DATABASE RESOURCES PRICING ABOUT US

{"id": "USN-694-1", "vendorId": null, "type": "ubuntu", "bulletinFamily": "unix", "title": "libvirt vulnerability", "description": "## Releases\n\n * Ubuntu 8.10 \n * Ubuntu 8.04 \n * Ubuntu 7.10 \n\n## Packages\n\n * libvirt \\- \n\nIt was discovered that libvirt did not mark certain operations as read-only. A \nlocal attacker may be able to perform privileged actions such as migrating \nvirtual machines, adjusting autostart flags, or accessing privileged data in \nthe virtual machine memory and disks.\n", "published": "2008-12-18T00:00:00", "modified": "2008-12-18T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://ubuntu.com/security/notices/USN-694-1", "reporter": "Ubuntu", "references": ["/security/CVE-2008-5086"], "cvelist": ["CVE-2008-5086"], "immutableFields": [], "lastseen": "2023-01-26T13:42:40", "viewCount": 22, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-5086", "CVE-2011-1146"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2008-5086", "DEBIANCVE:CVE-2011-1146"]}, {"type": "fedora", "idList": ["FEDORA:04D03208605", "FEDORA:F1FF0208DA6"]}, {"type": "nessus", "idList": ["FEDORA_2008-11433.NASL", "FEDORA_2008-11443.NASL", "ORACLELINUX_ELSA-2009-0382.NASL", "REDHAT-RHSA-2009-0382.NASL", "SL_20090319_LIBVIRT_ON_SL5_X.NASL", "SUSE_11_0_LIBVIRT-081218.NASL", "SUSE_11_1_LIBVIRT-081218.NASL", "SUSE_LIBVIRT-5869.NASL", "SUSE_LIBVIRT-5874.NASL", "UBUNTU_USN-694-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122509", "OPENVAS:136141256231063412", "OPENVAS:136141256231063586", "OPENVAS:136141256231065912", "OPENVAS:63412", "OPENVAS:63586", "OPENVAS:65912", "OPENVAS:840249", "OPENVAS:860641", "OPENVAS:860711"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0382"]}, {"type": "redhat", "idList": ["RHSA-2009:0382"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21058", "SECURITYVULNS:VULN:9530"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-5086", "UB:CVE-2011-1146"]}, {"type": "veracode", "idList": ["VERACODE:23568"]}]}, "score": {"value": 4.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2008-5086"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2008-5086"]}, {"type": "fedora", "idList": ["FEDORA:04D03208605"]}, {"type": "nessus", "idList": ["FEDORA_2008-11443.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:63586", "OPENVAS:840249"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0382"]}, {"type": "redhat", "idList": ["RHSA-2009:0382"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21058"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-5086"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-5086", "epss": "0.000440000", "percentile": "0.082350000", "modified": "2023-03-14"}], "vulnersScore": 4.3}, "_state": {"dependencies": 1674740613, "score": 1674740901, "epss": 1678856911}, "_internal": {"score_hash": "4e1d80fb17e9eb94ce9e26aa461d44c3"}, "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.10", "arch": "noarch", "packageVersion": "0.4.4-3ubuntu3.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "libvirt0"}, {"OS": "Ubuntu", "OSVersion": "8.04", "arch": "noarch", "packageVersion": "0.4.0-2ubuntu8.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "libvirt0"}, {"OS": "Ubuntu", "OSVersion": "7.10", "arch": "noarch", "packageVersion": "0.3.0-0ubuntu2.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "libvirt0"}]}

{"debiancve": [{"lastseen": "2023-03-09T06:07:48", "description": "Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions.", "cvss3": {}, "published": "2008-12-19T17:30:00", "type": "debiancve", "title": "CVE-2008-5086", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2008-12-19T17:30:00", "id": "DEBIANCVE:CVE-2008-5086", "href": "https://security-tracker.debian.org/tracker/CVE-2008-5086", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-09T06:07:48", "description": "libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.", "cvss3": {}, "published": "2011-03-15T17:55:00", "type": "debiancve", "title": "CVE-2011-1146", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086", "CVE-2011-1146"], "modified": "2011-03-15T17:55:00", "id": "DEBIANCVE:CVE-2011-1146", "href": "https://security-tracker.debian.org/tracker/CVE-2011-1146", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). ", "cvss3": {}, "published": "2008-12-21T08:18:01", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: libvirt-0.5.1-2.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2008-12-21T08:18:01", "id": "FEDORA:04D03208605", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CN7TYLEWWUF5Z7KWFA2PMX5G6LF3H3E5/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). ", "cvss3": {}, "published": "2008-12-21T08:30:41", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: libvirt-0.5.1-2.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2008-12-21T08:30:41", "id": "FEDORA:F1FF0208DA6", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T5NQO4XGVKEGXDHUWKFSOTOIYQNYCP4N/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2023-02-15T16:36:44", "description": "Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a\nconnection is read-only, which allows local users to bypass intended access\nrestrictions and perform administrative actions.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=509106>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | should also be fixed in 0.5.1-4 in Debian experimental\n", "cvss3": {}, "published": "2008-12-19T00:00:00", "type": "ubuntucve", "title": "CVE-2008-5086", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2008-12-19T00:00:00", "id": "UB:CVE-2008-5086", "href": "https://ubuntu.com/security/CVE-2008-5086", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-15T16:20:14", "description": "libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict\noperations in a read-only connection, which allows remote attackers to\ncause a denial of service (host OS crash) or possibly execute arbitrary\ncode via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3)\nvirDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5)\nvirNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different\nvulnerability than CVE-2008-5086.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=683650>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | code not present in 8.04 LTS\n", "cvss3": {}, "published": "2011-03-15T00:00:00", "type": "ubuntucve", "title": "CVE-2011-1146", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086", "CVE-2011-1146"], "modified": "2011-03-15T00:00:00", "id": "UB:CVE-2011-1146", "href": "https://ubuntu.com/security/CVE-2011-1146", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T15:06:40", "description": "libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate virtual machines without authentication (CVE-2008-5086).", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libvirt (libvirt-373)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-python", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_LIBVIRT-081218.NASL", "href": "https://www.tenable.com/plugins/nessus/40051", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libvirt-373.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40051);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5086\");\n\n script_name(english:\"openSUSE Security Update : libvirt (libvirt-373)\");\n script_summary(english:\"Check for the libvirt-373 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate\nvirtual machines without authentication (CVE-2008-5086).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459009\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libvirt-0.4.0-59.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libvirt-devel-0.4.0-59.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libvirt-python-0.4.0-59.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-devel / libvirt-python\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:10:12", "description": "libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate virtual machines without authentication. (CVE-2008-5086)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : libvirt (ZYPP Patch Number 5869)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_LIBVIRT-5869.NASL", "href": "https://www.tenable.com/plugins/nessus/41554", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41554);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5086\");\n\n script_name(english:\"SuSE 10 Security Update : libvirt (ZYPP Patch Number 5869)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate\nvirtual machines without authentication. (CVE-2008-5086)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5086.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5869.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libvirt-0.3.3-18.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libvirt-python-0.3.3-18.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libvirt-0.3.3-18.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libvirt-devel-0.3.3-18.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libvirt-python-0.3.3-18.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:51", "description": "fix missing read-only access checks, fixes CVE-2008-5086 - upstream release 0.5.1 - mostly bugfixes e.g #473071 - some driver improvements\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-12-21T00:00:00", "type": "nessus", "title": "Fedora 9 : libvirt-0.5.1-2.fc9 (2008-11433)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libvirt", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-11433.NASL", "href": "https://www.tenable.com/plugins/nessus/35228", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11433.