1061", "CVE-2009-1062", "CVE-2009-0196", "CVE-2009-0658", "CVE-2009-0578", "CVE-2009-0193", "CVE-2009-1241", "CVE-2009-1171", "CVE-2009-0698", "CVE-2008-4311", "CVE-2009-0928"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4311", "UB:CVE-2009-0792", "UB:CVE-2009-0578", "UB:CVE-2009-1171", "UB:CVE-2009-0193", "UB:CVE-2009-0365", "UB:CVE-2009-0922", "UB:CVE-2009-0586", "UB:CVE-2008-4989", "UB:CVE-2009-0698", "UB:CVE-2009-0928", "UB:CVE-2009-0658", "UB:CVE-2009-0790", "UB:CVE-2009-0196", "UB:CVE-2009-1241"]}, {"type": "attackerkb", "idList": ["AKB:9B2AA01B-8C6F-493E-8849-A3DCAF097F12"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2009-0922"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2009-0196/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21421", "SECURITYVULNS:DOC:21568"]}, {"type": "seebug", "idList": ["SSV:4956", "SSV:4876"]}, {"type": "centos", "idList": ["CESA-2009:0361"]}, {"type": "fedora", "idList": ["FEDORA:3C447208544", "FEDORA:42BFE208545", "FEDORA:76DB6208543", "FEDORA:90224208546", "FEDORA:99065208547"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0361"]}], "modified": "2017-07-26T08:55:42", "rev": 2}}, "objectVersion": "1.5", "pluginID": "63891", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_009.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:009\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63891);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-4311\", \"CVE-2008-4989\", \"CVE-2009-0193\", \"CVE-2009-0196\", \"CVE-2009-0365\", \"CVE-2009-0578\", \"CVE-2009-0586\", \"CVE-2009-0658\", \"CVE-2009-0698\", \"CVE-2009-0790\", \"CVE-2009-0792\", \"CVE-2009-0922\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\", \"CVE-2009-1171\", \"CVE-2009-1241\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager\", rpm:\"NetworkManager~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-devel\", rpm:\"NetworkManager-devel~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-doc\", rpm:\"NetworkManager-doc~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-glib\", rpm:\"NetworkManager-glib~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs\", rpm:\"aufs~cvs20081020~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-default\", rpm:\"aufs-kmp-default~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-pae\", rpm:\"aufs-kmp-pae~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-xen\", rpm:\"aufs-kmp-xen~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1\", rpm:\"dbus-1~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel\", rpm:\"dbus-1-devel~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel-doc\", rpm:\"dbus-1-devel-doc~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"deb\", rpm:\"deb~1.14.21~10.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base\", rpm:\"gstreamer-0_10-plugins-base~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-devel\", rpm:\"gstreamer-0_10-plugins-base-devel~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-doc\", rpm:\"gstreamer-0_10-plugins-base-doc~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-lang\", rpm:\"gstreamer-0_10-plugins-base-lang~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi\", rpm:\"kde4-akonadi~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi-devel\", rpm:\"kde4-akonadi-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akregator\", rpm:\"kde4-akregator~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-dolphin\", rpm:\"kde4-dolphin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kaddressbook\", rpm:\"kde4-kaddressbook~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kalarm\", rpm:\"kde4-kalarm~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdepasswd\", rpm:\"kde4-kdepasswd~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdialog\", rpm:\"kde4-kdialog~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm\", rpm:\"kde4-kdm~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm-branding-upstream\", rpm:\"kde4-kdm-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-keditbookmarks\", rpm:\"kde4-keditbookmarks~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kfind\", rpm:\"kde4-kfind~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kgreeter-plugins\", rpm:\"kde4-kgreeter-plugins~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kinfocenter\", rpm:\"kde4-kinfocenter~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kjots\", rpm:\"kde4-kjots~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kmail\", rpm:\"kde4-kmail~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knode\", rpm:\"kde4-knode~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knotes\", rpm:\"kde4-knotes~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konqueror\", rpm:\"kde4-konqueror~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konsole\", rpm:\"kde4-konsole~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kontact\", rpm:\"kde4-kontact~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-korganizer\", rpm:\"kde4-korganizer~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktimetracker\", rpm:\"kde4-ktimetracker~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktnef\", rpm:\"kde4-ktnef~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwin\", rpm:\"kde4-kwin~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwrite\", rpm:\"kde4-kwrite~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4\", rpm:\"kdebase4~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-libkonq\", rpm:\"kdebase4-libkonq~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-nsplugin\", rpm:\"kdebase4-nsplugin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-runtime\", rpm:\"kdebase4-runtime~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace\", rpm:\"kdebase4-workspace~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-branding-upstream\", rpm:\"kdebase4-workspace-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-devel\", rpm:\"kdebase4-workspace-devel~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-ksysguardd\", rpm:\"kdebase4-workspace-ksysguardd~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4\", rpm:\"kdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-devel\", rpm:\"kdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-wizards\", rpm:\"kdepim4-wizards~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepimlibs4\", rpm:\"kdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kio_iso\", rpm:\"kio_iso~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krusader\", rpm:\"krusader~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libakonadi4\", rpm:\"libakonadi4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas\", rpm:\"libgnomecanvas~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-devel\", rpm:\"libgnomecanvas-devel~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-doc\", rpm:\"libgnomecanvas-doc~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-lang\", rpm:\"libgnomecanvas-lang~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstinterfaces-0_10-0\", rpm:\"libgstinterfaces-0_10-0~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4\", rpm:\"libkdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4-devel\", rpm:\"libkdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4\", rpm:\"libkdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4-devel\", rpm:\"libkdepimlibs4-devel~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq-devel\", rpm:\"libkonq-devel~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq5\", rpm:\"libkonq5~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap0\", rpm:\"libpcap0~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev0\", rpm:\"libudev0~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~126~17.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id1\", rpm:\"libvolume_id1~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-gnome-vfs\", rpm:\"libxine1-gnome-vfs~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-pulse\", rpm:\"libxine1-pulse~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"module-init-tools\", rpm:\"module-init-tools~3.4~56.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"phonon-backend-xine\", rpm:\"phonon-backend-xine~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.71.11~7.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-audio\", rpm:\"bluez-audio~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.8~3.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~0.11.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls-devel\", rpm:\"gnutls-devel~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.4~49.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.2~4.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "SuSE Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}, {"id": "OPENVAS:136141256231063891", "hash": "6414501b7eb799192f33077401d7613f", "type": "openvas", "bulletinFamily": "scanner", "title": "SuSE Security Summary SUSE-SR:2009:009", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "published": "2009-04-28T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 10.0}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063891", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-0196", "CVE-2009-0928", "CVE-2009-0586", "CVE-2009-0658", "CVE-2009-0792", "CVE-2009-0922", "CVE-2009-1241", "CVE-2008-4311", "CVE-2009-0927", "CVE-2009-0698", "CVE-2009-0365", "CVE-2009-0193", "CVE-2009-1062", "CVE-2009-1171", "CVE-2008-4989", "CVE-2009-0578", "CVE-2009-0790", "CVE-2009-1061"], "lastseen": "2018-04-06T11:38:42", "history": [], "viewCount": 3, "enchantments": {"score": {"value": 