ID SSA-2009-176-01Type slackwareReporter Slackware Linux ProjectModified 2009-06-25T00:39:12
Description
New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2,
and -current to fix security issues.
More details about the issues may be found on the Mozilla web site:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
Here are the details from the Slackware 12.2 ChangeLog:
patches/packages/seamonkey-1.1.17-i486-1_slack12.2.tgz:
Upgraded to seamonkey-1.1.17.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
( Security fix )
Where to find the new packages:
HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/seamonkey-1.1.17-i486-1_slack11.0.tgz
Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/seamonkey-1.1.17-i486-1_slack12.0.tgz
Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/seamonkey-1.1.17-i486-1_slack12.1.tgz
Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/seamonkey-1.1.17-i486-1_slack12.2.tgz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/seamonkey-1.1.17-i486-1.txz
Updated package for Slackware64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/seamonkey-1.1.17-x86_64-1.txz
MD5 signatures:
Slackware 11.0 package:
3c3603ec2f49c3cfd82f9176ccd12528 seamonkey-1.1.17-i486-1_slack11.0.tgz
Slackware 12.0 package:
8e366bce9ab46e911ab7b8aff814e720 seamonkey-1.1.17-i486-1_slack12.0.tgz
Slackware 12.1 package:
4581a26c229d02be22396e6709de4c5f seamonkey-1.1.17-i486-1_slack12.1.tgz
Slackware 12.2 package:
7a6b60712052c6625701a5fe2feab34b seamonkey-1.1.17-i486-1_slack12.2.tgz
Slackware -current package:
406956f98bfd869038b079c75431ce94 seamonkey-1.1.17-i486-1.txz
Slackware64 -current package:
f73f2ade76b47fb5403278fa744a1940 seamonkey-1.1.17-x86_64-1.txz
Installation instructions:
Upgrade the packages as root:
> upgradepkg seamonkey-1.1.17-i486-1_slack12.2.tgz
{"href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408", "history": [], "bulletinFamily": "unix", "modified": "2009-06-25T00:39:12", "affectedPackage": [{"OS": "Slackware", "packageVersion": "1.1.17", "arch": "i486", "OSVersion": "11.0", "packageName": "seamonkey", "packageFilename": "seamonkey-1.1.17-i486-1_slack11.0.tgz", "operator": "lt"}, {"OS": "Slackware", "packageVersion": "1.1.17", "arch": "i486", "OSVersion": "12.1", "packageName": "seamonkey", "packageFilename": "seamonkey-1.1.17-i486-1_slack12.1.tgz", "operator": "lt"}, {"OS": "Slackware", "packageVersion": "1.1.17", "arch": "i486", "OSVersion": "12.2", "packageName": "seamonkey", "packageFilename": "seamonkey-1.1.17-i486-1_slack12.2.tgz", "operator": "lt"}, {"OS": "Slackware", "packageVersion": "1.1.17", "arch": "i486", "OSVersion": "12.0", "packageName": "seamonkey", "packageFilename": "seamonkey-1.1.17-i486-1_slack12.0.tgz", "operator": "lt"}], "title": "seamonkey", "cvss": {"vector": "NONE", "score": 0.0}, "cvelist": [], "description": "New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2,\nand -current to fix security issues.\n\nMore details about the issues may be found on the Mozilla web site:\n\n http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/seamonkey-1.1.17-i486-1_slack12.2.tgz:\n Upgraded to seamonkey-1.1.17.\n This release fixes some more security vulnerabilities.\n For more information, see:\n http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/seamonkey-1.1.17-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/seamonkey-1.1.17-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/seamonkey-1.1.17-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/seamonkey-1.1.17-i486-1_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/seamonkey-1.1.17-i486-1.txz\n\nUpdated package for Slackware64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/seamonkey-1.1.17-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 package:\n3c3603ec2f49c3cfd82f9176ccd12528 seamonkey-1.1.17-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n8e366bce9ab46e911ab7b8aff814e720 seamonkey-1.1.17-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n4581a26c229d02be22396e6709de4c5f seamonkey-1.1.17-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n7a6b60712052c6625701a5fe2feab34b seamonkey-1.1.17-i486-1_slack12.2.tgz\n\nSlackware -current package:\n406956f98bfd869038b079c75431ce94 seamonkey-1.1.17-i486-1.txz\n\nSlackware64 -current package:\nf73f2ade76b47fb5403278fa744a1940 seamonkey-1.1.17-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg seamonkey-1.1.17-i486-1_slack12.2.tgz", "viewCount": 0, "published": "2009-06-25T00:39:12", "edition": 1, "hash": "718fa22e3d1563c791425318f18db0fbf16f96d6a7daa81c1b708531d89bc005", "hashmap": [{"key": "affectedPackage", "hash": "d6954fe6c740d03ab30d42260172d6b3"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "a1ce659fcd42a911f5baa504585165d1"}, {"key": "href", "hash": "8ca3a66aefe37f86e430c39a51bf3d83"}, {"key": "modified", "hash": "72b758e0ebaa859416eb6cbc49dfece7"}, {"key": "published", "hash": "72b758e0ebaa859416eb6cbc49dfece7"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "b92983577b37b1af8509c28b0ddb1402"}, {"key": "title", "hash": "e9cbd7b6aa5b334bece2285a883e9d77"}, {"key": "type", "hash": "30df82153674b65cd46e9942abd854dc"}], "id": "SSA-2009-176-01", "type": "slackware", "lastseen": "2018-02-02T18:11:28", "reporter": "Slackware Linux Project", "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "references": []}
{"openvas": [{"lastseen": "2018-09-01T23:59:57", "references": [], "pluginID": "136141256231064317", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-176-01.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2009-176-01 seamonkey", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1833", "CVE-2009-2210", "CVE-2009-1835", "CVE-2009-1311", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-1392", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1307"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064317", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064317", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_176_01.nasl 9352 2018-04-06 07:13:02Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2,\nand -current to fix security issues.\n\nMore details about the issues may be found on the Mozilla web site:\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-176-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-176-01\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64317\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_version(\"$Revision: 9352 $\");\n script_cve_id(\"CVE-2009-1307\", \"CVE-2009-1311\", \"CVE-2009-1392\", \"CVE-2009-1832\",\n \"CVE-2009-1833\", \"CVE-2009-1835\", \"CVE-2009-1836\", \"CVE-2009-1838\",\n \"CVE-2009-1841\", \"CVE-2009-2210\");\n script_bugtraq_id(34656, 35370, 35326, 35371, 35391, 35380, 35461);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n name = \"Slackware Advisory SSA:2009-176-01 seamonkey \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:34", "references": [], "pluginID": "68170", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-176-01.