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35228);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5086\");\n script_xref(name:\"FEDORA\", value:\"2008-11433\");\n\n script_name(english:\"Fedora 9 : libvirt-0.5.1-2.fc9 (2008-11433)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fix missing read-only access checks, fixes CVE-2008-5086 - upstream\nrelease 0.5.1 - mostly bugfixes e.g #473071 - some driver improvements\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=476560\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/017848.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36e6d742\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"libvirt-0.5.1-2.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:54:14", "description": "It was discovered that libvirt did not mark certain operations as read-only. A local attacker may be able to perform privileged actions such as migrating virtual machines, adjusting autostart flags, or accessing privileged data in the virtual machine memory and disks.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 7.10 / 8.04 LTS / 8.10 : libvirt vulnerability (USN-694-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libvirt-bin", "p-cpe:/a:canonical:ubuntu_linux:libvirt-dev", "p-cpe:/a:canonical:ubuntu_linux:libvirt-doc", "p-cpe:/a:canonical:ubuntu_linux:libvirt0", "p-cpe:/a:canonical:ubuntu_linux:libvirt0-dbg", "p-cpe:/a:canonical:ubuntu_linux:python-libvirt", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-694-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37984", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-694-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37984);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-5086\");\n script_xref(name:\"USN\", value:\"694-1\");\n\n script_name(english:\"Ubuntu 7.10 / 8.04 LTS / 8.10 : libvirt vulnerability (USN-694-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libvirt did not mark certain operations as\nread-only. A local attacker may be able to perform privileged actions\nsuch as migrating virtual machines, adjusting autostart flags, or\naccessing privileged data in the virtual machine memory and disks.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/694-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt0-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libvirt-bin\", pkgver:\"0.3.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libvirt-dev\", pkgver:\"0.3.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"libvirt0\", pkgver:\"0.3.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"python-libvirt\", pkgver:\"0.3.0-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libvirt-bin\", pkgver:\"0.4.0-2ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libvirt-dev\", pkgver:\"0.4.0-2ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libvirt-doc\", pkgver:\"0.4.0-2ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libvirt0\", pkgver:\"0.4.0-2ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libvirt0-dbg\", pkgver:\"0.4.0-2ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python-libvirt\", pkgver:\"0.4.0-2ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libvirt-bin\", pkgver:\"0.4.4-3ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libvirt-dev\", pkgver:\"0.4.4-3ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libvirt-doc\", pkgver:\"0.4.4-3ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libvirt0\", pkgver:\"0.4.4-3ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libvirt0-dbg\", pkgver:\"0.4.4-3ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python-libvirt\", pkgver:\"0.4.4-3ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt-bin / libvirt-dev / libvirt-doc / libvirt0 / libvirt0-dbg / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:04:08", "description": "libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate virtual machines without authentication (CVE-2008-5086).", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libvirt (libvirt-373)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-python", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_LIBVIRT-081218.NASL", "href": "https://www.tenable.com/plugins/nessus/40272", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libvirt-373.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40272);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5086\");\n\n script_name(english:\"openSUSE Security Update : libvirt (libvirt-373)\");\n script_summary(english:\"Check for the libvirt-373 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate\nvirtual machines without authentication (CVE-2008-5086).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459009\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libvirt-0.4.6-11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libvirt-devel-0.4.6-11.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libvirt-python-0.4.6-11.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-devel / libvirt-python\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:51:08", "description": "libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate virtual machines without authentication (CVE-2008-5086).", "cvss3": {}, "published": "2009-02-06T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : libvirt (libvirt-5874)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libvirt", "p-cpe:/a:novell:opensuse:libvirt-devel", "p-cpe:/a:novell:opensuse:libvirt-python", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_LIBVIRT-5874.NASL", "href": "https://www.tenable.com/plugins/nessus/35607", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libvirt-5874.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35607);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5086\");\n\n script_name(english:\"openSUSE 10 Security Update : libvirt (libvirt-5874)\");\n script_summary(english:\"Check for the libvirt-5874 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libvirt misses some read-only connection checks for certain methods.\nThis flaw enables local unprivileged users for example to migrate\nvirtual machines without authentication (CVE-2008-5086).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libvirt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libvirt-0.3.0-30.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libvirt-devel-0.3.0-30.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libvirt-python-0.3.0-30.7\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-devel / libvirt-python\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:54:22", "description": "fix missing read-only access checks, fixes CVE-2008-5086 - upstream release 0.5.1 - mostly bugfixes e.g #473071 - some driver improvements\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Fedora 10 : libvirt-0.5.1-2.fc10 (2008-11443)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libvirt", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2008-11443.NASL", "href": "https://www.tenable.com/plugins/nessus/36460", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11443.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36460);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5086\");\n script_xref(name:\"FEDORA\", value:\"2008-11443\");\n\n script_name(english:\"Fedora 10 : libvirt-0.5.1-2.fc10 (2008-11443)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fix missing read-only access checks, fixes CVE-2008-5086 - upstream\nrelease 0.5.1 - mostly bugfixes e.g #473071 - some driver improvements\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=476560\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/017925.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?87915905\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"libvirt-0.5.1-2.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:48:33", "description": "From Red Hat Security Advisory 2009:0382 :\n\nUpdated libvirt packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\n[Updated 5th May 2011] After installing this update and restarting the libvirtd service, the 'virsh attach-disk' command failed. Rebooting guest systems after installing the update resolved the issue. The erratum text has been updated to reflect that guest systems must be rebooted. Future updates will advise if a guest reboot is needed. No changes have been made to the packages.\n\nlibvirt is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.\nlibvirt also provides tools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user connection permissions before performing certain privileged actions, such as requesting migration of an unprivileged guest domain to another system. A local user able to establish a read-only connection to libvirtd could use this flaw to perform actions that should be restricted to read-write connections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to communicate with the hypervisor, was discovered to not properly validate user requests. Local users could use this flaw to cause a stack-based buffer overflow in libvirt_proxy, possibly allowing them to run arbitrary code with root privileges.\n(CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which contain backported patches which resolve these issues. After installing the update, libvirtd must be restarted manually (for example, by issuing a 'service libvirtd restart' command), and guest systems rebooted, for this change to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : libvirt (ELSA-2009-0382)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:libvirt", "p-cpe:/a:oracle:linux:libvirt-devel", "p-cpe:/a:oracle:linux:libvirt-python", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0382.NASL", "href": "https://www.tenable.com/plugins/nessus/67832", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0382 and \n# Oracle Linux Security Advisory ELSA-2009-0382 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67832);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5086\", \"CVE-2009-0036\");\n script_bugtraq_id(32905);\n script_xref(name:\"RHSA\", value:\"2009:0382\");\n\n script_name(english:\"Oracle Linux 5 : libvirt (ELSA-2009-0382)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0382 :\n\nUpdated libvirt packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\n[Updated 5th May 2011] After installing this update and restarting the\nlibvirtd service, the 'virsh attach-disk' command failed. Rebooting\nguest systems after installing the update resolved the issue. The\nerratum text has been updated to reflect that guest systems must be\nrebooted. Future updates will advise if a guest reboot is needed. No\nchanges have been made to the packages.