8.2, "vector": "NONE", "modified": "2018-04-06T11:38:42", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:65828", "OPENVAS:136141256231063686", "OPENVAS:136141256231063640", "OPENVAS:136141256231063820", "OPENVAS:136141256231063853", "OPENVAS:1361412562310900320", "OPENVAS:63820", "OPENVAS:136141256231063639", "OPENVAS:63640", "OPENVAS:136141256231063526", "OPENVAS:63526", "OPENVAS:136141256231063527", "OPENVAS:63611", "OPENVAS:1361412562310880835", "OPENVAS:63686", "OPENVAS:63891", "OPENVAS:1361412562310900321", "OPENVAS:136141256231065847", "OPENVAS:65847", "OPENVAS:1361412562310900480", "OPENVAS:136141256231063611", "OPENVAS:880835", "OPENVAS:65652", "OPENVAS:136141256231065652", "OPENVAS:63527", "OPENVAS:63853"]}, {"type": "nessus", "idList": ["SUSE_ACROREAD_JA-6161.NASL", "SUSE_11_0_NETWORKMANAGER-GNOME-090226.NASL", "CENTOS_RHSA-2009-0362.NASL", "ORACLELINUX_ELSA-2009-0361.NASL", "SUSE_11_0_ACROREAD-090325.NASL", "ADOBE_READER_91.NASL", "UBUNTU_USN-727-2.NASL", "REDHAT-RHSA-2009-0361.NASL", "SUSE_11_ACROREAD-090325.NASL", "UBUNTU_USN-727-1.NASL", "ADOBE_ACROBAT_91.NASL", "SUSE_ACROREAD-6121.NASL", "REDHAT-RHSA-2009-0376.NASL", "SUSE_11_ACROREAD_JA-090415.NASL", "SUSE_11_0_MODEMMANAGER-090226.NASL", "CENTOS_RHSA-2009-0361.NASL", "SUSE_NETWORKMANAGER-GNOME-6028.NASL", "GENTOO_GLSA-200904-17.NASL", "SUSE_ACROREAD-6120.NASL", "SUSE_11_1_ACROREAD-090325.NASL", "SUSE_11_1_NETWORKMANAGER-GNOME-090226.NASL"]}, {"type": "suse", "idList": ["SUSE-SA:2009:014", "SUSE-SA:2009:013"]}, {"type": "gentoo", "idList": ["GLSA-200904-17"]}, {"type": "redhat", "idList": ["RHSA-2009:0376", "RHSA-2009:0361"]}, {"type": "cve", "idList": ["CVE-2008-4989", "CVE-2009-0922", "CVE-2009-0792", "CVE-2009-0790", "CVE-2009-0586", "CVE-2009-0365", "CVE-2009-0927", "CVE-2009-1061", "CVE-2009-1062", "CVE-2009-0196", "CVE-2009-0658", "CVE-2009-0578", "CVE-2009-0193", "CVE-2009-1241", "CVE-2009-1171", "CVE-2009-0698", "CVE-2008-4311", "CVE-2009-0928"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4311", "UB:CVE-2009-0792", "UB:CVE-2009-0578", "UB:CVE-2009-1171", "UB:CVE-2009-0193", "UB:CVE-2009-0365", "UB:CVE-2009-0922", "UB:CVE-2009-0586", "UB:CVE-2008-4989", "UB:CVE-2009-0698", "UB:CVE-2009-0928", "UB:CVE-2009-0658", "UB:CVE-2009-0790", "UB:CVE-2009-0196", "UB:CVE-2009-1241"]}, {"type": "attackerkb", "idList": ["AKB:9B2AA01B-8C6F-493E-8849-A3DCAF097F12"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2009-0922"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2009-0196/"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21421", "SECURITYVULNS:DOC:21568"]}, {"type": "seebug", "idList": ["SSV:4956", "SSV:4876"]}, {"type": "centos", "idList": ["CESA-2009:0361"]}, {"type": "fedora", "idList": ["FEDORA:3C447208544", "FEDORA:42BFE208545", "FEDORA:76DB6208543", "FEDORA:90224208546", "FEDORA:99065208547"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0361"]}], "modified": "2018-04-06T11:38:42", "rev": 2}}, "objectVersion": "1.5", "pluginID": "136141256231063891", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_009.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:009\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63891\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-4311\", \"CVE-2008-4989\", \"CVE-2009-0193\", \"CVE-2009-0196\", \"CVE-2009-0365\", \"CVE-2009-0578\", \"CVE-2009-0586\", \"CVE-2009-0658\", \"CVE-2009-0698\", \"CVE-2009-0790\", \"CVE-2009-0792\", \"CVE-2009-0922\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\", \"CVE-2009-1171\", \"CVE-2009-1241\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager\", rpm:\"NetworkManager~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-devel\", rpm:\"NetworkManager-devel~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-doc\", rpm:\"NetworkManager-doc~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-glib\", rpm:\"NetworkManager-glib~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs\", rpm:\"aufs~cvs20081020~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-default\", rpm:\"aufs-kmp-default~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-pae\", rpm:\"aufs-kmp-pae~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-xen\", rpm:\"aufs-kmp-xen~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1\", rpm:\"dbus-1~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel\", rpm:\"dbus-1-devel~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel-doc\", rpm:\"dbus-1-devel-doc~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"deb\", rpm:\"deb~1.14.21~10.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base\", rpm:\"gstreamer-0_10-plugins-base~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-devel\", rpm:\"gstreamer-0_10-plugins-base-devel~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-doc\", rpm:\"gstreamer-0_10-plugins-base-doc~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-lang\", rpm:\"gstreamer-0_10-plugins-base-lang~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi\", rpm:\"kde4-akonadi~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi-devel\", rpm:\"kde4-akonadi-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akregator\", rpm:\"kde4-akregator~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-dolphin\", rpm:\"kde4-dolphin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kaddressbook\", rpm:\"kde4-kaddressbook~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kalarm\", rpm:\"kde4-kalarm~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdepasswd\", rpm:\"kde4-kdepasswd~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdialog\", rpm:\"kde4-kdialog~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm\", rpm:\"kde4-kdm~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm-branding-upstream\", rpm:\"kde4-kdm-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-keditbookmarks\", rpm:\"kde4-keditbookmarks~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kfind\", rpm:\"kde4-kfind~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kgreeter-plugins\", rpm:\"kde4-kgreeter-plugins~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kinfocenter\", rpm:\"kde4-kinfocenter~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kjots\", rpm:\"kde4-kjots~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kmail\", rpm:\"kde4-kmail~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knode\", rpm:\"kde4-knode~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knotes\", rpm:\"kde4-knotes~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konqueror\", rpm:\"kde4-konqueror~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konsole\", rpm:\"kde4-konsole~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kontact\", rpm:\"kde4-kontact~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-korganizer\", rpm:\"kde4-korganizer~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktimetracker\", rpm:\"kde4-ktimetracker~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktnef\", rpm:\"kde4-ktnef~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwin\", rpm:\"kde4-kwin~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwrite\", rpm:\"kde4-kwrite~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4\", rpm:\"kdebase4~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-libkonq\", rpm:\"kdebase4-libkonq~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-nsplugin\", rpm:\"kdebase4-nsplugin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-runtime\", rpm:\"kdebase4-runtime~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace\", rpm:\"kdebase4-workspace~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-branding-upstream\", rpm:\"kdebase4-workspace-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-devel\", rpm:\"kdebase4-workspace-devel~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-ksysguardd\", rpm:\"kdebase4-workspace-ksysguardd~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4\", rpm:\"kdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-devel\", rpm:\"kdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-wizards\", rpm:\"kdepim4-wizards~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepimlibs4\", rpm:\"kdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kio_iso\", rpm:\"kio_iso~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krusader\", rpm:\"krusader~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libakonadi4\", rpm:\"libakonadi4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas\", rpm:\"libgnomecanvas~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-devel\", rpm:\"libgnomecanvas-devel~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-doc\", rpm:\"libgnomecanvas-doc~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-lang\", rpm:\"libgnomecanvas-lang~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstinterfaces-0_10-0\", rpm:\"libgstinterfaces-0_10-0~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4\", rpm:\"libkdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4-devel\", rpm:\"libkdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4\", rpm:\"libkdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4-devel\", rpm:\"libkdepimlibs4-devel~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq-devel\", rpm:\"libkonq-devel~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq5\", rpm:\"libkonq5~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap0\", rpm:\"libpcap0~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev0\", rpm:\"libudev0~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~126~17.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id1\", rpm:\"libvolume_id1~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-gnome-vfs\", rpm:\"libxine1-gnome-vfs~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-pulse\", rpm:\"libxine1-pulse~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"module-init-tools\", rpm:\"module-init-tools~3.4~56.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"phonon-backend-xine\", rpm:\"phonon-backend-xine~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.71.11~7.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-audio\", rpm:\"bluez-audio~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.8~3.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~0.11.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls-devel\", rpm:\"gnutls-devel~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.4~49.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.2~4.