ID UB:CVE-2009-0196Type ubuntucveReporter ubuntu.comModified 2009-04-16T00:00:00
Description
Heap-based buffer overflow in the big2_decode_symbol_dict function
(jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in
Ghostscript 8.64, and probably earlier versions, allows remote attackers to
execute arbitrary code via a PDF file with a JBIG2 symbol dictionary
segment with a large run length value.
Notes
Author| Notemdeslaur | Secunia advisory SA34292
{"id": "UB:CVE-2009-0196", "vendorId": null, "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2009-0196", "description": "Heap-based buffer overflow in the big2_decode_symbol_dict function\n(jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in\nGhostscript 8.64, and probably earlier versions, allows remote attackers to\nexecute arbitrary code via a PDF file with a JBIG2 symbol dictionary\nsegment with a large run length value.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | Secunia advisory SA34292\n", "published": "2009-04-16T00:00:00", "modified": "2009-04-16T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2009-0196", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196", "https://ubuntu.com/security/notices/USN-757-1", "https://nvd.nist.gov/vuln/detail/CVE-2009-0196", "https://launchpad.net/bugs/cve/CVE-2009-0196", "https://security-tracker.debian.org/tracker/CVE-2009-0196"], "cvelist": ["CVE-2009-0196"], "immutableFields": [], "lastseen": "2021-11-22T21:59:52", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2009:0421"]}, {"type": "cve", "idList": ["CVE-2009-0196"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2080-1:68D05"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-0196"]}, {"type": "fedora", "idList": ["FEDORA:1217E10F851", "FEDORA:3E12610F851"]}, {"type": "gentoo", "idList": ["GLSA-201412-17"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2009-0196/"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2009-0421.NASL", "DEBIAN_DSA-2080.NASL", "FEDORA_2009-3709.NASL", "FEDORA_2009-3710.NASL", "GENTOO_GLSA-201412-17.NASL", "MANDRIVA_MDVSA-2009-095.NASL", "MANDRIVA_MDVSA-2009-311.NASL", "ORACLELINUX_ELSA-2009-0421.NASL", "REDHAT-RHSA-2009-0421.NASL", "SLACKWARE_SSA_2009-181-01.NASL", "SL_20090414_GHOSTSCRIPT_ON_SL3_X.NASL", "SUSE9_12417.NASL", "SUSE_11_0_GHOSTSCRIPT-DEVEL-090513.NASL", "SUSE_11_1_GHOSTSCRIPT-DEVEL-090514.NASL", "SUSE_11_GHOSTSCRIPT-DEVEL-090407.NASL", "SUSE_11_GHOSTSCRIPT-DEVEL-090513.NASL", "SUSE_GHOSTSCRIPT-DEVEL-6246.NASL", "SUSE_GHOSTSCRIPT-FONTS-OTHER-6245.NASL", "UBUNTU_USN-757-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121303", "OPENVAS:1361412562310122495", "OPENVAS:136141256231063765", "OPENVAS:136141256231063835", "OPENVAS:136141256231063836", "OPENVAS:136141256231063873", "OPENVAS:136141256231063891", "OPENVAS:136141256231064196", "OPENVAS:136141256231064381", "OPENVAS:136141256231065559", "OPENVAS:136141256231065650", "OPENVAS:136141256231065665", "OPENVAS:136141256231065867", "OPENVAS:136141256231066380", "OPENVAS:136141256231067835", "OPENVAS:1361412562310855654", "OPENVAS:1361412562310855656", "OPENVAS:1361412562310855667", "OPENVAS:1361412562310855706", "OPENVAS:1361412562310855711", "OPENVAS:1361412562310855758", "OPENVAS:1361412562310880717", "OPENVAS:1361412562310900540", "OPENVAS:1361412562310900542", "OPENVAS:63765", "OPENVAS:63835", "OPENVAS:63836", "OPENVAS:63856", "OPENVAS:63873", "OPENVAS:63891", "OPENVAS:64196", "OPENVAS:64381", "OPENVAS:65559", "OPENVAS:65650", "OPENVAS:65665", "OPENVAS:65867", "OPENVAS:66380", "OPENVAS:67835", "OPENVAS:855654", "OPENVAS:855656", "OPENVAS:855667", "OPENVAS:855706", "OPENVAS:855711", "OPENVAS:855758", "OPENVAS:880717", "OPENVAS:900540"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0421"]}, {"type": "redhat", "idList": ["RHSA-2009:0421"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21612", "SECURITYVULNS:VULN:9811"]}, {"type": "seebug", "idList": ["SSV:5038"]}, {"type": "slackware", "idList": ["SSA-2009-181-01"]}, {"type": "ubuntu", "idList": ["USN-757-1"]}], "rev": 4}, "score": {"value": 7.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:0421"]}, {"type": "cve", "idList": ["CVE-2009-0196"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-0196"]}, {"type": "fedora", "idList": ["FEDORA:3E12610F851"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2009-0196/"]}, {"type": "nessus", "idList": ["SUSE_11_1_GHOSTSCRIPT-DEVEL-090514.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063835", "OPENVAS:1361412562310855654", "OPENVAS:65559", "OPENVAS:900540"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21612"]}, {"type": "seebug", "idList": ["SSV:5038"]}, {"type": "slackware", "idList": ["SSA-2009-181-01"]}]}, "exploitation": null, "vulnersScore": 7.9}, "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "ghostscript"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "gs-afpl"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "gs-esp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "gs-gpl"}], "bugs": [], "_state": {"dependencies": 1647589307, "score": 0}}
{"seebug": [{"lastseen": "2017-11-19T18:53:38", "description": "BUGTRAQ ID: 34445\r\nCVE(CAN) ID: CVE-2009-0196\r\n\r\nGhostscript\u662f\u7528\u4e8e\u663e\u793aPostScript\u6587\u4ef6\u6216\u5411\u975ePostScript\u6253\u5370\u673a\u6253\u5370\u8fd9\u4e9b\u6587\u4ef6\u7684\u7a0b\u5e8f\u3002\r\n\r\nGhostscript\u6240\u6346\u7ed1\u7684jbig2dec\u5e93\u5728\u89e3\u7801JBIG2\u7b26\u53f7\u5b57\u5178\u6bb5\u65f6\u5b58\u5728\u5806\u6ea2\u51fa\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u53d7\u9a97\u6253\u5f00\u4e86\u7279\u5236\u7684PDF\u6587\u4ef6\u7684\u8bdd\u5c31\u53ef\u4ee5\u89e6\u53d1\u8fd9\u4e2a\u6ea2\u51fa\uff0c\u5bfc\u81f4Ghostscript\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n\nGhostscript 8.64\n Ghostscript\r\n-----------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=https://bugzilla.redhat.com/attachment.cgi?id=337747 target=_blank rel=external nofollow>https://bugzilla.redhat.com/attachment.cgi?id=337747</a>", "cvss3": {}, "published": "2009-04-11T00:00:00", "title": "Ghostscript jbig2dec\u5e93JBIG2\u5904\u7406\u5806\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-0196"], "modified": "2009-04-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-5038", "id": "SSV:5038", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "metasploit": [{"lastseen": "2021-07-08T03:03:45", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "SUSE Linux Security Vulnerability: CVE-2009-0196", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0196"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/SUSE-CVE-2009-0196/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:29", "description": "====================================================================== \r\n\r\n Secunia Research 09/04/2009\r\n\r\n - Ghostscript jbig2dec JBIG2 Processing Buffer Overflow -\r\n\r\n====================================================================== \r\nTable of Contents\r\n\r\nAffected Software....................................................1\r\nSeverity.............................................................2\r\nVendor's Description of Software.....................................3\r\nDescription of Vulnerability.........................................4\r\nSolution.............................................................5\r\nTime Table...........................................................6\r\nCredits..............................................................7\r\nReferences...........................................................8\r\nAbout Secunia........................................................9\r\nVerification........................................................10\r\n\r\n====================================================================== \r\n1) Affected Software \r\n\r\n* Ghostscript version 8.64\r\n\r\nNOTE: Other versions may also be affected.