\n\nlibvirt is a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems.\nlibvirt also provides tools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user\nconnection permissions before performing certain privileged actions,\nsuch as requesting migration of an unprivileged guest domain to\nanother system. A local user able to establish a read-only connection\nto libvirtd could use this flaw to perform actions that should be\nrestricted to read-write connections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged\nusers to communicate with the hypervisor, was discovered to not\nproperly validate user requests. Local users could use this flaw to\ncause a stack-based buffer overflow in libvirt_proxy, possibly\nallowing them to run arbitrary code with root privileges.\n(CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which\ncontain backported patches which resolve these issues. After\ninstalling the update, libvirtd must be restarted manually (for\nexample, by issuing a 'service libvirtd restart' command), and guest\nsystems rebooted, for this change to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000926.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libvirt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"libvirt-0.3.3-14.0.1.el5_3.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libvirt-devel-0.3.3-14.0.1.el5_3.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"libvirt-python-0.3.3-14.0.1.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-devel / libvirt-python\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:28:12", "description": "The libvirtd daemon was discovered to not properly check user connection permissions before performing certain privileged actions, such as requesting migration of an unprivileged guest domain to another system. A local user able to establish a read-only connection to libvirtd could use this flaw to perform actions that should be restricted to read-write connections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to communicate with the hypervisor, was discovered to not properly validate user requests. Local users could use this flaw to cause a stack-based buffer overflow in libvirt_proxy, possibly allowing them to run arbitrary code with root privileges.\n(CVE-2009-0036)\n\nAfter installing the update, libvirtd must be restarted manually (for example, by issuing a 'service libvirtd restart' command) for this change to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libvirt on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090319_LIBVIRT_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60551", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60551);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5086\", \"CVE-2009-0036\");\n\n script_name(english:\"Scientific Linux Security Update : libvirt on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The libvirtd daemon was discovered to not properly check user\nconnection permissions before performing certain privileged actions,\nsuch as requesting migration of an unprivileged guest domain to\nanother system. A local user able to establish a read-only connection\nto libvirtd could use this flaw to perform actions that should be\nrestricted to read-write connections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged\nusers to communicate with the hypervisor, was discovered to not\nproperly validate user requests. Local users could use this flaw to\ncause a stack-based buffer overflow in libvirt_proxy, possibly\nallowing them to run arbitrary code with root privileges.\n(CVE-2009-0036)\n\nAfter installing the update, libvirtd must be restarted manually (for\nexample, by issuing a 'service libvirtd restart' command) for this\nchange to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0903&L=scientific-linux-errata&T=0&P=2112\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7ef1950\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libvirt, libvirt-devel and / or libvirt-python\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"libvirt-0.3.3-14.el5_3.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libvirt-devel-0.3.3-14.el5_3.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libvirt-python-0.3.3-14.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:39:11", "description": "Updated libvirt packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\n[Updated 5th May 2011] After installing this update and restarting the libvirtd service, the 'virsh attach-disk' command failed. Rebooting guest systems after installing the update resolved the issue. The erratum text has been updated to reflect that guest systems must be rebooted. Future updates will advise if a guest reboot is needed. No changes have been made to the packages.\n\nlibvirt is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.\nlibvirt also provides tools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user connection permissions before performing certain privileged actions, such as requesting migration of an unprivileged guest domain to another system. A local user able to establish a read-only connection to libvirtd could use this flaw to perform actions that should be restricted to read-write connections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to communicate with the hypervisor, was discovered to not properly validate user requests. Local users could use this flaw to cause a stack-based buffer overflow in libvirt_proxy, possibly allowing them to run arbitrary code with root privileges.\n(CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which contain backported patches which resolve these issues. After installing the update, libvirtd must be restarted manually (for example, by issuing a 'service libvirtd restart' command), and guest systems rebooted, for this change to take effect.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : libvirt (RHSA-2009:0382)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libvirt", "p-cpe:/a:redhat:enterprise_linux:libvirt-devel", "p-cpe:/a:redhat:enterprise_linux:libvirt-python", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6"], "id": "REDHAT-RHSA-2009-0382.NASL", "href": "https://www.tenable.com/plugins/nessus/63878", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0382. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63878);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5086\", \"CVE-2009-0036\");\n script_bugtraq_id(32905);\n script_xref(name:\"RHSA\", value:\"2009:0382\");\n\n script_name(english:\"RHEL 5 : libvirt (RHSA-2009:0382)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libvirt packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\n[Updated 5th May 2011] After installing this update and restarting the\nlibvirtd service, the 'virsh attach-disk' command failed. Rebooting\nguest systems after installing the update resolved the issue. The\nerratum text has been updated to reflect that guest systems must be\nrebooted. Future updates will advise if a guest reboot is needed. No\nchanges have been made to the packages.\n\nlibvirt is a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems.\nlibvirt also provides tools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user\nconnection permissions before performing certain privileged actions,\nsuch as requesting migration of an unprivileged guest domain to\nanother system. A local user able to establish a read-only connection\nto libvirtd could use this flaw to perform actions that should be\nrestricted to read-write connections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged\nusers to communicate with the hypervisor, was discovered to not\nproperly validate user requests. Local users could use this flaw to\ncause a stack-based buffer overflow in libvirt_proxy, possibly\nallowing them to run arbitrary code with root privileges.\n(CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which\ncontain backported patches which resolve these issues. After\ninstalling the update, libvirtd must be restarted manually (for\nexample, by issuing a 'service libvirtd restart' command), and guest\nsystems rebooted, for this change to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0382\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libvirt, libvirt-devel and / or libvirt-python\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libvirt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0382\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libvirt-0.3.3-14.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libvirt-0.3.3-14.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libvirt-devel-0.3.3-14.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libvirt-devel-0.3.3-14.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libvirt-python-0.3.3-14.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libvirt-python-0.3.3-14.el5_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt / libvirt-devel / libvirt-python\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-25T10:56:33", "description": "Check for the Version of libvirt", "cvss3": {}, "published": "2009-02-13T00:00:00", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2008-11433", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860711", "href": "http://plugins.openvas.org/nasl.php?oid=860711", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2008-11433\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libvirt on Fedora 9\";\ntag_insight = \"Libvirt is a C toolkit to interact with the virtualization capabilities\n of recent versions of Linux (and other OSes).