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "SuSE Local Security Checks", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"], "immutableFields": [], "cvss2": {}, "cvss3": {}}], "securityvulns": [{"id": "SECURITYVULNS:VULN:9793", "bulletinFamily": "software", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "published": "2009-04-03T00:00:00", "modified": "2009-04-03T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9793", "reporter": " ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:21577", "https://vulners.com/securityvulns/securityvulns:doc:21574", "https://vulners.com/securityvulns/securityvulns:doc:21575", "https://vulners.com/securityvulns/securityvulns:doc:21573", "https://vulners.com/securityvulns/securityvulns:doc:21578", "https://vulners.com/securityvulns/securityvulns:doc:21581", "https://vulners.com/securityvulns/securityvulns:doc:21571", "https://vulners.com/securityvulns/securityvulns:doc:21576", "https://vulners.com/securityvulns/securityvulns:doc:21572"], "cvelist": ["CVE-2009-1171"], "type": "securityvulns", "lastseen": "2021-06-08T18:47:28", "history": [{"bulletin": {"affectedSoftware": [{"name": "File Thingie", "operator": "eq", "version": "2.5"}, {"name": "Moodle", "operator": "eq", "version": "1.8"}, {"name": "moodle", "operator": "eq", "version": "1.9"}, {"name": "Asbru Web Content Management", "operator": "eq", "version": "6.6"}, {"name": "OpenX", "operator": "eq", "version": "2.6"}, {"name": "ConnX", "operator": "eq", "version": "4.0"}, {"name": "Asbru Web Content Management", "operator": "eq", "version": "6.5"}, {"name": "Family Connections", "operator": "eq", "version": "1.8"}, {"name": "OpenX", "operator": "eq", "version": "2.7"}], "bulletinFamily": "software", "cvelist": ["CVE-2009-1171"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "enchantments": {"dependencies": {"modified": "2018-08-31T11:09:32", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:21575", "SECURITYVULNS:DOC:21574", "SECURITYVULNS:DOC:21576", "SECURITYVULNS:DOC:21571", "SECURITYVULNS:DOC:21572", "SECURITYVULNS:DOC:21581", "SECURITYVULNS:DOC:21577", "SECURITYVULNS:DOC:21573", "SECURITYVULNS:DOC:21578"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2018-08-31T11:09:32", "rev": 2, "value": 4.8, "vector": "NONE"}}, "hash": "68e3f737735d1cc340f05a4e1419c64d9c75f98e3ef02b228a6b3bedbcd640a9", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "668f84a5b287855c16f3f35d3c8107fa", "key": "modified"}, {"hash": "c71de4d0becfd832639c1439702d0d67", "key": "title"}, {"hash": "3c236091754d2db00c1c42f811b3ada4", "key": "cvss"}, {"hash": "c61e5d59aa5c4e535b518cca44e00a6f", "key": "description"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "284eed3b1f61c6014a6323bdffd1a197", "key": "cvelist"}, {"hash": "7215ee9c7d9dc229d2921a40e899ec5f", "key": "reporter"}, {"hash": "acb24bfca6f769080a45a29fcd5349c4", "key": "references"}, {"hash": "260a4e961499ce9b7ed9686bdce3292d", "key": "href"}, {"hash": "668f84a5b287855c16f3f35d3c8107fa", "key": "published"}, {"hash": "d54751dd75af2ea0147b462b3e001cd0", "key": "type"}, {"hash": "e04aab5dc30a6778bdbb33b06b8e929d", "key": "affectedSoftware"}], "history": [], "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9793", "id": "SECURITYVULNS:VULN:9793", "immutableFields": [], "lastseen": "2018-08-31T11:09:32", "modified": "2009-04-03T00:00:00", "objectVersion": "1.5", "published": "2009-04-03T00:00:00", "references": ["https://vulners.com/securityvulns/securityvulns:doc:21577", "https://vulners.com/securityvulns/securityvulns:doc:21574", "https://vulners.com/securityvulns/securityvulns:doc:21575", "https://vulners.com/securityvulns/securityvulns:doc:21573", "https://vulners.com/securityvulns/securityvulns:doc:21578", "https://vulners.com/securityvulns/securityvulns:doc:21581", "https://vulners.com/securityvulns/securityvulns:doc:21571", "https://vulners.com/securityvulns/securityvulns:doc:21576", "https://vulners.com/securityvulns/securityvulns:doc:21572"], "reporter": " ", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "viewCount": 6}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2018-08-31T11:09:32"}], "edition": 2, "hashmap": [{"key": "affectedSoftware", "hash": "f20a3904643679cac767dc688d90740d"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "284eed3b1f61c6014a6323bdffd1a197"}, {"key": "cvss", "hash": "3c236091754d2db00c1c42f811b3ada4"}, {"key": "description", "hash": "c61e5d59aa5c4e535b518cca44e00a6f"}, {"key": "href", "hash": "260a4e961499ce9b7ed9686bdce3292d"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "668f84a5b287855c16f3f35d3c8107fa"}, {"key": "published", "hash": "668f84a5b287855c16f3f35d3c8107fa"}, {"key": "references", "hash": "acb24bfca6f769080a45a29fcd5349c4"}, {"key": "reporter", "hash": "7215ee9c7d9dc229d2921a40e899ec5f"}, {"key": "title", "hash": "c71de4d0becfd832639c1439702d0d67"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "d0c87ef84194b3e3654b2ba8b3995f690ef25833acf15c195a2c8fc607ca441f", "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21576", "SECURITYVULNS:DOC:21573", "SECURITYVULNS:DOC:21574", "SECURITYVULNS:DOC:21571", "SECURITYVULNS:DOC:21577", "SECURITYVULNS:DOC:21578", "SECURITYVULNS:DOC:21572", "SECURITYVULNS:DOC:21575", "SECURITYVULNS:DOC:21581"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "UBUNTU_USN-791-2.NASL", "DEBIAN_DSA-1761.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:63727", "OPENVAS:64321", "OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:63726", "OPENVAS:136141256231063726", "OPENVAS:136141256231063734", "OPENVAS:64320"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2021-06-08T18:47:28", "rev": 2}, "score": {"value": 4.8, "vector": "NONE", "modified": "2021-06-08T18:47:28", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [{"name": "family connections", "operator": "eq", "version": "1.8"}, {"name": "moodle", "operator": "eq", "version": "1.9"}, {"name": "openx", "operator": "eq", "version": "2.6"}, {"name": "moodle", "operator": "eq", "version": "1.8"}, {"name": "file thingie", "operator": "eq", "version": "2.5"}, {"name": "connx", "operator": "eq", "version": "4.0"}, {"name": "openx", "operator": "eq", "version": "2.7"}, {"name": "asbru web content management", "operator": "eq", "version": "6.6"}, {"name": "asbru web content management", "operator": "eq", "version": "6.5"}], "immutableFields": [], "scheme": null}], "nessus": [{"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "03aed35744b883020cfd2df45492cc3f", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary files (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2021-01-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/40070", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=490087", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-19T13:07:12", "history": [{"bulletin": {"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "1f720217851adc6612e5971398f3e534a9fb5d846a52e86a3d3623d628d28ca0", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2014-06-13T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=40070", "reporter": "Tenable", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=490087"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2019-01-16T20:09:31", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"modified": "2019-01-16T20:09:31", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40070);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:44:02 $\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-da", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-so"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2019-01-16T20:09:31", "differentElements": ["cvss", "href", "modified", "reporter", "sourceData"], "edition": 1}, {"bulletin": {"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "42c8a31514899cad31c3ffc368489e1a6aeb682409244c8854a2b1bada84f72f", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2019-11-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/40070", "reporter": "This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=490087"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2019-11-03T12:17:24", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2019-11-03T12:17:24", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}]}, "score": {"modified": "2019-11-03T12:17:24", "value": 4.9, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40070);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/25 13:36:34\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-da", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-so"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2019-11-03T12:17:24", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "0fabb78b23a6b8879b8041d299fc334f2780544352b667dbe089988aff1d4dbf", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2020-04-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/40070", "reporter": "This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=490087"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-04-01T02:44:00", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2020-04-01T02:44:00", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-04-01T02:44:00", "rev": 2, "value": 4.9, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40070);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/25 13:36:34\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-da", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-so"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-04-01T02:44:00", "differentElements": ["modified"], "edition": 3}, {"bulletin": {"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "5654c2d80426a69c448e69e1c799aeb8615e99c2970e8fe8d9674fb8ca19f5a6", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2020-12-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/40070", "reporter": "This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=490087"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-12-01T14:20:16", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2020-12-01T14:20:16", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}], "rev": 2}, "score": {"modified": "2020-12-01T14:20:16", "rev": 2, "value": 4.9, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40070);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/25 13:36:34\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-da", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-so"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-12-01T14:20:16", "differentElements": ["modified", "reporter", "sourceData"], "edition": 4}, {"bulletin": {"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "c6211662356ff2d6c7513389694129a7dfea0bc7aba400d8dba095f13bc60726", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2009-07-21T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/40070", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=490087"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-01-17T14:03:34", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2021-01-17T14:03:34", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}], "rev": 2}, "score": {"modified": "2021-01-17T14:03:34", "rev": 2, "value": 4.9, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40070);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-da", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-so"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-01-17T14:03:34", "differentElements": ["cvss2"], "edition": 5}, {"bulletin": {"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "b0e12a08e9343b66f44e0300d8d754c2", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2009-07-21T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/40070", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=490087"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-07-29T04:00:34", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063726", "OPENVAS:66500", "OPENVAS:63726", "OPENVAS:64321", "OPENVAS:64320", "OPENVAS:63734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063734", "OPENVAS:136141256231066500", "OPENVAS:63727"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "FEDORA_2009-3283.