\r\n\r\n====================================================================== \r\n2) Severity \r\n\r\nRating: Highly critical \r\nImpact: System access\r\nWhere: Remote\r\n\r\n====================================================================== \r\n3) Vendor's Description of Software \r\n\r\n"An interpreter for the PostScript (TM) language, with the ability to \r\nconvert PostScript language files to many raster formats, view them \r\non displays, and print them on printers that don't have PostScript \r\nlanguage capability built in; An interpreter for Portable Document \r\nFormat (PDF) files, with the same abilities; ..."\r\n\r\nProduct Link:\r\nhttp://www.ghostscript.com/Ghostscript.html\r\n\r\n====================================================================== \r\n4) Description of Vulnerability\r\n\r\nSecunia Research has discovered a vulnerability in Ghostscript, which \r\ncan be exploited by malicious people to potentially compromise a\r\nuser's system.\r\n\r\nThe vulnerability is caused due to a boundary error in the included \r\njbig2dec library while decoding JBIG2 symbol dictionary segments. \r\nThis can be exploited to cause a heap-based buffer overflow via a \r\nspecially crafted PDF file.\r\n\r\nSuccessful exploitation may allow execution of arbitrary code.\r\n\r\n====================================================================== \r\n5) Solution \r\n\r\nDo not process untrusted PDF files.\r\n\r\n====================================================================== \r\n6) Time Table \r\n\r\n26/03/2009 - Vendor notified.\r\n26/03/2009 - vendor-sec notified.\r\n02/04/2009 - Vendor response.\r\n09/04/2009 - Public disclosure.\r\n\r\n====================================================================== \r\n7) Credits \r\n\r\nDiscovered by Alin Rad Pop, Secunia Research.\r\n\r\n====================================================================== \r\n8) References\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned\r\nCVE-2009-0196 for the vulnerability.\r\n\r\n====================================================================== \r\n9) About Secunia\r\n\r\nSecunia offers vulnerability management solutions to corporate\r\ncustomers with verified and reliable vulnerability intelligence\r\nrelevant to their specific system configuration:\r\n\r\nhttp://secunia.com/advisories/business_solutions/\r\n\r\nSecunia also provides a publicly accessible and comprehensive advisory\r\ndatabase as a service to the security community and private \r\nindividuals, who are interested in or concerned about IT-security.\r\n\r\nhttp://secunia.com/advisories/\r\n\r\nSecunia believes that it is important to support the community and to\r\ndo active vulnerability research in order to aid improving the \r\nsecurity and reliability of software in general:\r\n\r\nhttp://secunia.com/secunia_research/\r\n\r\nSecunia regularly hires new skilled team members. Check the URL below\r\nto see currently vacant positions:\r\n\r\nhttp://secunia.com/corporate/jobs/\r\n\r\nSecunia offers a FREE mailing list called Secunia Security Advisories:\r\n\r\nhttp://secunia.com/advisories/mailing_lists/\r\n\r\n====================================================================== \r\n10) Verification \r\n\r\nPlease verify this advisory by visiting the Secunia website:\r\nhttp://secunia.com/secunia_research/2009-21/\r\n\r\nComplete list of vulnerability reports published by Secunia Research:\r\nhttp://secunia.com/secunia_research/\r\n\r\n======================================================================", "edition": 1, "cvss3": {}, "published": "2009-04-10T00:00:00", "title": "Secunia Research: Ghostscript jbig2dec JBIG2 Processing Buffer Overflow", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-0196"], "modified": "2009-04-10T00:00:00", "id": "SECURITYVULNS:DOC:21612", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21612", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:58:00", "description": "Buffer overflow on JBIG2 decoding.", "edition": 2, "cvss3": {}, "published": "2009-04-18T00:00:00", "title": "Ghsotscript / XPDF / CUPS pdftops buffer overflow", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-1181", "CVE-2009-1180", "CVE-2009-0799", "CVE-2009-1182", "CVE-2009-0165", "CVE-2009-0166", "CVE-2009-0147", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0146"], "modified": "2009-04-18T00:00:00", "id": "SECURITYVULNS:VULN:9811", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9811", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2022-03-23T21:14:46", "description": "Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.", "cvss3": {}, "published": "2009-04-16T15:12:00", "type": "cve", "title": "CVE-2009-0196", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0196"], "modified": "2018-10-11T21:00:00", "cpe": ["cpe:/a:ghostscript:ghostscript:8.56", "cpe:/a:ghostscript:ghostscript:8.62", "cpe:/a:ghostscript:ghostscript:8.61", "cpe:/a:ghostscript:ghostscript:8.15.2", "cpe:/a:ghostscript:ghostscript:7.07", "cpe:/a:ghostscript:ghostscript:8.63", "cpe:/a:ghostscript:ghostscript:8.60", "cpe:/a:ghostscript:ghostscript:8.57", "cpe:/a:ghostscript:ghostscript:8.54", "cpe:/a:ghostscript:ghostscript:5.50", "cpe:/a:ghostscript:ghostscript:8.64", "cpe:/a:ghostscript:ghostscript:0", "cpe:/a:ghostscript:ghostscript:8.0.1", "cpe:/a:ghostscript:ghostscript:8.15"], "id": "CVE-2009-0196", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0196", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.62:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.64:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.63:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*", "cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2022-04-23T03:32:19", "description": "Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.", "cvss3": {}, "published": "2009-04-16T15:12:00", "type": "debiancve", "title": "CVE-2009-0196", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0196"], "modified": "2009-04-16T15:12:00", "id": "DEBIANCVE:CVE-2009-0196", "href": "https://security-tracker.debian.org/tracker/CVE-2009-0196", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T13:06:34", "description": "With this update the ghostscript-libarary four vulnerabilities were fixed :\n\n - heap-overflow in JBIG2 decoder. (CVE-2009-0196)\n\n - integer overflow in ICC library. (CVE-2009-0792)\n\n - crash in CCITTFax decoder\n\n - buffer overflow in BaseFont writer module", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Ghostscript (SAT Patch Number 752)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other", "p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus", "p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std", "p-cpe:/a:novell:suse_linux:11:ghostscript-library", "p-cpe:/a:novell:suse_linux:11:ghostscript-omni", "p-cpe:/a:novell:suse_linux:11:ghostscript-x11", "p-cpe:/a:novell:suse_linux:11:libgimpprint", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GHOSTSCRIPT-DEVEL-090407.NASL", "href": "https://www.tenable.com/plugins/nessus/41395", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41395);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"SuSE 11 Security Update : Ghostscript (SAT Patch Number 752)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"With this update the ghostscript-libarary four vulnerabilities were\nfixed :\n\n - heap-overflow in JBIG2 decoder. (CVE-2009-0196)\n\n - integer overflow in ICC library. (CVE-2009-0792)\n\n - crash in CCITTFax decoder\n\n - buffer overflow in BaseFont writer module\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0196.