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00938.html\");\n script_id(860711);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 10:35:30 +0100 (Fri, 13 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-11433\");\n script_cve_id(\"CVE-2008-5086\");\n script_name( \"Fedora Update for libvirt FEDORA-2008-11433\");\n\n script_summary(\"Check for the Version of libvirt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.5.1~2.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:59", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-694-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for libvirt vulnerability USN-694-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840249", "href": "http://plugins.openvas.org/nasl.php?oid=840249", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_694_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for libvirt vulnerability USN-694-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that libvirt did not mark certain operations as read-only. A\n local attacker may be able to perform privileged actions such as migrating\n virtual machines, adjusting autostart flags, or accessing privileged data in\n the virtual machine memory and disks.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-694-1\";\ntag_affected = \"libvirt vulnerability on Ubuntu 7.10 ,\n Ubuntu 8.04 LTS ,\n Ubuntu 8.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-694-1/\");\n script_id(840249);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"694-1\");\n script_cve_id(\"CVE-2008-5086\");\n script_name( \"Ubuntu Update for libvirt vulnerability USN-694-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"0.4.4-3ubuntu3.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt-dev\", ver:\"0.4.4-3ubuntu3.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0-dbg\", ver:\"0.4.4-3ubuntu3.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"0.4.4-3ubuntu3.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python-libvirt\", ver:\"0.4.4-3ubuntu3.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt-doc\", ver:\"0.4.4-3ubuntu3.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"0.4.0-2ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt-dev\", ver:\"0.4.0-2ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0-dbg\", ver:\"0.4.0-2ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"0.4.0-2ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python-libvirt\", ver:\"0.4.0-2ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt-doc\", ver:\"0.4.0-2ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libvirt-dev\", ver:\"0.3.0-0ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"0.3.0-0ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"0.3.0-0ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python-libvirt\", ver:\"0.3.0-0ubuntu2.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:34", "description": "Check for the Version of libvirt", "cvss3": {}, "published": "2009-02-13T00:00:00", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2008-11443", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860641", "href": "http://plugins.openvas.org/nasl.php?oid=860641", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2008-11443\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libvirt on Fedora 10\";\ntag_insight = \"Libvirt is a C toolkit to interact with the virtualization capabilities\n of recent versions of Linux (and other OSes).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01015.html\");\n script_id(860641);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 10:35:30 +0100 (Fri, 13 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-11443\");\n script_cve_id(\"CVE-2008-5086\");\n script_name( \"Fedora Update for libvirt FEDORA-2008-11443\");\n\n script_summary(\"Check for the Version of libvirt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC10\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.5.1~2.fc10\", rls:\"FC10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:27", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libvirt\n libvirt-devel\n libvirt-python\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for libvirt", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65912", "href": "http://plugins.openvas.org/nasl.php?oid=65912", "sourceData": "#\n#VID slesp2-libvirt-5869\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libvirt\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libvirt\n libvirt-devel\n libvirt-python\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65912);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5086\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for libvirt\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.3~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.3~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.3~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:59", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libvirt\n libvirt-devel\n libvirt-python\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for libvirt", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065912", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065912", "sourceData": "#\n#VID slesp2-libvirt-5869\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for libvirt\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libvirt\n libvirt-devel\n libvirt-python\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65912\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-5086\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for libvirt\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.3~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.3~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.3~18.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:40", "description": "Oracle Linux Local Security Checks ELSA-2009-0382", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0382", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122509", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122509", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0382.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122509\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:56 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0382\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0382 - libvirt security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0382\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0382.html\");\n script_cve_id(\"CVE-2008-5086\", \"CVE-2009-0036\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.3~14.0.1.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.3~14.0.1.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.3~14.0.1.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:56:14", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0382.\n\nlibvirt is a C API for managing and interacting with the virtualization\ncapabilities of Linux and other operating systems. libvirt also provides\ntools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user connection\npermissions before performing certain privileged actions, such as\nrequesting migration of an unprivileged guest domain to another system. A\nlocal user able to establish a read-only connection to libvirtd could use\nthis flaw to perform actions that should be restricted to read-write\nconnections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to\ncommunicate with the hypervisor, was discovered to not properly validate\nuser requests. Local users could use this flaw to cause a stack-based\nbuffer overflow in libvirt_proxy, possibly allowing them to run arbitrary\ncode with root privileges. (CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which contain\nbackported patches which resolve these issues. After installing the update,\nlibvirtd must be restarted manually (for example, by issuing a\nservice libvirtd restart command) for this change to take effect.", "cvss3": {}, "published": "2009-03-20T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0382", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63586", "href": "http://plugins.openvas.org/nasl.php?oid=63586", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0382.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0382 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0382.\n\nlibvirt is a C API for managing and interacting with the virtualization\ncapabilities of Linux and other operating systems. libvirt also provides\ntools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user connection\npermissions before performing certain privileged actions, such as\nrequesting migration of an unprivileged guest domain to another system. A\nlocal user able to establish a read-only connection to libvirtd could use\nthis flaw to perform actions that should be restricted to read-write\nconnections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to\ncommunicate with the hypervisor, was discovered to not properly validate\nuser requests. Local users could use this flaw to cause a stack-based\nbuffer overflow in libvirt_proxy, possibly allowing them to run arbitrary\ncode with root privileges. (CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which contain\nbackported patches which resolve these issues. After installing the update,\nlibvirtd must be restarted manually (for example, by issuing a\nservice libvirtd restart command) for this change to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63586);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2008-5086\", \"CVE-2009-0036\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0382\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0382.