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "DEBIAN_DSA-1761.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959", "FEDORA:4424B20894E"]}], "modified": "2021-07-29T04:00:34", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-07-29T04:00:34", "rev": 2}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40070);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-da", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-so"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-29T04:00:34", "differentElements": ["cvss2", "cvss3", "description", "modified", "patchPublicationDate", "references", "solution", "vpr"], "edition": 6}, {"bulletin": {"id": "SUSE_11_0_MOODLE-090417.NASL", "hash": "263107e9321c9cbc7fb178671a723eab", "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : moodle (moodle-803)", "description": "Special command sequences in TeX files allowed users to read arbitrary files (CVE-2009-1171).", "published": "2009-07-21T00:00:00", "modified": "2021-01-14T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/40070", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171", "https://bugzilla.novell.com/show_bug.cgi?id=490087"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-11T14:38:02", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "openvas", "idList": ["OPENVAS:63726", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:64321", "OPENVAS:64320", "OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:63727", "OPENVAS:136141256231063727", "OPENVAS:136141256231063734"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "nessus", "idList": ["FEDORA_2009-3283.NASL", "DEBIAN_DSA-1761.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3280.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "SUSE_MOODLE-6198.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_1_MOODLE-090417.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:4424B20894E", "FEDORA:0C0B6208959"]}], "modified": "2021-08-11T14:38:02", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-08-11T14:38:02", "rev": 2}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40070);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-da", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-so", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "cpe:/o:novell:opensuse:11.0"], "solution": "Update the affected moodle packages.", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.5"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2009-04-17T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-08-11T14:38:02", "differentElements": ["nessusSeverity"], "edition": 7}], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:64320", "OPENVAS:136141256231066500", "OPENVAS:63726", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:136141256231063734", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:136141256231063727"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "nessus", "idList": ["UBUNTU_USN-791-2.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "SUSE_11_1_MOODLE-090417.NASL", "DEBIAN_DSA-1761.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959", "FEDORA:4424B20894E"]}], "modified": "2021-08-19T13:07:12", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-08-19T13:07:12", "rev": 2}}, "objectVersion": "1.6", "pluginID": "40070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update moodle-803.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40070);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1171\");\n\n script_name(english:\"openSUSE Security Update : moodle (moodle-803)\");\n script_summary(english:\"Check for the moodle-803 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Special command sequences in TeX files allowed users to read arbitrary\nfiles (CVE-2009-1171).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490087\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-de_du\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-mi_tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:moodle-zh_cn\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-af-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ar-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-be-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bg-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-bs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ca-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-cs-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-da-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-de_du-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-el-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-es-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-et-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-eu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fa-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-fr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ga-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-gl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-he-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-hu-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-id-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-is-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-it-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ja-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ka-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-km-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-kn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ko-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-lv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-mi_tn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ms-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-nn-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-no-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-pt-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ro-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-ru-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-so-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sq-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-sv-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-th-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tl-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-tr-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-uk-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-vi-1.9.0-24.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"moodle-zh_cn-1.9.0-24.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle / moodle-af / moodle-ar / moodle-be / moodle-bg / moodle-bs / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:moodle", "p-cpe:/a:novell:opensuse:moodle-af", "p-cpe:/a:novell:opensuse:moodle-ar", "p-cpe:/a:novell:opensuse:moodle-be", "p-cpe:/a:novell:opensuse:moodle-bg", "p-cpe:/a:novell:opensuse:moodle-bs", "p-cpe:/a:novell:opensuse:moodle-ca", "p-cpe:/a:novell:opensuse:moodle-cs", "p-cpe:/a:novell:opensuse:moodle-da", "p-cpe:/a:novell:opensuse:moodle-de", "p-cpe:/a:novell:opensuse:moodle-de_du", "p-cpe:/a:novell:opensuse:moodle-el", "p-cpe:/a:novell:opensuse:moodle-es", "p-cpe:/a:novell:opensuse:moodle-et", "p-cpe:/a:novell:opensuse:moodle-eu", "p-cpe:/a:novell:opensuse:moodle-fa", "p-cpe:/a:novell:opensuse:moodle-fi", "p-cpe:/a:novell:opensuse:moodle-fr", "p-cpe:/a:novell:opensuse:moodle-ga", "p-cpe:/a:novell:opensuse:moodle-gl", "p-cpe:/a:novell:opensuse:moodle-he", "p-cpe:/a:novell:opensuse:moodle-hi", "p-cpe:/a:novell:opensuse:moodle-hr", "p-cpe:/a:novell:opensuse:moodle-hu", "p-cpe:/a:novell:opensuse:moodle-id", "p-cpe:/a:novell:opensuse:moodle-is", "p-cpe:/a:novell:opensuse:moodle-it", "p-cpe:/a:novell:opensuse:moodle-ja", "p-cpe:/a:novell:opensuse:moodle-ka", "p-cpe:/a:novell:opensuse:moodle-km", "p-cpe:/a:novell:opensuse:moodle-kn", "p-cpe:/a:novell:opensuse:moodle-ko", "p-cpe:/a:novell:opensuse:moodle-lt", "p-cpe:/a:novell:opensuse:moodle-lv", "p-cpe:/a:novell:opensuse:moodle-mi_tn", "p-cpe:/a:novell:opensuse:moodle-ms", "p-cpe:/a:novell:opensuse:moodle-nl", "p-cpe:/a:novell:opensuse:moodle-nn", "p-cpe:/a:novell:opensuse:moodle-no", "p-cpe:/a:novell:opensuse:moodle-pl", "p-cpe:/a:novell:opensuse:moodle-pt", "p-cpe:/a:novell:opensuse:moodle-ro", "p-cpe:/a:novell:opensuse:moodle-ru", "p-cpe:/a:novell:opensuse:moodle-sk", "p-cpe:/a:novell:opensuse:moodle-sl", "p-cpe:/a:novell:opensuse:moodle-so", "p-cpe:/a:novell:opensuse:moodle-sq", "p-cpe:/a:novell:opensuse:moodle-sr", "p-cpe:/a:novell:opensuse:moodle-sv", "p-cpe:/a:novell:opensuse:moodle-th", "p-cpe:/a:novell:opensuse:moodle-tl", "p-cpe:/a:novell:opensuse:moodle-tr", "p-cpe:/a:novell:opensuse:moodle-uk", "p-cpe:/a:novell:opensuse:moodle-vi", "p-cpe:/a:novell:opensuse:moodle-zh_cn", "cpe:/o:novell:opensuse:11.0"], "solution": "Update the affected moodle packages.