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0792.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 752.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-fonts-other-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-fonts-rus-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-fonts-std-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-library-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-omni-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-x11-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libgimpprint-4.2.7-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-fonts-other-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-fonts-rus-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-fonts-std-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-library-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-omni-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-x11-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libgimpprint-4.2.7-32.23.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-fonts-other-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-fonts-rus-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-fonts-std-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-library-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-omni-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-x11-8.62-32.23.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libgimpprint-4.2.7-32.23.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:51", "description": "Specially crafted file could cause a heap-overflow in JBIG2 decoder (CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792) or crash the CCITTFax decoder. (CVE-2007-6725)", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : GhostScript (YOU Patch Number 12417)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12417.NASL", "href": "https://www.tenable.com/plugins/nessus/41300", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41300);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"SuSE9 Security Update : GhostScript (YOU Patch Number 12417)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted file could cause a heap-overflow in JBIG2 decoder\n(CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792) or\ncrash the CCITTFax decoder. (CVE-2007-6725)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6725.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0196.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0792.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12417.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"ghostscript-fonts-other-7.07.1rc1-195.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"ghostscript-fonts-rus-7.07.1rc1-195.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"ghostscript-fonts-std-7.07.1rc1-195.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"ghostscript-library-7.07.1rc1-195.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"ghostscript-serv-7.07.1rc1-195.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"ghostscript-x11-7.07.1rc1-195.18\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libgimpprint-4.2.6-46.17\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libgimpprint-devel-4.2.6-46.17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:54", "description": "It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not address all possible integer overflow flaws in Ghostscript's International Color Consortium Format library (icclib). Using specially crafted ICC profiles, an attacker could create a malicious PostScript or PDF file with embedded images that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ghostscript on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090414_GHOSTSCRIPT_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60565", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60565);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"Scientific Linux Security Update : ghostscript on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Red Hat Security Advisory RHSA-2009:0345\ndid not address all possible integer overflow flaws in Ghostscript's\nInternational Color Consortium Format library (icclib). Using\nspecially crafted ICC profiles, an attacker could create a malicious\nPostScript or PDF file with embedded images that could cause\nGhostscript to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found\nin Ghostscript. An attacker could create a specially crafted\nPostScript or PDF file that could cause Ghostscript to crash or,\npotentially, execute arbitrary code when opened. (CVE-2008-6679,\nCVE-2007-6725, CVE-2009-0196)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0904&L=scientific-linux-errata&T=0&P=1568\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5d2c9afd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"ghostscript-7.05-32.1.20\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"ghostscript-devel-7.05-32.1.20\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"hpijs-1.3-32.1.20\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"ghostscript-7.07-33.2.el4_7.8\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ghostscript-devel-7.07-33.2.el4_7.8\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"ghostscript-gtk-7.07-33.2.el4_7.8\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"ghostscript-8.15.2-9.4.el5_3.7\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ghostscript-devel-8.15.2-9.4.el5_3.7\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ghostscript-gtk-8.15.2-9.4.el5_3.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:07", "description": "Specially crafted file could cause a heap-overflow in JBIG2 decoder (CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a buffer overflow in BaseFont writer module (CVE-2008-6679) or crash the CCITTFax decoder (CVE-2007-6725).", "cvss3": {"score": null, "vector": null}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ghostscript-devel (ghostscript-devel-877)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript-devel", "p-cpe:/a:novell:opensuse:ghostscript-fonts-other", "p-cpe:/a:novell:opensuse:ghostscript-fonts-rus", "p-cpe:/a:novell:opensuse:ghostscript-fonts-std", "p-cpe:/a:novell:opensuse:ghostscript-ijs-devel", "p-cpe:/a:novell:opensuse:ghostscript-library", "p-cpe:/a:novell:opensuse:ghostscript-omni", "p-cpe:/a:novell:opensuse:ghostscript-x11", "p-cpe:/a:novell:opensuse:libgimpprint", "p-cpe:/a:novell:opensuse:libgimpprint-devel", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_GHOSTSCRIPT-DEVEL-090513.NASL", "href": "https://www.tenable.com/plugins/nessus/39968", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update ghostscript-devel-877.