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-debuginfo\", rpm:\"libvirt-debuginfo~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:56", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0382.\n\nlibvirt is a C API for managing and interacting with the virtualization\ncapabilities of Linux and other operating systems. libvirt also provides\ntools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user connection\npermissions before performing certain privileged actions, such as\nrequesting migration of an unprivileged guest domain to another system. A\nlocal user able to establish a read-only connection to libvirtd could use\nthis flaw to perform actions that should be restricted to read-write\nconnections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to\ncommunicate with the hypervisor, was discovered to not properly validate\nuser requests. Local users could use this flaw to cause a stack-based\nbuffer overflow in libvirt_proxy, possibly allowing them to run arbitrary\ncode with root privileges. (CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which contain\nbackported patches which resolve these issues. After installing the update,\nlibvirtd must be restarted manually (for example, by issuing a\nservice libvirtd restart command) for this change to take effect.", "cvss3": {}, "published": "2009-03-20T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0382", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063586", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063586", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0382.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0382 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0382.\n\nlibvirt is a C API for managing and interacting with the virtualization\ncapabilities of Linux and other operating systems. libvirt also provides\ntools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user connection\npermissions before performing certain privileged actions, such as\nrequesting migration of an unprivileged guest domain to another system. A\nlocal user able to establish a read-only connection to libvirtd could use\nthis flaw to perform actions that should be restricted to read-write\nconnections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to\ncommunicate with the hypervisor, was discovered to not properly validate\nuser requests. Local users could use this flaw to cause a stack-based\nbuffer overflow in libvirt_proxy, possibly allowing them to run arbitrary\ncode with root privileges. (CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which contain\nbackported patches which resolve these issues. After installing the update,\nlibvirtd must be restarted manually (for example, by issuing a\nservice libvirtd restart command) for this change to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63586\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2008-5086\", \"CVE-2009-0036\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0382\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0382.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-debuginfo\", rpm:\"libvirt-debuginfo~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.3~14.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:23", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-02-18T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:004", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3652", "CVE-2008-5248", "CVE-2007-5342", "CVE-2008-5244", "CVE-2008-5239", "CVE-2008-3231", "CVE-2008-5302", "CVE-2008-5238", "CVE-2008-3796", "CVE-2008-5252", "CVE-2008-5245", "CVE-2009-0416", "CVE-2007-5333", "CVE-2008-3663", "CVE-2008-5240", "CVE-2008-5235", "CVE-2008-5236", "CVE-2008-5250", "CVE-2007-3382", "CVE-2008-5587", "CVE-2008-5086", "CVE-2008-5241", "CVE-2009-0030", "CVE-2007-0184", "CVE-2007-0185", "CVE-2008-5237", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2008-5658", "CVE-2008-5243", "CVE-2009-0310", "CVE-2007-5613", "CVE-2008-5233", "CVE-2008-5718", "CVE-2007-3386", "CVE-2009-0490", "CVE-2008-5246", "CVE-2008-2938", "CVE-2008-1586", "CVE-2007-5461", "CVE-2009-0313", "CVE-2008-3651", "CVE-2008-5247", "CVE-2007-6286", "CVE-2008-4577", "CVE-2008-2370", "CVE-2008-5242", "CVE-2008-5557", "CVE-2007-2377", "CVE-2007-3385", "CVE-2008-2235", "CVE-2008-1232", "CVE-2008-5234", "CVE-2007-5615", "CVE-2006-3835", "CVE-2008-5256", "CVE-2008-0002"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:63412", "href": "http://plugins.openvas.org/nasl.php?oid=63412", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_004.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:004\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63412);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-18 23:13:28 +0100 (Wed, 18 Feb 2009)\");\n script_cve_id(\"CVE-2006-3835\", \"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1586\", \"CVE-2008-1947\", \"CVE-2008-2235\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-3231\", \"CVE-2008-3651\", \"CVE-2008-3652\", \"CVE-2008-3663\", \"CVE-2008-3796\", \"CVE-2008-4577\", \"CVE-2008-5086\", \"CVE-2008-5233\", \"CVE-2008-5234\", \"CVE-2008-5235\", \"CVE-2008-5236\", \"CVE-2008-5237\", \"CVE-2008-5238\", \"CVE-2008-5239\", \"CVE-2008-5240\", \"CVE-2008-5241\", \"CVE-2008-5242\", \"CVE-2008-5243\", \"CVE-2008-5244\", \"CVE-2008-5245\", \"CVE-2008-5246\", \"CVE-2008-5247\", \"CVE-2008-5248\", \"CVE-2008-5250\", \"CVE-2008-5252\", \"CVE-2008-5256\", \"CVE-2008-5302\", \"CVE-2008-5557\", \"CVE-2008-5587\", \"CVE-2008-5658\", \"CVE-2008-5718\", \"CVE-2009-0030\", \"CVE-2009-0310\", \"CVE-2009-0313\", \"CVE-2009-0416\", \"CVE-2009-0490\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:004\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aaa_base\", rpm:\"aaa_base~11.1~10007.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport\", rpm:\"apport~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-crashdb-opensuse\", rpm:\"apport-crashdb-opensuse~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-gtk\", rpm:\"apport-gtk~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-qt\", rpm:\"apport-qt~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-retrace\", rpm:\"apport-retrace~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.5~49.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice\", rpm:\"dice~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-debug\", rpm:\"dice-debug~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-devel\", rpm:\"dice-devel~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3\", rpm:\"glade3~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3-lang\", rpm:\"glade3-lang~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-html\", rpm:\"glibc-html~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-info\", rpm:\"glibc-info~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-locale\", rpm:\"glibc-locale~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-obsolete\", rpm:\"glibc-obsolete~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit-lang\", rpm:\"gnome-packagekit-lang~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1-8\", rpm:\"libgladeui-1-8~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-devel\", rpm:\"libgladeui-1_0-devel~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-doc\", rpm:\"libgladeui-1_0-doc~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog-devel\", rpm:\"libipulog-devel~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2_6-1_0\", rpm:\"libpython2_6-1_0~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1\", rpm:\"libqdialogsolver1~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1-devel\", rpm:\"libqdialogsolver1-devel~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.1.7~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-client\", rpm:\"nfs-client~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-doc\", rpm:\"nfs-doc~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-kernel-server\", rpm:\"nfs-kernel-server~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted\", rpm:\"parted~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted-devel\", rpm:\"parted-devel~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil\", rpm:\"powerdevil~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil-lang\", rpm:\"powerdevil-lang~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ptools\", rpm:\"ptools~0.1~2.16.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-m2crypto\", rpm:\"python-m2crypto~0.17~2.1.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.2~9.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysvinit\", rpm:\"sysvinit~2.86~186.15.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2\", rpm:\"yast2~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-devel-doc\", rpm:\"yast2-devel-doc~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.17.31~1.2.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~1.0.5~2.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.4~56.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.2.1~15.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-perl\", rpm:\"libsatsolver-perl~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-ruby\", rpm:\"libsatsolver-ruby~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.11.2~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl-orca\", rpm:\"sbl-orca~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.0~6.