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.5"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2009-04-17T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.nessus.NessusBulletin"]}, {"id": "DEBIAN_DSA-1761.NASL", "hash": "50414c4a95b0ba8ca7413d02e0dbf5e0", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn't check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex environment.", "published": "2009-04-06T00:00:00", "modified": "2021-01-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/36084", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171", "https://www.debian.org/security/2009/dsa-1761"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-19T13:08:33", "history": [{"bulletin": {"id": "DEBIAN_DSA-1761.NASL", "hash": "6a7f3a4a7393eb4f586ba4cf4fdb73d686d12d07635e3b2efe0165ddbd1a97a0", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn't check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex environment.", "published": "2009-04-06T00:00:00", "modified": "2015-03-31T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=36084", "reporter": "Tenable", "references": ["http://www.debian.org/security/2009/dsa-1761", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2018-09-01T23:59:16", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36084);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2015/03/31 13:42:11 $\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:5.0"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2018-09-01T23:59:16", "differentElements": ["modified", "references", "sourceData"], "edition": 1}, {"bulletin": {"id": "DEBIAN_DSA-1761.NASL", "hash": "707053566b7c166e6f4317b81ecf687e8e05e861f8ccf41a23aa569869ef9628", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn't check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex environment.", "published": "2009-04-06T00:00:00", "modified": "2018-11-10T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=36084", "reporter": "Tenable", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116", "https://www.debian.org/security/2009/dsa-1761"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2018-11-11T12:59:45", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36084);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:5.0"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2018-11-11T12:59:45", "differentElements": ["cvss", "description", "href", "modified", "reporter", "sourceData"], "edition": 2}, {"bulletin": {"id": "DEBIAN_DSA-1761.NASL", "hash": "299bd94c686518e3cf112f872ba3f9b3417e09477a92252c4f6bfb853384ec8a", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn", "published": "2009-04-06T00:00:00", "modified": "2019-12-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36084", "reporter": "This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116", "https://www.debian.org/security/2009/dsa-1761"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2019-12-13T06:51:05", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2019-12-13T06:51:05", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}]}, "score": {"modified": "2019-12-13T06:51:05", "value": 5.8, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36084);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:21\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:5.0"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2019-12-13T06:51:05", "differentElements": ["modified"], "edition": 3}, {"bulletin": {"id": "DEBIAN_DSA-1761.NASL", "hash": "75b9fa57e8c046dcb8de5c1e5afb1afdd2a80db66c3b1a0a1bcd28b5a233ef3b", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn", "published": "2009-04-06T00:00:00", "modified": "2020-01-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36084", "reporter": "This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116", "https://www.debian.org/security/2009/dsa-1761"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-01-01T06:51:47", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2020-01-01T06:51:47", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}]}, "score": {"modified": "2020-01-01T06:51:47", "value": 5.8, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36084);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:21\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:5.0"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-01-01T06:51:47", "differentElements": ["description", "modified", "reporter", "sourceData"], "edition": 4}, {"bulletin": {"id": "DEBIAN_DSA-1761.NASL", "hash": "ebbff07642d3b1dbf53d76e87cb1d459d656c847516b6a7e70cc03f97a772cea", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.", "published": "2009-04-06T00:00:00", "modified": "2009-04-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36084", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116", "https://www.debian.org/security/2009/dsa-1761"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-01-06T09:45:19", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"modified": "2021-01-06T09:45:19", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}], "rev": 2}, "score": {"modified": "2021-01-06T09:45:19", "rev": 2, "value": 6.1, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36084);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:5.0"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-01-06T09:45:19", "differentElements": ["cvss2"], "edition": 5}, {"bulletin": {"id": "DEBIAN_DSA-1761.NASL", "hash": "74aad6cbe924966871cb3dd70abba47b", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.", "published": "2009-04-06T00:00:00", "modified": "2009-04-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36084", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116", "https://www.debian.org/security/2009/dsa-1761"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-07-28T23:02:28", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063726", "OPENVAS:66500", "OPENVAS:63726", "OPENVAS:64321", "OPENVAS:64320", "OPENVAS:63734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063734", "OPENVAS:136141256231066500", "OPENVAS:63727"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "FEDORA_2009-3283.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "SUSE_11_0_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959", "FEDORA:4424B20894E"]}], "modified": "2021-07-28T23:02:28", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2021-07-28T23:02:28", "rev": 2}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36084);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:5.0"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-28T23:02:28", "differentElements": ["cvss2", "cvss3", "description", "exploitAvailable", "exploitEase", "modified", "patchPublicationDate", "references", "solution", "vpr"], "edition": 6}, {"bulletin": {"id": "DEBIAN_DSA-1761.NASL", "hash": "1dddc4663e1adfdc6e5d767c8df3f6b8", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-1761-1 : moodle - missing input sanitization", "description": "Christian J. Eibl discovered that the TeX filter of Moodle, a web-based course management system, doesn't check user input for certain TeX commands which allows an attacker to include and display the content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex environment.", "published": "2009-04-06T00:00:00", "modified": "2021-01-04T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/36084", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116", "https://www.debian.org/security/2009/dsa-1761", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-11T14:39:50", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "openvas", "idList": ["OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:64321", "OPENVAS:63727", "OPENVAS:136141256231063734", "OPENVAS:63726", "OPENVAS:64320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "nessus", "idList": ["UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "FEDORA_2009-3280.NASL", "SUSE_11_1_MOODLE-090417.NASL", "SUSE_MOODLE-6198.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_0_MOODLE-090417.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:4424B20894E", "FEDORA:0C0B6208959"]}], "modified": "2021-08-11T14:39:50", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2021-08-11T14:39:50", "rev": 2}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36084);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "solution": "Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in version 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in version 1.8.2.dfsg-3+lenny2.", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.5"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2009-04-03T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-08-11T14:39:50", "differentElements": ["nessusSeverity"], "edition": 7}], "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063726", "OPENVAS:63726", "OPENVAS:136141256231066500", "OPENVAS:63727", "OPENVAS:63734", "OPENVAS:66500", "OPENVAS:136141256231063727", "OPENVAS:136141256231063734", "OPENVAS:64321", "OPENVAS:64320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "nessus", "idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "FEDORA_2009-3280.NASL", "SUSE_MOODLE-6198.NASL", "UBUNTU_USN-791-1.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_0_MOODLE-090417.NASL"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2021-08-19T13:08:33", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2021-08-19T13:08:33", "rev": 2}}, "objectVersion": "1.6", "pluginID": "36084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1761. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36084);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"DSA\", value:\"1761\");\n\n script_name(english:\"Debian DSA-1761-1 : moodle - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian J. Eibl discovered that the TeX filter of Moodle, a\nweb-based course management system, doesn't check user input for\ncertain TeX commands which allows an attacker to include and display\nthe content of arbitrary system files.\n\nNote that this doesn't affect installations that only use the mimetex\nenvironment.