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Slackware Advisory SSA:2010-176-01 bind ", "type": "openvas", "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0097", "CVE-2009-4022"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=68170", "id": "OPENVAS:68170", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_176_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when\nDNSSEC is enabled (which is not the default setting).\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2010-176-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-176-01\";\n \nif(description)\n{\n script_id(68170);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2010-176-01 bind \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:58", "references": [], "pluginID": "64317", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-176-01.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Slackware Advisory SSA:2009-176-01 seamonkey", "type": "openvas", "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1833", "CVE-2009-2210", "CVE-2009-1835", "CVE-2009-1311", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-1392", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1307"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64317", "id": "OPENVAS:64317", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_176_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2,\nand -current to fix security issues.\n\nMore details about the issues may be found on the Mozilla web site:\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-176-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-176-01\";\n \nif(description)\n{\n script_id(64317);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_version(\"$Revision: 6598 $\");\n script_cve_id(\"CVE-2009-1307\", \"CVE-2009-1311\", \"CVE-2009-1392\", \"CVE-2009-1832\",\n \"CVE-2009-1833\", \"CVE-2009-1835\", \"CVE-2009-1836\", \"CVE-2009-1838\",\n \"CVE-2009-1841\", \"CVE-2009-2210\");\n script_bugtraq_id(34656, 35370, 35326, 35371, 35391, 35380, 35461);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n name = \"Slackware Advisory SSA:2009-176-01 seamonkey \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"seamonkey\", ver:\"1.1.17-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:01:30", "references": [], "pluginID": "136141256231068170", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-176-01.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2010-176-01 bind ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0097", "CVE-2009-4022"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231068170", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068170", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_176_01.nasl 9352 2018-04-06 07:13:02Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when\nDNSSEC is enabled (which is not the default setting).\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2010-176-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-176-01\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68170\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 9352 $\");\n script_name(\"Slackware Advisory SSA:2010-176-01 bind \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i386-1_slack8.1\", rls:\"SLK8.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"bind\", ver:\"9.4.3_P5-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2018-09-02T00:07:07", "references": ["http://www.nessus.org/u?fc243b28"], "pluginID": "54879", "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when DNSSEC is enabled (which is not the default setting).", "edition": 5, "reporter": "Tenable", "published": "2011-05-28T00:00:00", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2010-176-01)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-0097", "CVE-2009-4022"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:8.1", "cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "p-cpe:/a:slackware:slackware_linux:bind", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:13.1"], "id": "SLACKWARE_SSA_2010-176-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=54879", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2010-176-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(54879);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-4022\", \"CVE-2010-0097\");\n script_bugtraq_id(37118, 37865);\n script_xref(name:\"SSA\", value:\"2010-176-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2010-176-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix\nsecurity issues when DNSSEC is enabled (which is not the default\nsetting).\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.610821\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fc243b28\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"8.1\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i386\", pkgnum:\"1_slack8.1\")) flag++;\n\nif (slackware_check(osver:\"9.0\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i386\", pkgnum:\"1_slack9.0\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.4.3_P5\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"bind\", pkgver:\"9.7.1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"bind\", pkgver:\"9.7.1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-09-02T00:07:31", "references": ["http://www.nessus.org/u?9879eafe", "http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html"], "pluginID": "39522", "description": "New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues.", "edition": 6, "reporter": "Tenable", "published": "2009-06-26T00:00:00", "title": "Slackware 11.0 / 12.0 / 12.1 / 12.2 / current : seamonkey (SSA:2009-176-01)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1833", "CVE-2009-2210", "CVE-2009-1835", "CVE-2009-1311", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-1392", "CVE-2009-1836", "CVE-2009-1841", "CVE-2009-1307"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "p-cpe:/a:slackware:slackware_linux:seamonkey", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.1"], "id": "SLACKWARE_SSA_2009-176-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39522", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-176-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39522);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-1307\", \"CVE-2009-1311\", \"CVE-2009-1392\", \"CVE-2009-1832\", \"CVE-2009-1833\", \"CVE-2009-1835\", \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\", \"CVE-2009-2210\");\n