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec\", rpm:\"swfdec~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-devel\", rpm:\"swfdec-devel~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-doc\", rpm:\"swfdec-doc~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose\", rpm:\"virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-guest-tools\", rpm:\"virtualbox-ose-guest-tools~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox-ose\", rpm:\"xorg-x11-driver-virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-gtk\", rpm:\"yast2-gtk~2.16.15~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-ncurses-pkg\", rpm:\"yast2-ncurses-pkg~2.16.14~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-packager\", rpm:\"yast2-packager~2.16.53~3.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.16.42~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.16.48~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.3~46.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-debuginfo\", rpm:\"java-1_6_0-sun-debuginfo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.10.0~32.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.0f~16.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox\", rpm:\"virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-guest-tools\", rpm:\"virtualbox-guest-tools~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox\", rpm:\"xorg-x11-driver-virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:47", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-02-18T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:004", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3652", "CVE-2008-5248", "CVE-2007-5342", "CVE-2008-5244", "CVE-2008-5239", "CVE-2008-3231", "CVE-2008-5302", "CVE-2008-5238", "CVE-2008-3796", "CVE-2008-5252", "CVE-2008-5245", "CVE-2009-0416", "CVE-2007-5333", "CVE-2008-3663", "CVE-2008-5240", "CVE-2008-5235", "CVE-2008-5236", "CVE-2008-5250", "CVE-2007-3382", "CVE-2008-5587", "CVE-2008-5086", "CVE-2008-5241", "CVE-2009-0030", "CVE-2007-0184", "CVE-2007-0185", "CVE-2008-5237", "CVE-2008-1947", "CVE-2007-2450", "CVE-2007-2449", "CVE-2008-5658", "CVE-2008-5243", "CVE-2009-0310", "CVE-2007-5613", "CVE-2008-5233", "CVE-2008-5718", "CVE-2007-3386", "CVE-2009-0490", "CVE-2008-5246", "CVE-2008-2938", "CVE-2008-1586", "CVE-2007-5461", "CVE-2009-0313", "CVE-2008-3651", "CVE-2008-5247", "CVE-2007-6286", "CVE-2008-4577", "CVE-2008-2370", "CVE-2008-5242", "CVE-2008-5557", "CVE-2007-2377", "CVE-2007-3385", "CVE-2008-2235", "CVE-2008-1232", "CVE-2008-5234", "CVE-2007-5615", "CVE-2006-3835", "CVE-2008-5256", "CVE-2008-0002"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063412", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063412", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_004.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:004\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:004. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63412\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-18 23:13:28 +0100 (Wed, 18 Feb 2009)\");\n script_cve_id(\"CVE-2006-3835\", \"CVE-2007-0184\", \"CVE-2007-0185\", \"CVE-2007-2377\", \"CVE-2007-2449\", \"CVE-2007-2450\", \"CVE-2007-3382\", \"CVE-2007-3385\", \"CVE-2007-3386\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5613\", \"CVE-2007-5615\", \"CVE-2007-6286\", \"CVE-2008-0002\", \"CVE-2008-1232\", \"CVE-2008-1586\", \"CVE-2008-1947\", \"CVE-2008-2235\", \"CVE-2008-2370\", \"CVE-2008-2938\", \"CVE-2008-3231\", \"CVE-2008-3651\", \"CVE-2008-3652\", \"CVE-2008-3663\", \"CVE-2008-3796\", \"CVE-2008-4577\", \"CVE-2008-5086\", \"CVE-2008-5233\", \"CVE-2008-5234\", \"CVE-2008-5235\", \"CVE-2008-5236\", \"CVE-2008-5237\", \"CVE-2008-5238\", \"CVE-2008-5239\", \"CVE-2008-5240\", \"CVE-2008-5241\", \"CVE-2008-5242\", \"CVE-2008-5243\", \"CVE-2008-5244\", \"CVE-2008-5245\", \"CVE-2008-5246\", \"CVE-2008-5247\", \"CVE-2008-5248\", \"CVE-2008-5250\", \"CVE-2008-5252\", \"CVE-2008-5256\", \"CVE-2008-5302\", \"CVE-2008-5557\", \"CVE-2008-5587\", \"CVE-2008-5658\", \"CVE-2008-5718\", \"CVE-2009-0030\", \"CVE-2009-0310\", \"CVE-2009-0313\", \"CVE-2009-0416\", \"CVE-2009-0490\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:004\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aaa_base\", rpm:\"aaa_base~11.1~10007.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport\", rpm:\"apport~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-crashdb-opensuse\", rpm:\"apport-crashdb-opensuse~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-gtk\", rpm:\"apport-gtk~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-qt\", rpm:\"apport-qt~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apport-retrace\", rpm:\"apport-retrace~0.114~8.5.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.5~49.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~142.19.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~146.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice\", rpm:\"dice~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-debug\", rpm:\"dice-debug~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dice-devel\", rpm:\"dice-devel~0.1.9~1.3.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3\", rpm:\"glade3~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glade3-lang\", rpm:\"glade3-lang~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-html\", rpm:\"glibc-html~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-info\", rpm:\"glibc-info~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-locale\", rpm:\"glibc-locale~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-obsolete\", rpm:\"glibc-obsolete~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit-lang\", rpm:\"gnome-packagekit-lang~0.3.11~2.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~8.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1-8\", rpm:\"libgladeui-1-8~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-devel\", rpm:\"libgladeui-1_0-devel~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgladeui-1_0-doc\", rpm:\"libgladeui-1_0-doc~3.5.2~7.25.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog-devel\", rpm:\"libipulog-devel~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2_6-1_0\", rpm:\"libpython2_6-1_0~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1\", rpm:\"libqdialogsolver1~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqdialogsolver1-devel\", rpm:\"libqdialogsolver1-devel~1.2.6~1.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.3~11.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.3~4.8.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.6~11.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.25.3~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.1.7~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~246.13.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-client\", rpm:\"nfs-client~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-doc\", rpm:\"nfs-doc~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-kernel-server\", rpm:\"nfs-kernel-server~1.1.3~18.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.9~2.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~168.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted\", rpm:\"parted~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"parted-devel\", rpm:\"parted-devel~1.8.8~91.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~62.17.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~49.14.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil\", rpm:\"powerdevil~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"powerdevil-lang\", rpm:\"powerdevil-lang~1.4.1~4.5.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ptools\", rpm:\"ptools~0.1~2.16.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-m2crypto\", rpm:\"python-m2crypto~0.17~2.1.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.6.0~2.21.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.6.0~2.22.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.6~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.3~4.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.2~9.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysvinit\", rpm:\"sysvinit~2.86~186.15.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~133.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~129.51.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~1.1.9~1.11.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2\", rpm:\"yast2~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-devel-doc\", rpm:\"yast2-devel-doc~2.17.59~1.2.13\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.17.31~1.2.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~1.0.5~2.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.4~56.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~86.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.13~24.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-packagekit\", rpm:\"gnome-packagekit~0.2.1~15.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit-devel\", rpm:\"libQtWebKit-devel~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libQtWebKit4\", rpm:\"libQtWebKit4~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4\", rpm:\"libqt4~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel\", rpm:\"libqt4-devel~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-devel-doc\", rpm:\"libqt4-devel-doc~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-qt3support\", rpm:\"libqt4-qt3support~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql\", rpm:\"libqt4-sql~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-mysql\", rpm:\"libqt4-sql-mysql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-postgresql\", rpm:\"libqt4-sql-postgresql~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-sqlite\", rpm:\"libqt4-sql-sqlite~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-sql-unixODBC\", rpm:\"libqt4-sql-unixODBC~4.4.0~5.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libqt4-x11\", rpm:\"libqt4-x11~4.4.0~12.