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39968);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"openSUSE Security Update : ghostscript-devel (ghostscript-devel-877)\");\n script_summary(english:\"Check for the ghostscript-devel-877 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted file could cause a heap-overflow in JBIG2 decoder\n(CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a\nbuffer overflow in BaseFont writer module (CVE-2008-6679) or crash the\nCCITTFax decoder (CVE-2007-6725).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492765\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-devel-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-fonts-other-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-fonts-rus-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-fonts-std-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-ijs-devel-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-library-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-omni-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ghostscript-x11-8.62-17.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libgimpprint-4.2.7-258.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libgimpprint-devel-4.2.7-258.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-devel / ghostscript-fonts-other / ghostscript-fonts-rus / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:22", "description": "This update fixes several security flaws: CVE-2009-0792 (multiple integer overflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing boundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in pdfwrite device).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Fedora 10 : ghostscript-8.63-6.fc10 (2009-3709)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0792"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-3709.NASL", "href": "https://www.tenable.com/plugins/nessus/37055", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3709.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37055);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34340, 34445);\n script_xref(name:\"FEDORA\", value:\"2009-3709\");\n\n script_name(english:\"Fedora 10 : ghostscript-8.63-6.fc10 (2009-3709)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security flaws: CVE-2009-0792 (multiple\ninteger overflows and missing upper-bounds checks in icclib),\nCVE-2009-0196 (missing boundary check in jbig2dec library), and\nCVE-2008-6679 (buffer overflow in pdfwrite device).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=491853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493445\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022406.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f763ae15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"ghostscript-8.63-6.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:33", "description": "New ghostscript packages are available for Slackware 12.1, 12.2, and\n-current to fix security issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-06-30T00:00:00", "type": "nessus", "title": "Slackware 12.1 / 12.2 / current : ghostscript (SSA:2009-181-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:ghostscript", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2"], "id": "SLACKWARE_SSA_2009-181-01.NASL", "href": "https://www.tenable.com/plugins/nessus/39567", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-181-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39567);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34445);\n script_xref(name:\"SSA\", value:\"2009-181-01\");\n\n script_name(english:\"Slackware 12.1 / 12.2 / current : ghostscript (SSA:2009-181-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New ghostscript packages are available for Slackware 12.1, 12.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425842\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c90a1f78\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.1\", pkgname:\"ghostscript\", pkgver:\"8.62\", pkgarch:\"i486\", pkgnum:\"6_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"ghostscript\", pkgver:\"8.63\", pkgarch:\"i486\", pkgnum:\"3_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"ghostscript\", pkgver:\"8.64\", pkgarch:\"i486\", pkgnum:\"2\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"ghostscript\", pkgver:\"8.64\", pkgarch:\"x86_64\", pkgnum:\"2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:34", "description": "Specially crafted file could cause a heap-overflow in JBIG2 decoder (CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a buffer overflow in BaseFont writer module (CVE-2008-6679) or crash the CCITTFax decoder. (CVE-2007-6725)\n\nThe previous security update introduced a regression that broke some printer drives. This new update fixes that issue.", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : GhostScript (SAT Patch Number 876)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other", "p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus", "p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std", "p-cpe:/a:novell:suse_linux:11:ghostscript-library", "p-cpe:/a:novell:suse_linux:11:ghostscript-omni", "p-cpe:/a:novell:suse_linux:11:ghostscript-x11", "p-cpe:/a:novell:suse_linux:11:libgimpprint", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GHOSTSCRIPT-DEVEL-090513.NASL", "href": "https://www.tenable.com/plugins/nessus/41396", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41396);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"SuSE 11 Security Update : GhostScript (SAT Patch Number 876)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted file could cause a heap-overflow in JBIG2 decoder\n(CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a\nbuffer overflow in BaseFont writer module (CVE-2008-6679) or crash the\nCCITTFax decoder. (CVE-2007-6725)\n\nThe previous security update introduced a regression that broke some\nprinter drives. This new update fixes that issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6725.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-6679.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0196.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0792.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 876.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-fonts-other-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-fonts-rus-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-fonts-std-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-library-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-omni-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"ghostscript-x11-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libgimpprint-4.2.7-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-fonts-other-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-fonts-rus-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-fonts-std-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-library-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-omni-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"ghostscript-x11-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libgimpprint-4.2.7-32.