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1761\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.8.2.dfsg-3+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"moodle\", reference:\"1.6.3-2+etch3\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"moodle\", reference:\"1.8.2.dfsg-3+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["p-cpe:/a:debian:debian_linux:moodle", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0"], "solution": "Upgrade the moodle packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in version 1.6.3-2+etch3.\n\nFor the stable distribution (lenny), this problem has been fixed in version 1.8.2.dfsg-3+lenny2.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.5"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2009-04-03T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.nessus.NessusBulletin"]}, {"id": "UBUNTU_USN-791-2.NASL", "hash": "8e635e7e0b78f0c6827ea519d9f05356", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2021-01-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/39517", "reporter": "Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/791-2/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-19T13:07:35", "history": [{"bulletin": {"id": "UBUNTU_USN-791-2.NASL", "hash": "bc5ee8de783710aa3492eaf09fb25acdeb815ff48744752e712bafd415cedd25", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2018-11-23T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=39517", "reporter": "Tenable", "references": ["https://usn.ubuntu.com/791-2/"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2018-11-24T07:20:10", "history": [], "viewCount": 8, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-791-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39517);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/23 12:49:58\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_xref(name:\"USN\", value:\"791-2\");\n\n script_name(english:\"Ubuntu 9.04 : moodle vulnerability (USN-791-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/791-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.04\", pkgname:\"moodle\", pkgver:\"1.9.4.dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:moodle", "cpe:/o:canonical:ubuntu_linux:9.04"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2018-11-24T07:20:10", "differentElements": ["cvss", "description", "href", "modified", "reporter", "sourceData"], "edition": 1}, {"bulletin": {"id": "UBUNTU_USN-791-2.NASL", "hash": "318218c50919eaa2f95712bac1a6e2e0dd84e685a7a0b784dd8074bf88167f15", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2020-06-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/39517", "reporter": "Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/791-2/"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-06-01T05:01:30", "history": [], "viewCount": 10, "enchantments": {"dependencies": {"modified": "2020-06-01T05:01:30", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-06-01T05:01:30", "rev": 2, "value": 6.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-791-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39517);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:33:02\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_xref(name:\"USN\", value:\"791-2\");\n\n script_name(english:\"Ubuntu 9.04 : moodle vulnerability (USN-791-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/791-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.04\", pkgname:\"moodle\", pkgver:\"1.9.4.dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:moodle", "cpe:/o:canonical:ubuntu_linux:9.04"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-06-01T05:01:30", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "UBUNTU_USN-791-2.NASL", "hash": "4918b6703b9b93e4d93b258b3958c8fe699cf0417d13ca0163eb76eb3281fe74", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2020-08-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/39517", "reporter": "Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/791-2/"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-08-01T05:40:29", "history": [], "viewCount": 10, "enchantments": {"dependencies": {"modified": "2020-08-01T05:40:29", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-08-01T05:40:29", "rev": 2, "value": 6.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-791-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39517);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:33:02\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_xref(name:\"USN\", value:\"791-2\");\n\n script_name(english:\"Ubuntu 9.04 : moodle vulnerability (USN-791-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/791-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.04\", pkgname:\"moodle\", pkgver:\"1.9.4.dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:moodle", "cpe:/o:canonical:ubuntu_linux:9.04"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-08-01T05:40:29", "differentElements": ["modified"], "edition": 3}, {"bulletin": {"id": "UBUNTU_USN-791-2.NASL", "hash": "d68933cee9f3ab53d0f229163d28309ff8e22c1f6ba029bf3082914641a84dde", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2020-09-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/39517", "reporter": "Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/791-2/"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-09-04T06:22:12", "history": [], "viewCount": 10, "enchantments": {"dependencies": {"modified": "2020-09-04T06:22:12", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}], "rev": 2}, "score": {"modified": "2020-09-04T06:22:12", "rev": 2, "value": 6.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-791-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39517);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:33:02\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_xref(name:\"USN\", value:\"791-2\");\n\n script_name(english:\"Ubuntu 9.04 : moodle vulnerability (USN-791-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/791-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.04\", pkgname:\"moodle\", pkgver:\"1.9.4.dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:moodle", "cpe:/o:canonical:ubuntu_linux:9.04"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-09-04T06:22:12", "differentElements": ["cvss2", "modified", "sourceData"], "edition": 4}, {"bulletin": {"id": "UBUNTU_USN-791-2.NASL", "hash": "80367f6a9c7a8fd5489c70a64f86ec2f", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2009-06-25T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/39517", "reporter": "Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/791-2/"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-01-20T15:44:37", "history": [], "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "openvas", "idList": ["OPENVAS:63734", "OPENVAS:64321", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63727", "OPENVAS:136141256231066500", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:63726", "OPENVAS:136141256231063726"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1761.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "FEDORA_2009-3280.NASL", "SUSE_MOODLE-6198.NASL", "SUSE_11_1_MOODLE-090417.NASL", "SUSE_11_0_MOODLE-090417.NASL"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:0C0B6208959", "FEDORA:7E1DF10F85C"]}], "modified": "2021-01-20T15:44:37", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2021-01-20T15:44:37", "rev": 2}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-791-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39517);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_xref(name:\"USN\", value:\"791-2\");\n\n script_name(english:\"Ubuntu 9.04 : moodle vulnerability (USN-791-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/791-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.04\", pkgname:\"moodle\", pkgver:\"1.9.4.dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:moodle", "cpe:/o:canonical:ubuntu_linux:9.04"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-01-20T15:44:37", "differentElements": ["cpe", "cvss2", "naslFamily", "sourceData"], "edition": 5}, {"bulletin": {"id": "UBUNTU_USN-791-2.NASL", "hash": "039d0ac9937d31f451568f9383e6c19d7a62bf1e90fe5eb110944285ba6a09bc", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2009-06-25T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/39517", "reporter": "Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/791-2/"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-01-20T15:44:37", "history": [], "viewCount": 12, "enchantments": {"dependencies": {"modified": "2021-01-20T15:44:37", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "FEDORA_2009-3280.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}], "rev": 2}, "score": {"modified": "2021-01-20T15:44:37", "rev": 2, "value": 6.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "", "naslFamily": "", "cpe": [], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-01-20T15:44:37", "differentElements": ["cpe", "cvss3", "description", "modified", "naslFamily", "patchPublicationDate", "references", "solution", "sourceData", "vpr"], "edition": 6}, {"bulletin": {"id": "UBUNTU_USN-791-2.NASL", "hash": "0e42fe4b666c71eb83b0ddaaae1acae0", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 9.04 : moodle vulnerability (USN-791-2)", "description": "Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-06-25T00:00:00", "modified": "2021-01-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/39517", "reporter": "Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171", "https://usn.ubuntu.com/791-2/"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-11T14:37:46", "history": [], "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:63726", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:64321", "OPENVAS:64320", "OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:63727", "OPENVAS:136141256231063727", "OPENVAS:136141256231063734"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "nessus", "idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "DEBIAN_DSA-1761.NASL", "UBUNTU_USN-791-1.NASL", "FEDORA_2009-3280.