script_bugtraq_id(35370, 35371, 35372, 35373, 35380, 35383, 35391, 35461);\n script_xref(name:\"SSA\", value:\"2009-176-01\");\n\n script_name(english:\"Slackware 11.0 / 12.0 / 12.1 / 12.2 / current : seamonkey (SSA:2009-176-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New seamonkey packages are available for Slackware 11.0, 12.0, 12.1,\n12.2, and -current to fix security issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9879eafe\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 94, 200, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"11.0\", pkgname:\"seamonkey\", pkgver:\"1.1.17\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"seamonkey\", pkgver:\"1.1.17\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"seamonkey\", pkgver:\"1.1.17\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"seamonkey\", pkgver:\"1.1.17\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"seamonkey\", pkgver:\"1.1.17\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"seamonkey\", pkgver:\"1.1.17\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2018-08-31T00:36:53", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "10.0", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack10.0.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack13.0.txz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.2", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack10.2.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "11.0", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack11.0.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.1", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack13.1.txz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.1", "packageVersion": "9.4.3_P5", "arch": "x86_64", "packageFilename": "bind-9.4.3_P5-x86_64-1_slack13.1.txz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.2", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack12.2.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.1", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack12.1.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "9.0", "packageVersion": "9.4.3_P5", "arch": "i386", "packageFilename": "bind-9.4.3_P5-i386-1_slack9.0.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "9.4.3_P5", "arch": "x86_64", "packageFilename": "bind-9.4.3_P5-x86_64-1_slack13.0.txz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.0", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack12.0.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "9.1", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack9.1.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.1", "packageVersion": "9.4.3_P5", "arch": "i486", "packageFilename": "bind-9.4.3_P5-i486-1_slack10.1.tgz", "packageName": "bind", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "8.1", "packageVersion": "9.4.3_P5", "arch": "i386", "packageFilename": "bind-9.4.3_P5-i386-1_slack8.1.tgz", "packageName": "bind", "operator": "lt"}], "description": "New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when\nDNSSEC is enabled (which is not the default setting).\n\n\nHere are the details from the Slackware 13.1 ChangeLog:\n\npatches/packages/bind-9.4.3_P5-i486-1_slack13.1.txz: Upgraded.\n This fixes possible DNS cache poisoning attacks when DNSSEC is enabled\n and checking is disabled (CD).\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4.3_P5-i386-1_slack8.1.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4.3_P5-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4.3_P5-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4.3_P5-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4.3_P5-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4.3_P5-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4.3_P5-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4.3_P5-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4.3_P5-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4.3_P5-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4.3_P5-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4.3_P5-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4.3_P5-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4.3_P5-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.1-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\nc78e8a6cde34015681063a3d1c40c6c1 bind-9.4.3_P5-i386-1_slack8.1.tgz\n\nSlackware 9.0 package:\n9fcb18dfc779ecc7f6d69171e398c620 bind-9.4.3_P5-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\n3eb9a4b1973b6a3a2f779a3038269a31 bind-9.4.3_P5-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n7e11d017c1962f8ef92cfb1e9f39139b bind-9.4.3_P5-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\n4dddfb400d6d928e41c7aa4bf7339547 bind-9.4.3_P5-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\nfe87668c84020ebf28b46910df71bb07 bind-9.4.3_P5-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\n639efc6a35ccee727f0177089d241857 bind-9.4.3_P5-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n195c3bd1898d5118fe5cedfe6131e83b bind-9.4.3_P5-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n95fc95a77a99df46d35a578e069a965b bind-9.4.3_P5-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\naa8bdaedd7b7f6f36ff22be779182ff9 bind-9.4.3_P5-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n8d7ed3c0ae07a33aea7f506b25bec015 bind-9.4.3_P5-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nbb1f6aa2682743173135776e1ff0fadd bind-9.4.3_P5-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\nc619cc02e89ba23a62dfb7726105e40e bind-9.4.3_P5-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ncb61186275370d1eddc62024725f5d05 bind-9.4.3_P5-x86_64-1_slack13.1.txz\n\nSlackware -current package:\n011ae9faeb16bf6e37ed9c8cbf8bb718 n/bind-9.7.1-i486-1.txz\n\nSlackware x86_64 -current package:\ne2d2e29b620581c725e68e75af7ba759 n/bind-9.7.1-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.4.3_P5-i486-1_slack13.1.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "edition": 3, "reporter": "Slackware Linux Project", "published": "2010-06-25T11:32:41", "title": "bind", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0097", "CVE-2009-4022"], "modified": "2010-06-25T11:32:41", "id": "SSA-2010-176-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.610821", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}