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-fonts-other-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-fonts-rus-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-fonts-std-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-library-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-omni-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ghostscript-x11-8.62-32.25.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libgimpprint-4.2.7-32.25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:25", "description": "Specially crafted file could cause a heap-overflow in JBIG2 decoder (CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a buffer overflow in BaseFont writer module (CVE-2008-6679) or crash the CCITTFax decoder (CVE-2007-6725).", "cvss3": {"score": null, "vector": null}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ghostscript-devel (ghostscript-devel-877)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript-devel", "p-cpe:/a:novell:opensuse:ghostscript-fonts-other", "p-cpe:/a:novell:opensuse:ghostscript-fonts-rus", "p-cpe:/a:novell:opensuse:ghostscript-fonts-std", "p-cpe:/a:novell:opensuse:ghostscript-ijs-devel", "p-cpe:/a:novell:opensuse:ghostscript-library", "p-cpe:/a:novell:opensuse:ghostscript-omni", "p-cpe:/a:novell:opensuse:ghostscript-x11", "p-cpe:/a:novell:opensuse:libgimpprint", "p-cpe:/a:novell:opensuse:libgimpprint-devel", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_GHOSTSCRIPT-DEVEL-090514.NASL", "href": "https://www.tenable.com/plugins/nessus/40220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update ghostscript-devel-877.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40220);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"openSUSE Security Update : ghostscript-devel (ghostscript-devel-877)\");\n script_summary(english:\"Check for the ghostscript-devel-877 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted file could cause a heap-overflow in JBIG2 decoder\n(CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a\nbuffer overflow in BaseFont writer module (CVE-2008-6679) or crash the\nCCITTFax decoder (CVE-2007-6725).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492765\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-devel-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-fonts-other-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-fonts-rus-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-fonts-std-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-ijs-devel-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-library-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-omni-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ghostscript-x11-8.62-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libgimpprint-4.2.7-31.43.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libgimpprint-devel-4.2.7-31.43.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-devel / ghostscript-fonts-other / ghostscript-fonts-rus / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:46", "description": "Specially crafted file could cause a heap-overflow in JBIG2 decoder (CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a buffer overflow in BaseFont writer module (CVE-2008-6679) or crash the CCITTFax decoder. (CVE-2007-6725)", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : GhostScript (ZYPP Patch Number 6245)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GHOSTSCRIPT-FONTS-OTHER-6245.NASL", "href": "https://www.tenable.com/plugins/nessus/41513", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41513);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"SuSE 10 Security Update : GhostScript (ZYPP Patch Number 6245)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted file could cause a heap-overflow in JBIG2 decoder\n(CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a\nbuffer overflow in BaseFont writer module (CVE-2008-6679) or crash the\nCCITTFax decoder. (CVE-2007-6725)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6725.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-6679.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0196.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0792.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6245.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"ghostscript-fonts-other-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"ghostscript-fonts-std-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"ghostscript-library-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"ghostscript-x11-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libgimpprint-4.2.7-62.22\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ghostscript-fonts-other-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ghostscript-fonts-rus-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ghostscript-fonts-std-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ghostscript-library-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ghostscript-omni-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"ghostscript-x11-8.15.4-16.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libgimpprint-4.2.7-62.22\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"libgimpprint-devel-4.2.7-62.23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:23", "description": "This update fixes several security flaws: CVE-2009-0792 (multiple integer overflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing boundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in pdfwrite device).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-16T00:00:00", "type": "nessus", "title": "Fedora 9 : ghostscript-8.63-3.fc9 (2009-3710)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0792"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ghostscript", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2009-3710.NASL", "href": "https://www.tenable.com/plugins/nessus/36166", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-3710.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36166);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34340, 34445);\n script_xref(name:\"FEDORA\", value:\"2009-3710\");\n\n script_name(english:\"Fedora 9 : ghostscript-8.63-3.fc9 (2009-3710)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several security flaws: CVE-2009-0792 (multiple\ninteger overflows and missing upper-bounds checks in icclib),\nCVE-2009-0196 (missing boundary check in jbig2dec library), and\nCVE-2008-6679 (buffer overflow in pdfwrite device).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=491853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493445\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-April/022407.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a82a6823\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"ghostscript-8.63-3.