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "SUSE_MOODLE-6198.NASL", "SUSE_11_1_MOODLE-090417.NASL"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:4424B20894E", "FEDORA:0C0B6208959"]}], "modified": "2021-08-11T14:37:46", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2021-08-11T14:37:46", "rev": 2}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-791-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39517);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_xref(name:\"USN\", value:\"791-2\");\n\n script_name(english:\"Ubuntu 9.04 : moodle vulnerability (USN-791-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/791-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.04\", pkgname:\"moodle\", pkgver:\"1.9.4.dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:moodle", "cpe:/o:canonical:ubuntu_linux:9.04"], "solution": "Update the affected moodle package.", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.5"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2009-06-24T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-08-11T14:37:46", "differentElements": ["nessusSeverity"], "edition": 7}], "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063726", "OPENVAS:63726", "OPENVAS:136141256231066500", "OPENVAS:63727", "OPENVAS:63734", "OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:136141256231063734", "OPENVAS:64321", "OPENVAS:64320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "nessus", "idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "FEDORA_2009-3280.NASL", "SUSE_MOODLE-6198.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_11_0_MOODLE-090417.NASL"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2021-08-19T13:07:35", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2021-08-19T13:07:35", "rev": 2}}, "objectVersion": "1.6", "pluginID": "39517", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-791-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39517);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_xref(name:\"USN\", value:\"791-2\");\n\n script_name(english:\"Ubuntu 9.04 : moodle vulnerability (USN-791-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Eibl discovered that the TeX filter in Moodle allowed any\nfunction to be used. An authenticated remote attacker could post a\nspecially crafted TeX formula to execute arbitrary TeX functions,\npotentially reading any file accessible to the web server user,\nleading to a loss of privacy. (CVE-2009-1171, MSA-09-0009).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/791-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.04\", pkgname:\"moodle\", pkgver:\"1.9.4.dfsg-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:moodle", "cpe:/o:canonical:ubuntu_linux:9.04"], "solution": "Update the affected moodle package.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.5"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2009-06-24T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.nessus.NessusBulletin"]}, {"id": "FEDORA_2009-3280.NASL", "hash": "40b05be3d3f2b67c5dc61513bec7a1b3", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a '$$' sequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552 http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18 .4.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-04-23T00:00:00", "modified": "2021-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/36905", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?aedaf8ff", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171", "http://www.nessus.org/u?0321ab9a", "http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "https://www.securityfocus.com/bid/34278", "http://www.nessus.org/u?12d97e78"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-19T13:08:19", "history": [{"bulletin": {"id": "FEDORA_2009-3280.NASL", "hash": "992aac6f641c05bd42513df66e0e2ccb47dbaebbefa5784f9ac6e52c6d8f86bc", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a '$$' sequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552 http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18 .4.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-04-23T00:00:00", "modified": "2016-05-20T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=36905", "reporter": "Tenable", "references": ["http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded", "http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://www.nessus.org/u?0321ab9a", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "http://tracker.moodle.org/browse/MDL-18552", "http://www.securityfocus.com/bid/34278"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2016-09-26T17:23:21", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36905);\n script_version (\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/05/20 13:54:17 $\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0321ab9a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tracker.moodle.org/browse/MDL-18552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.securityfocus.com/bid/34278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ff2602f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"moodle-1.9.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": [], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2016-09-26T17:23:21", "differentElements": ["cpe", "modified", "references", "sourceData"], "edition": 1}, {"bulletin": {"id": "FEDORA_2009-3280.NASL", "hash": "447537457d93490b1ba9e0056c49b616cc837c5f8304f35e8542d91b109d9f13", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a '$$' sequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552 http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18 .4.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-04-23T00:00:00", "modified": "2018-12-24T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=36905", "reporter": "Tenable", "references": ["http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://www.nessus.org/u?0321ab9a", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "http://www.nessus.org/u?aedaf8ff", "https://www.securityfocus.com/bid/34278", "http://www.nessus.org/u?12d97e78"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2018-12-25T01:57:21", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36905);\n script_version (\"1.15\");\n script_cvs_date(\"Date: 2018/12/24 10:14:26\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0321ab9a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9\"\n );\n # http://tracker.moodle.org/browse/MDL-18552\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12d97e78\"\n );\n # http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aedaf8ff\"\n );\n # http://www.securityfocus.com/bid/34278\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.securityfocus.com/bid/34278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ff2602f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"moodle-1.9.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:moodle"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2018-12-25T01:57:21", "differentElements": ["cvss", "description", "href", "modified", "reporter", "sourceData"], "edition": 2}, {"bulletin": {"id": "FEDORA_2009-3280.NASL", "hash": "86480ab43fd68307f00de7963b49387c8b323327e94989896e21eda1eef38a74", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a ", "published": "2009-04-23T00:00:00", "modified": "2020-04-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36905", "reporter": "This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://www.nessus.org/u?0321ab9a", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "http://www.nessus.org/u?aedaf8ff", "https://www.securityfocus.com/bid/34278", "http://www.nessus.org/u?12d97e78"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-04-01T07:17:11", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2020-04-01T07:17:11", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-04-01T07:17:11", "rev": 2, "value": 5.5, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36905);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:29\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0321ab9a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9\"\n );\n # http://tracker.moodle.org/browse/MDL-18552\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12d97e78\"\n );\n # http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aedaf8ff\"\n );\n # http://www.securityfocus.com/bid/34278\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.securityfocus.com/bid/34278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ff2602f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"moodle-1.9.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:moodle"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-04-01T07:17:11", "differentElements": ["modified"], "edition": 3}, {"bulletin": {"id": "FEDORA_2009-3280.NASL", "hash": "b861fb390719dcc6475eab31cf538278d56ce66ada774f690800c9c3cf82217c", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a ", "published": "2009-04-23T00:00:00", "modified": "2020-05-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36905", "reporter": "This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://www.nessus.org/u?0321ab9a", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "http://www.nessus.org/u?aedaf8ff", "https://www.securityfocus.com/bid/34278", "http://www.nessus.org/u?12d97e78"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2020-05-03T02:16:13", "history": [], "viewCount": 5, "enchantments": {"dependencies": {"modified": "2020-05-03T02:16:13", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:136141256231063891", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-05-03T02:16:13", "rev": 2, "value": 5.5, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36905);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:29\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0321ab9a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9\"\n );\n # http://tracker.moodle.org/browse/MDL-18552\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12d97e78\"\n );\n # http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aedaf8ff\"\n );\n # http://www.securityfocus.com/bid/34278\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.securityfocus.com/bid/34278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ff2602f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"moodle-1.9.