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-perl\", rpm:\"libsatsolver-perl~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-ruby\", rpm:\"libsatsolver-ruby~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.0~59.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.6.32~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~4.28.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.11.2~36.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.6~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~218.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~183.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~143.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl\", rpm:\"perl~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-base\", rpm:\"perl-base~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-doc\", rpm:\"perl-doc~5.10.0~37.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt4-x11-tools\", rpm:\"qt4-x11-tools~4.4.0~12.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.9.6~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl-orca\", rpm:\"sbl-orca~3.2.2~16.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sblim-sfcb\", rpm:\"sblim-sfcb~1.3.0~6.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec\", rpm:\"swfdec~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-devel\", rpm:\"swfdec-devel~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"swfdec-doc\", rpm:\"swfdec-doc~0.6.8~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~108.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~101.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose\", rpm:\"virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-guest-tools\", rpm:\"virtualbox-ose-guest-tools~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine\", rpm:\"wine~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wine-devel\", rpm:\"wine-devel~0.9.64_aka_1.0.rc3~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox-ose\", rpm:\"xorg-x11-driver-virtualbox-ose~1.5.6~33.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-gtk\", rpm:\"yast2-gtk~2.16.15~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-ncurses-pkg\", rpm:\"yast2-ncurses-pkg~2.16.14~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-packager\", rpm:\"yast2-packager~2.16.53~3.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-pkg-bindings\", rpm:\"yast2-pkg-bindings~2.16.42~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-qt-pkg\", rpm:\"yast2-qt-pkg~2.16.48~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audacity\", rpm:\"audacity~1.3.3~46.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp\", rpm:\"dhcp~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-client\", rpm:\"dhcp-client~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-devel\", rpm:\"dhcp-devel~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-relay\", rpm:\"dhcp-relay~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dhcp-server\", rpm:\"dhcp-server~3.0.6~24.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot\", rpm:\"dovecot~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dovecot-devel\", rpm:\"dovecot-devel~1.0.5~6.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-debuginfo\", rpm:\"java-1_6_0-sun-debuginfo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-sun-src\", rpm:\"java-1_6_0-sun-src~1.6.0.u12~1.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libipulog\", rpm:\"libipulog~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff-devel\", rpm:\"libtiff-devel~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libtiff3\", rpm:\"libtiff3~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.3.0~30.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.30~4.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.10.0~32.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk\", rpm:\"netatalk~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"netatalk-devel\", rpm:\"netatalk-devel~2.0.3~130.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools\", rpm:\"novell-ipsec-tools~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"novell-ipsec-tools-devel\", rpm:\"novell-ipsec-tools-devel~0.6.3~114.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp\", rpm:\"openslp~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-devel\", rpm:\"openslp-devel~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openslp-server\", rpm:\"openslp-server~1.2.0~96.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.6~0.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sbl\", rpm:\"sbl~3.0f~16.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tiff\", rpm:\"tiff~3.8.2~68.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd\", rpm:\"ulogd~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-mysql\", rpm:\"ulogd-mysql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pcap\", rpm:\"ulogd-pcap~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-pgsql\", rpm:\"ulogd-pgsql~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ulogd-sqlite\", rpm:\"ulogd-sqlite~1.24~36.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox\", rpm:\"virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-guest-tools\", rpm:\"virtualbox-guest-tools~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-virtualbox\", rpm:\"xorg-x11-driver-virtualbox~1.5.2~10.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "veracode": [{"lastseen": "2022-07-27T10:11:26", "description": "libvirt is vulnerable to privilege escalation. The vulnerability exists as the libvirtd daemon was discovered to not properly check user connection permissions before performing certain privileged actions, such as requesting migration of an unprivileged guest domain to another system. A local user able to establish a read-only connection to libvirtd could use this flaw to perform actions that should be restricted to read-write connections.\n", "cvss3": {}, "published": "2020-04-10T00:30:41", "type": "veracode", "title": "Privilege Escalation", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2022-04-19T18:35:39", "id": "VERACODE:23568", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23568/summary", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:31", "description": "Potentially dangeroues operations are not marked as read only.", "cvss3": {}, "published": "2008-12-21T00:00:00", "type": "securityvulns", "title": "libvirt privilege escalation", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2008-5086"], "modified": "2008-12-21T00:00:00", "id": "SECURITYVULNS:VULN:9530", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9530", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:28", "description": "===========================================================\r\nUbuntu Security Notice USN-694-1 December 18, 2008\r\nlibvirt vulnerability\r\nCVE-2008-5086\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 7.10\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 7.10:\r\n libvirt0 0.3.0-0ubuntu2.1\r\n\r\nUbuntu 8.04 LTS:\r\n libvirt0 0.4.0-2ubuntu8.1\r\n\r\nUbuntu 8.10:\r\n libvirt0 0.4.4-3ubuntu3.1\r\n\r\nIn general, a standard system upgrade is sufficient to effect the\r\nnecessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that libvirt did not mark certain operations as read-only. A\r\nlocal attacker may be able to perform privileged actions such as migrating\r\nvirtual machines, adjusting autostart flags, or accessing privileged data in\r\nthe virtual machine memory and disks.\r\n\r\n\r\nUpdated packages for Ubuntu 7.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.3.0-0ubuntu2.1.diff.gz\r\n Size/MD5: 3544 e3f113d1e263a8a5b2b831de6d242d1b\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.3.0-0ubuntu2.1.dsc\r\n Size/MD5: 808 df2b4d52fcdba599d46d3316b13458ff\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.3.0.orig.tar.gz\r\n Size/MD5: 2265548 e6a85e2ef99f985a298376e01fcc7a3c\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.3.0-0ubuntu2.1_amd64.deb\r\n Size/MD5: 230520 783cfc179c03e40500fc1a1a3354dac4\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.3.0-0ubuntu2.1_amd64.deb\r\n Size/MD5: 186806 4d7e7f531ad07b08264856bf9762dc20\r\n http://security.ubuntu.com/ubuntu/pool/universe/libv/libvirt/libvirt-bin_0.3.0-0ubuntu2.1_amd64.deb\r\n Size/MD5: 136992 27a0e129f38e57faae36b0adf6e1b000\r\n http://security.ubuntu.com/ubuntu/pool/universe/libv/libvirt/python-libvirt_0.3.0-0ubuntu2.1_amd64.deb\r\n Size/MD5: 86872 1da16e06104d27759886b575d2b73f8f\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.3.0-0ubuntu2.1_i386.deb\r\n Size/MD5: 217692 56dd66f156bee8b01f4b68e23e2811d3\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.3.0-0ubuntu2.1_i386.deb\r\n Size/MD5: 186672 3a708d77e58e68b4009937ae9500f8e6\r\n http://security.ubuntu.com/ubuntu/pool/universe/libv/libvirt/libvirt-bin_0.3.0-0ubuntu2.1_i386.deb\r\n Size/MD5: 135332 69ba54123bc7cb52eebac54313ff6001\r\n http://security.ubuntu.com/ubuntu/pool/universe/libv/libvirt/python-libvirt_0.3.0-0ubuntu2.1_i386.deb\r\n Size/MD5: 85340 c67f3ea7487e838af3ee7a0a21be4241\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-dev_0.3.0-0ubuntu2.1_lpia.deb\r\n Size/MD5: 232922 d16c1c0f50b965c2f8a0663995764b5f\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0_0.3.0-0ubuntu2.1_lpia.deb\r\n Size/MD5: 198292 ff4ab36c840d51a92bc76d18aedba3c4\r\n http://ports.ubuntu.com/pool/universe/libv/libvirt/libvirt-bin_0.3.0-0ubuntu2.1_lpia.deb\r\n Size/MD5: 142812 51aec3c2358e54a10783d6c14dcbfab1\r\n http://ports.ubuntu.com/pool/universe/libv/libvirt/python-libvirt_0.3.0-0ubuntu2.1_lpia.deb\r\n Size/MD5: 87042 80be0e16045d055f1afa897091a446bc\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.4.0-2ubuntu8.1.diff.gz\r\n Size/MD5: 18325 d9c67215893dd4041c4a114d7b8feddf\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.4.0-2ubuntu8.1.dsc\r\n Size/MD5: 1080 