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:56", "description": "Specially crafted file could cause a heap-overflow in JBIG2 decoder (CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a buffer overflow in BaseFont writer module (CVE-2008-6679) or crash the CCITTFax decoder (CVE-2007-6725).", "cvss3": {"score": null, "vector": null}, "published": "2009-05-18T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : ghostscript-devel (ghostscript-devel-6246)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ghostscript-fonts-other", "p-cpe:/a:novell:opensuse:ghostscript-fonts-rus", "p-cpe:/a:novell:opensuse:ghostscript-fonts-std", "p-cpe:/a:novell:opensuse:ghostscript-ijs-devel", "p-cpe:/a:novell:opensuse:ghostscript-library", "p-cpe:/a:novell:opensuse:ghostscript-omni", "p-cpe:/a:novell:opensuse:ghostscript-x11", "p-cpe:/a:novell:opensuse:libgimpprint", "p-cpe:/a:novell:opensuse:libgimpprint-devel", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_GHOSTSCRIPT-DEVEL-6246.NASL", "href": "https://www.tenable.com/plugins/nessus/38807", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update ghostscript-devel-6246.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38807);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\");\n\n script_name(english:\"openSUSE 10 Security Update : ghostscript-devel (ghostscript-devel-6246)\");\n script_summary(english:\"Check for the ghostscript-devel-6246 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted file could cause a heap-overflow in JBIG2 decoder\n(CVE-2009-0196), an integer overflow in ICC library (CVE-2009-0792), a\nbuffer overflow in BaseFont writer module (CVE-2008-6679) or crash the\nCCITTFax decoder (CVE-2007-6725).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-rus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-fonts-std\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-ijs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-library\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-omni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ghostscript-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libgimpprint-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-fonts-other-8.15.4-3.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-fonts-rus-8.15.4-3.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-fonts-std-8.15.4-3.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-ijs-devel-8.15.4-3.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-library-8.15.4-3.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-omni-8.15.4-3.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"ghostscript-x11-8.15.4-3.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libgimpprint-4.2.7-178.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libgimpprint-devel-4.2.7-178.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript-fonts-other / ghostscript-fonts-rus / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:26", "description": "Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nGhostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not address all possible integer overflow flaws in Ghostscript's International Color Consortium Format library (icclib). Using specially crafted ICC profiles, an attacker could create a malicious PostScript or PDF file with embedded images that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for responsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : ghostscript (CESA-2009:0421)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0792"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ghostscript", "p-cpe:/a:centos:centos:ghostscript-devel", "p-cpe:/a:centos:centos:ghostscript-gtk", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-0421.NASL", "href": "https://www.tenable.com/plugins/nessus/43741", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0421 and \n# CentOS Errata and Security Advisory 2009:0421 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43741);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34337, 34340, 34445);\n script_xref(name:\"RHSA\", value:\"2009:0421\");\n\n script_name(english:\"CentOS 5 : ghostscript (CESA-2009:0421)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ghostscript packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGhostscript is a set of software that provides a PostScript\ninterpreter, a set of C procedures (the Ghostscript library, which\nimplements the graphics capabilities in the PostScript language) and\nan interpreter for Portable Document Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345\ndid not address all possible integer overflow flaws in Ghostscript's\nInternational Color Consortium Format library (icclib). Using\nspecially crafted ICC profiles, an attacker could create a malicious\nPostScript or PDF file with embedded images that could cause\nGhostscript to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found\nin Ghostscript. An attacker could create a specially crafted\nPostScript or PDF file that could cause Ghostscript to crash or,\npotentially, execute arbitrary code when opened. (CVE-2008-6679,\nCVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015790.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c4824992\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015791.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?853a0eb2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-8.15.2-9.4.el5_3.7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-devel-8.15.2-9.4.el5_3.7\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ghostscript-gtk-8.15.2-9.4.el5_3.7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-gtk\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:03", "description": "Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nGhostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not address all possible integer overflow flaws in Ghostscript's International Color Consortium Format library (icclib). Using specially crafted ICC profiles, an attacker could create a malicious PostScript or PDF file with embedded images that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for responsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-15T00:00:00", "type": "nessus", "title": "RHEL 5 : ghostscript (RHSA-2009:0421)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ghostscript", "p-cpe:/a:redhat:enterprise_linux:ghostscript-devel", "p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-0421.NASL", "href": "https://www.tenable.com/plugins/nessus/36160", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0421. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36160);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34337, 34340, 34445);\n script_xref(name:\"RHSA\", value:\"2009:0421\");\n\n script_name(english:\"RHEL 5 : ghostscript (RHSA-2009:0421)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ghostscript packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGhostscript is a set of software that provides a PostScript\ninterpreter, a set of C procedures (the Ghostscript library, which\nimplements the graphics capabilities in the PostScript language) and\nan interpreter for Portable Document Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345\ndid not address all possible integer overflow flaws in Ghostscript's\nInternational Color Consortium Format library (icclib). Using\nspecially crafted ICC profiles, an attacker could create a malicious\nPostScript or PDF file with embedded images that could cause\nGhostscript to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found\nin Ghostscript. An attacker could create a specially crafted\nPostScript or PDF file that could cause Ghostscript to crash or,\npotentially, execute arbitrary code when opened. (CVE-2008-6679,\nCVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6725\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-6679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0421\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected ghostscript, ghostscript-devel and / or\nghostscript-gtk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0421\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"ghostscript-8.15.2-9.4.el5_3.