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:moodle"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-05-03T02:16:13", "differentElements": ["description", "modified", "reporter", "sourceData"], "edition": 4}, {"bulletin": {"id": "FEDORA_2009-3280.NASL", "hash": "227853507cea8ca945ee4f2c7bda47bad43120b75ac0c52fbb34276f90f938bd", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2009-04-23T00:00:00", "modified": "2009-04-23T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36905", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://www.nessus.org/u?0321ab9a", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "http://www.nessus.org/u?aedaf8ff", "https://www.securityfocus.com/bid/34278", "http://www.nessus.org/u?12d97e78"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-01-12T10:07:12", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"modified": "2021-01-12T10:07:12", "references": [{"idList": ["EDB-ID:8297"], "type": "exploitdb"}, {"idList": ["CVE-2009-1171"], "type": "cve"}, {"idList": ["USN-791-2", "USN-791-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:136141256231066500", "OPENVAS:136141256231063734", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:64321", "OPENVAS:66500", "OPENVAS:64320", "OPENVAS:136141256231063726", "OPENVAS:63727", "OPENVAS:63726"], "type": "openvas"}, {"idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"], "type": "securityvulns"}, {"idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"], "type": "fedora"}, {"idList": ["DEBIAN:DSA-1761-1:ACA60"], "type": "debian"}, {"idList": ["FEDORA_2009-3283.NASL", "SUSE_11_0_MOODLE-090417.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "UBUNTU_USN-791-1.NASL", "SUSE_MOODLE-6198.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"], "type": "nessus"}, {"idList": ["UB:CVE-2009-1171"], "type": "ubuntucve"}], "rev": 2}, "score": {"modified": "2021-01-12T10:07:12", "rev": 2, "value": 5.8, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36905);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0321ab9a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9\"\n );\n # http://tracker.moodle.org/browse/MDL-18552\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12d97e78\"\n );\n # http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aedaf8ff\"\n );\n # http://www.securityfocus.com/bid/34278\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.securityfocus.com/bid/34278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ff2602f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"moodle-1.9.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:moodle"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-01-12T10:07:12", "differentElements": ["cvss2"], "edition": 5}, {"bulletin": {"id": "FEDORA_2009-3280.NASL", "hash": "cb1da4722153b86a618fbfe57079c37e", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2009-04-23T00:00:00", "modified": "2009-04-23T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/36905", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://www.nessus.org/u?0321ab9a", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "http://www.nessus.org/u?aedaf8ff", "https://www.securityfocus.com/bid/34278", "http://www.nessus.org/u?12d97e78"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-07-28T23:26:05", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063726", "OPENVAS:63726", "OPENVAS:64321", "OPENVAS:64320", "OPENVAS:136141256231063727", "OPENVAS:63734", "OPENVAS:66500", "OPENVAS:136141256231063734", "OPENVAS:136141256231066500", "OPENVAS:63727"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21571", "SECURITYVULNS:VULN:9793"]}, {"type": "nessus", "idList": ["SUSE_MOODLE-6198.NASL", "FEDORA_2009-3283.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "SUSE_11_0_MOODLE-090417.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_1_MOODLE-090417.NASL", "UBUNTU_USN-791-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959", "FEDORA:4424B20894E"]}], "modified": "2021-07-28T23:26:05", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-07-28T23:26:05", "rev": 2}}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36905);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0321ab9a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9\"\n );\n # http://tracker.moodle.org/browse/MDL-18552\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12d97e78\"\n );\n # http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aedaf8ff\"\n );\n # http://www.securityfocus.com/bid/34278\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.securityfocus.com/bid/34278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ff2602f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"moodle-1.9.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:moodle"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-28T23:26:05", "differentElements": ["cvss2", "cvss3", "description", "exploitAvailable", "exploitEase", "modified", "patchPublicationDate", "references", "solution", "vpr"], "edition": 6}, {"bulletin": {"id": "FEDORA_2009-3280.NASL", "hash": "2c90c22307af1821f7928cd38ddf4633", "type": "nessus", "bulletinFamily": "scanner", "title": "Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)", "description": "CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a '$$' sequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552 http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18 .4.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2009-04-23T00:00:00", "modified": "2021-01-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/36905", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?12d97e78", "http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1171", "https://www.securityfocus.com/bid/34278", "http://www.nessus.org/u?aedaf8ff", "http://git.catalyst.net.nz/gw?p=", "http://www.nessus.org/u?5ff2602f", "http://www.nessus.org/u?0321ab9a"], "cvelist": ["CVE-2009-1171"], "immutableFields": [], "lastseen": "2021-08-11T14:38:46", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:63734", "OPENVAS:136141256231066500", "OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:136141256231063726", "OPENVAS:64321", "OPENVAS:63727", "OPENVAS:136141256231063734", "OPENVAS:63726", "OPENVAS:64320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "nessus", "idList": ["UBUNTU_USN-791-1.NASL", "FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "SUSE_MOODLE-6198.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_0_MOODLE-090417.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL"]}, {"type": "ubuntu", "idList": ["USN-791-1", "USN-791-2"]}, {"type": "fedora", "idList": ["FEDORA:7E1DF10F85C", "FEDORA:4424B20894E", "FEDORA:0C0B6208959"]}], "modified": "2021-08-11T14:38:46", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-08-11T14:38:46", "rev": 2}}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36905);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before\n1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted\nattackers to read arbitrary files via an input command in a '$$'\nsequence, which causes LaTeX to include the contents of the file.\nUpstream bug and CVS commit:\nhttp://tracker.moodle.org/browse/MDL-18552\nhttp://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18\n.4.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://cvs.moodle.org/moodle/filter/tex/filter.php?r1=1.18.4.4&r2=1.18.4.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0321ab9a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://git.catalyst.net.nz/gw?p=moodle-r2.git;a=commitdiff;h=cc9\"\n );\n # http://tracker.moodle.org/browse/MDL-18552\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12d97e78\"\n );\n # http://www.securityfocus.com/archive/1/archive/1/502231/100/0/threaded\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aedaf8ff\"\n );\n # http://www.securityfocus.com/bid/34278\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.securityfocus.com/bid/34278\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ff2602f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected moodle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:moodle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"moodle-1.9.4-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"moodle\");\n}\n", "naslFamily": "Fedora Local Security Checks", "cpe": ["p-cpe:/a:fedoraproject:fedora:moodle", "cpe:/o:fedoraproject:fedora:10"], "solution": "Update the affected moodle package.", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.5"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2009-04-02T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-08-11T14:38:46", "differentElements": ["nessusSeverity"], "edition": 7}], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2009-1171"]}, {"type": "cve", "idList": ["CVE-2009-1171"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1761-1:ACA60"]}, {"type": "exploitdb", "idList": ["EDB-ID:8297"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063726", "OPENVAS:63726", "OPENVAS:136141256231066500", "OPENVAS:63727", "OPENVAS:63734", "OPENVAS:136141256231063727", "OPENVAS:66500", "OPENVAS:136141256231063734", "OPENVAS:64321", "OPENVAS:64320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9793", "SECURITYVULNS:DOC:21571"]}, {"type": "ubuntu", "idList": ["USN-791-2", "USN-791-1"]}, {"type": "nessus", "idList": ["FEDORA_2009-3283.NASL", "SUSE_11_1_MOODLE-090417.NASL", "DEBIAN_DSA-1761.NASL", "MOODLE_LATEX_INFO_DISCLOSURE.NASL", "SUSE_MOODLE-6198.NASL", "UBUNTU_USN-791-1.NASL", "UBUNTU_USN-791-2.NASL", "SUSE_11_0_MOODLE-090417.NASL"]}, {"type": "fedora", "idList": ["FEDORA:4424B20894E", "FEDORA:7E1DF10F85C", "FEDORA:0C0B6208959"]}], "modified": "2021-08-19T13:08:19", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-08-19T13:08:19", "rev": 2}}, "objectVersion": "1.6", "pluginID": "36905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3280.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36905);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1171\");\n script_bugtraq_id(34278);\n script_xref(name:\"EDB-ID\", value:\"8297\");\n script_xref(name:\"FEDORA\", value:\"2009-3280\");\n\n script_name(english:\"Fedora 10 : moodle-1.9.4-6.fc10 (2009-3280)\");\n script_summary(english:\"C