360545d20502031bab8c298c71707346\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.4.0.orig.tar.gz\r\n Size/MD5: 2968326 2f6c6adb62145988f0e5021e5cbd71d3\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-doc_0.4.0-2ubuntu8.1_all.deb\r\n Size/MD5: 303538 bbc86d969cd89c814fbd2dcaed27d3c0\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-bin_0.4.0-2ubuntu8.1_amd64.deb\r\n Size/MD5: 89346 7e272e9e45d8d76bfd7ffcf48fc6ec0f\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.4.0-2ubuntu8.1_amd64.deb\r\n Size/MD5: 225052 3188ff93f87ddcc2a448db87c1d94272\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0-dbg_0.4.0-2ubuntu8.1_amd64.deb\r\n Size/MD5: 550738 b9ab13df10f0ab9d50e0311a8e99636c\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.4.0-2ubuntu8.1_amd64.deb\r\n Size/MD5: 181422 4fdc4326e58624f344e5abf0c893b4c2\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/python-libvirt_0.4.0-2ubuntu8.1_amd64.deb\r\n Size/MD5: 26482 8f0ded14f5b5a572de118fe7632ba903\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-bin_0.4.0-2ubuntu8.1_i386.deb\r\n Size/MD5: 87386 bed95289533ed96b9518e5b6d52d8bea\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.4.0-2ubuntu8.1_i386.deb\r\n Size/MD5: 210544 e43f0446b54551f671c31e893d245e09\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0-dbg_0.4.0-2ubuntu8.1_i386.deb\r\n Size/MD5: 534654 e2fb5196f66c389ff69fcf7262216bcf\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.4.0-2ubuntu8.1_i386.deb\r\n Size/MD5: 183312 762d3786d854f593c9735642ff0bbe24\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/python-libvirt_0.4.0-2ubuntu8.1_i386.deb\r\n Size/MD5: 25846 5f1bb3a6bc65ae5bca7cb76dcadb3e02\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.4.4-3ubuntu3.1.diff.gz\r\n Size/MD5: 14706 60aca6eb756f2b5ef1914b9c5e641eab\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.4.4-3ubuntu3.1.dsc\r\n Size/MD5: 1690 7a27ebcbcc5c4aa7536443275a88a93a\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt_0.4.4.orig.tar.gz\r\n Size/MD5: 4944817 9407900dc16e0ba9ea3eec3cf0a56674\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-doc_0.4.4-3ubuntu3.1_all.deb\r\n Size/MD5: 529994 c4da663af5f51d19b1976de2e1e501cb\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-bin_0.4.4-3ubuntu3.1_amd64.deb\r\n Size/MD5: 108322 3f5e5e01a17839d7a909c768b25946c6\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.4.4-3ubuntu3.1_amd64.deb\r\n Size/MD5: 323936 2aaa8cd46a2c9a6a6befad16a39c4751\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0-dbg_0.4.4-3ubuntu3.1_amd64.deb\r\n Size/MD5: 543058 59721bbd35efdaf14181f7558fe5f02c\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.4.4-3ubuntu3.1_amd64.deb\r\n Size/MD5: 262618 41666638ec2bf777abe8c13cae232fe5\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/python-libvirt_0.4.4-3ubuntu3.1_amd64.deb\r\n Size/MD5: 35546 b2fac337b7fa6c79fa4f51b851928ec8\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-bin_0.4.4-3ubuntu3.1_i386.deb\r\n Size/MD5: 106248 9feae832c4c0a9de5b5668ac52f36b0d\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt-dev_0.4.4-3ubuntu3.1_i386.deb\r\n Size/MD5: 299792 b6bb985c828468c1d3ab9aec6c0957a4\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0-dbg_0.4.4-3ubuntu3.1_i386.deb\r\n Size/MD5: 513800 4bcaaaeda8289387dc85b2aec8e18c47\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/libvirt0_0.4.4-3ubuntu3.1_i386.deb\r\n Size/MD5: 260392 ab932146ef2f1bf627667bfaa84ff9b1\r\n http://security.ubuntu.com/ubuntu/pool/main/libv/libvirt/python-libvirt_0.4.4-3ubuntu3.1_i386.deb\r\n Size/MD5: 34736 56936e79012aa78f18113fc054449a89\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-bin_0.4.4-3ubuntu3.1_lpia.deb\r\n Size/MD5: 113140 cb82af80e45804e03076e87002673ae6\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-dev_0.4.4-3ubuntu3.1_lpia.deb\r\n Size/MD5: 231974 8f6cf8b3e653c771a280dcf4fff76981\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0-dbg_0.4.4-3ubuntu3.1_lpia.deb\r\n Size/MD5: 397586 0dfb5e4ba19ee7177473d7ccd853ecc7\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0_0.4.4-3ubuntu3.1_lpia.deb\r\n Size/MD5: 204848 0bd86d778d0761790b8edb193ad4097c\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/python-libvirt_0.4.4-3ubuntu3.1_lpia.deb\r\n Size/MD5: 35568 99c4d427be71096e305117720c7d2bb7\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-bin_0.4.4-3ubuntu3.1_powerpc.deb\r\n Size/MD5: 116998 85c73a341c3e878469688d5a9a4d2192\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-dev_0.4.4-3ubuntu3.1_powerpc.deb\r\n Size/MD5: 264734 812e787c2297e53d1d306f0efaef6a67\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0-dbg_0.4.4-3ubuntu3.1_powerpc.deb\r\n Size/MD5: 396052 42ecd75ca1b7fc715cc47341e7b0136f\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0_0.4.4-3ubuntu3.1_powerpc.deb\r\n Size/MD5: 209038 33e24711251d3fb3ec22e896e217e652\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/python-libvirt_0.4.4-3ubuntu3.1_powerpc.deb\r\n Size/MD5: 38886 2445e68554032edddff09eea87876e23\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-bin_0.4.4-3ubuntu3.1_sparc.deb\r\n Size/MD5: 105234 28c98c3deb0bc9fda4995a9122249cb3\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt-dev_0.4.4-3ubuntu3.1_sparc.deb\r\n Size/MD5: 234124 11dabeeb53160aba5f8d9810be054a9e\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0-dbg_0.4.4-3ubuntu3.1_sparc.deb\r\n Size/MD5: 360166 0d060a3f9a44876960e27135e0adf947\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/libvirt0_0.4.4-3ubuntu3.1_sparc.deb\r\n Size/MD5: 190442 0edb2323b583de2e3e47622155cd3cf9\r\n http://ports.ubuntu.com/pool/main/libv/libvirt/python-libvirt_0.4.4-3ubuntu3.1_sparc.deb\r\n Size/MD5: 34592 9120adbaac3f7ae105863005c893be07\r\n\r\n", "cvss3": {}, "published": "2008-12-21T00:00:00", "type": "securityvulns", "title": "[USN-694-1] libvirt vulnerability", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2008-5086"], "modified": "2008-12-21T00:00:00", "id": "SECURITYVULNS:DOC:21058", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21058", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2023-02-13T14:12:47", "description": "Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions.", "cvss3": {}, "published": "2008-12-19T17:30:00", "type": "cve", "title": "CVE-2008-5086", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086"], "modified": "2017-09-29T01:32:00", "cpe": ["cpe:/a:libvirt:libvirt:0.4.1", "cpe:/a:libvirt:libvirt:0.4.2", "cpe:/a:libvirt:libvirt:0.4.6", "cpe:/a:libvirt:libvirt:0.3.2", "cpe:/a:libvirt:libvirt:0.5.1", "cpe:/a:libvirt:libvirt:0.3.3", "cpe:/a:libvirt:libvirt:0.5.0"], "id": "CVE-2008-5086", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5086", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:libvirt:libvirt:0.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:libvirt:libvirt:0.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:libvirt:libvirt:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:libvirt:libvirt:0.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:libvirt:libvirt:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:libvirt:libvirt:0.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:libvirt:libvirt:0.3.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T06:38:52", "description": "libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.", "cvss3": {}, "published": "2011-03-15T17:55:00", "type": "cve", "title": "CVE-2011-1146", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086", "CVE-2011-1146"], "modified": "2023-02-13T01:19:00", "cpe": ["cpe:/a:redhat:libvirt:0.8.8"], "id": "CVE-2011-1146", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1146", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:07", "description": "[0.3.3-14.0.1.el5_3.1]\n- Replaced docs/redhat.gif in tarball\n[0.3.3-14.el5_3.1]\n- Add missing readonly checks for APIs (CVE-2008-5086)\n- Add missing buf check in proxy daemon (CVE-2009-0036) ", "cvss3": {}, "published": "2009-03-19T00:00:00", "type": "oraclelinux", "title": "libvirt security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2009-03-19T00:00:00", "id": "ELSA-2009-0382", "href": "http://linux.oracle.com/errata/ELSA-2009-0382.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:43:08", "description": "libvirt is a C API for managing and interacting with the virtualization\ncapabilities of Linux and other operating systems. libvirt also provides\ntools for remotely managing virtualized systems.\n\nThe libvirtd daemon was discovered to not properly check user connection\npermissions before performing certain privileged actions, such as\nrequesting migration of an unprivileged guest domain to another system. A\nlocal user able to establish a read-only connection to libvirtd could use\nthis flaw to perform actions that should be restricted to read-write\nconnections. (CVE-2008-5086)\n\nlibvirt_proxy, a setuid helper application allowing non-privileged users to\ncommunicate with the hypervisor, was discovered to not properly validate\nuser requests. Local users could use this flaw to cause a stack-based\nbuffer overflow in libvirt_proxy, possibly allowing them to run arbitrary\ncode with root privileges. (CVE-2009-0036)\n\nAll users are advised to upgrade to these updated packages, which contain\nbackported patches which resolve these issues. After installing the update,\nlibvirtd must be restarted manually (for example, by issuing a \"service\nlibvirtd restart\" command), and guest systems rebooted, for this change to\ntake effect.\n", "cvss3": {}, "published": "2009-03-19T00:00:00", "type": "redhat", "title": "(RHSA-2009:0382) Moderate: libvirt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5086", "CVE-2009-0036"], "modified": "2017-09-08T07:54:35", "id": "RHSA-2009:0382", "href": "https://access.redhat.com/errata/RHSA-2009:0382", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}