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ghostscript-devel-8.15.2-9.4.el5_3.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ghostscript-gtk-8.15.2-9.4.el5_3.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ghostscript-gtk-8.15.2-9.4.el5_3.7\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ghostscript-gtk-8.15.2-9.4.el5_3.7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-gtk\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:54:33", "description": "From Red Hat Security Advisory 2009:0421 :\n\nUpdated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nGhostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not address all possible integer overflow flaws in Ghostscript's International Color Consortium Format library (icclib). Using specially crafted ICC profiles, an attacker could create a malicious PostScript or PDF file with embedded images that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in Ghostscript. An attacker could create a specially crafted PostScript or PDF file that could cause Ghostscript to crash or, potentially, execute arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for responsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : ghostscript (ELSA-2009-0421)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0792"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ghostscript", "p-cpe:/a:oracle:linux:ghostscript-devel", "p-cpe:/a:oracle:linux:ghostscript-gtk", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0421.NASL", "href": "https://www.tenable.com/plugins/nessus/67841", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0421 and \n# Oracle Linux Security Advisory ELSA-2009-0421 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67841);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34337, 34340, 34445);\n script_xref(name:\"RHSA\", value:\"2009:0421\");\n\n script_name(english:\"Oracle Linux 5 : ghostscript (ELSA-2009-0421)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0421 :\n\nUpdated ghostscript packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGhostscript is a set of software that provides a PostScript\ninterpreter, a set of C procedures (the Ghostscript library, which\nimplements the graphics capabilities in the PostScript language) and\nan interpreter for Portable Document Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345\ndid not address all possible integer overflow flaws in Ghostscript's\nInternational Color Consortium Format library (icclib). Using\nspecially crafted ICC profiles, an attacker could create a malicious\nPostScript or PDF file with embedded images that could cause\nGhostscript to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found\nin Ghostscript. An attacker could create a specially crafted\nPostScript or PDF file that could cause Ghostscript to crash or,\npotentially, execute arbitrary code when opened. (CVE-2008-6679,\nCVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-April/000964.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ghostscript packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ghostscript-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-8.15.2-9.4.el5_3.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-devel-8.15.2-9.4.el5_3.7\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ghostscript-gtk-8.15.2-9.4.el5_3.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-devel / ghostscript-gtk\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:31", "description": "A buffer underflow in Ghostscript's CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file (CVE-2007-6725).\n\nBuffer overflow in Ghostscript's BaseFont writer module allows remote attackers to cause a denial of service and possibly to execute arbitrary code via a crafted Postscript file (CVE-2008-6679).\n\nMultiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code by using either a PostScript or PDF file with crafte embedded images (CVE-2009-0583, CVE-2009-0584).\n\nMultiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code by using either a PostScript or PDF file with crafte embedded images. Note: this issue exists because of an incomplete fix for CVE-2009-0583 (CVE-2009-0792).\n\nHeap-based overflow in Ghostscript's JBIG2 decoding library allows attackers to cause denial of service and possibly to execute arbitrary code by using a crafted PDF file (CVE-2009-0196).\n\nThis update provides fixes for that vulnerabilities.\n\nUpdate :\n\ngostscript packages from Mandriva Linux 2009.0 distribution are not affected by CVE-2007-6725.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-27T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : ghostscript (MDVSA-2009:095)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:ghostscript", "p-cpe:/a:mandriva:linux:ghostscript-X", "p-cpe:/a:mandriva:linux:ghostscript-common", "p-cpe:/a:mandriva:linux:ghostscript-doc", "p-cpe:/a:mandriva:linux:ghostscript-dvipdf", "p-cpe:/a:mandriva:linux:ghostscript-module-X", "p-cpe:/a:mandriva:linux:lib64gs8", "p-cpe:/a:mandriva:linux:lib64gs8-devel", "p-cpe:/a:mandriva:linux:lib64ijs1", "p-cpe:/a:mandriva:linux:lib64ijs1-devel", "p-cpe:/a:mandriva:linux:libgs8", "p-cpe:/a:mandriva:linux:libgs8-devel", "p-cpe:/a:mandriva:linux:libijs1", "p-cpe:/a:mandriva:linux:libijs1-devel", "cpe:/o:mandriva:linux:2008.1", "cpe:/o:mandriva:linux:2009.0"], "id": "MANDRIVA_MDVSA-2009-095.NASL", "href": "https://www.tenable.com/plugins/nessus/38164", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:095. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38164);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34337, 34340, 34445);\n script_xref(name:\"MDVSA\", value:\"2009:095\");\n\n script_name(english:\"Mandriva Linux Security Advisory : ghostscript (MDVSA-2009:095)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer underflow in Ghostscript's CCITTFax decoding filter allows\nremote attackers to cause denial of service and possibly to execute\narbitrary by using a crafted PDF file (CVE-2007-6725).\n\nBuffer overflow in Ghostscript's BaseFont writer module allows remote\nattackers to cause a denial of service and possibly to execute\narbitrary code via a crafted Postscript file (CVE-2008-6679).\n\nMultiple interger overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial of\nservice (heap-based buffer overflow and application crash) and\npossibly execute arbitrary code by using either a PostScript or PDF\nfile with crafte embedded images (CVE-2009-0583, CVE-2009-0584).\n\nMultiple interger overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial of\nservice (heap-based buffer overflow and application crash) and\npossibly execute arbitrary code by using either a PostScript or PDF\nfile with crafte embedded images. Note: this issue exists because of\nan incomplete fix for CVE-2009-0583 (CVE-2009-0792).\n\nHeap-based overflow in Ghostscript's JBIG2 decoding library allows\nattackers to cause denial of service and possibly to execute arbitrary\ncode by using a crafted PDF file (CVE-2009-0196).\n\nThis update provides fixes for that vulnerabilities.\n\nUpdate :\n\ngostscript packages from Mandriva Linux 2009.0 distribution are not\naffected by CVE-2007-6725.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-dvipdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-module-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ghostscript-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ghostscript-X-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ghostscript-common-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ghostscript-doc-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ghostscript-dvipdf-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ghostscript-module-X-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64gs8-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64gs8-devel-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64ijs1-0.35-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64ijs1-devel-0.35-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libgs8-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libgs8-devel-8.61-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libijs1-0.35-60.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libijs1-devel-0.35-60.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"ghostscript-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ghostscript-X-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ghostscript-common-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ghostscript-doc-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ghostscript-dvipdf-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ghostscript-module-X-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64gs8-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64gs8-devel-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64ijs1-0.35-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64ijs1-devel-0.35-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libgs8-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libgs8-devel-8.63-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libijs1-0.35-62.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libijs1-devel-0.35-62.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:23", "description": "It was discovered that Ghostscript contained a buffer underflow in its CCITTFax decoding filter. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2007-6725)\n\nIt was discovered that Ghostscript contained a buffer overflow in the BaseFont writer module. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2008-6679)\n\nIt was discovered that Ghostscript contained additional integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript or PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0792)\n\nAlin Rad Pop discovered that Ghostscript contained a buffer overflow in the jbig2dec library. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0196)\n\nUSN-743-1 provided updated ghostscript and gs-gpl packages to fix two security vulnerabilities. This update corrects the same vulnerabilities in the gs-esp package.\n\nIt was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0583)\n\nIt was discovered that Ghostscript did not properly perform bounds checking in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0584).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : ghostscript, gs-esp, gs-gpl vulnerabilities (USN-757-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:ghostscript", "p-cpe:/a:canonical:ubuntu_linux:ghostscript-doc", "p-cpe:/a:canonical:ubuntu_linux:ghostscript-x", "p-cpe:/a:canonical:ubuntu_linux:gs", "p-cpe:/a:canonical:ubuntu_linux:gs-aladdin", "p-cpe:/a:canonical:ubuntu_linux:gs-common", "p-cpe:/a:canonical:ubuntu_linux:gs-esp", "p-cpe:/a:canonical:ubuntu_linux:gs-esp-x", "p-cpe:/a:canonical:ubuntu_linux:gs-gpl", "p-cpe:/a:canonical:ubuntu_linux:libgs-dev", "p-cpe:/a:canonical:ubuntu_linux:libgs-esp-dev", "p-cpe:/a:canonical:ubuntu_linux:libgs8", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-757-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37438", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-757-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37438);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\");\n script_bugtraq_id(34184, 34337, 34340, 34445);\n script_xref(name:\"USN\", value:\"757-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : ghostscript, gs-esp, gs-gpl vulnerabilities (USN-757-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Ghostscript contained a buffer underflow in its\nCCITTFax decoding filter. If a user or automated system were tricked\ninto opening a crafted PDF file, an attacker could cause a denial of\nservice or execute arbitrary code with privileges of the user invoking\nthe program. (CVE-2007-6725)\n\nIt was discovered that Ghostscript contained a buffer overflow in the\nBaseFont writer module. If a user or automated system were tricked\ninto opening a crafted Postscript file, an attacker could cause a\ndenial of service or execute arbitrary code with privileges of the\nuser invoking the program. (CVE-2008-6679)\n\nIt was discovered that Ghostscript contained additional integer\noverflows in its ICC color management library. If a user or automated\nsystem were tricked into opening a crafted Postscript or PDF file, an\nattacker could cause a denial of service or execute arbitrary code\nwith privileges of the user invoking the program. (CVE-2009-0792)\n\nAlin Rad Pop discovered that Ghostscript contained a buffer overflow\nin the jbig2dec library. If a user or automated system were tricked\ninto opening a crafted PDF file, an attacker could cause a denial of\nservice or execute arbitrary code with privileges of the user invoking\nthe program. (CVE-2009-0196)\n\nUSN-743-1 provided updated ghostscript and gs-gpl packages to fix two\nsecurity vulnerabilities. This update corrects the same\nvulnerabilities in the gs-esp package.\n\nIt was discovered that Ghostscript contained multiple integer\noverflows in its ICC color management library. If a user or automated\nsystem were tricked into opening a crafted Postscript file, an\nattacker could cause a denial of service or execute arbitrary code\nwith privileges of the user invoking the program. (CVE-2009-0583)\n\nIt was discovered that Ghostscript did not properly perform\nbounds checking in its ICC color management library. If a\nuser or automated system were tricked into opening a crafted\nPostscript file, an attacker could cause a denial of service\nor execute arbitrary code with privileges of the user\ninvoking the program. (CVE-2009-0584).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/757-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ghostscript-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-aladdin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-esp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-esp-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gs-gpl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs-esp-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgs8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gs\", pkgver:\"8.15-4ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gs-esp\", pkgver:\"8.15.2.dfsg.0ubuntu1-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gs-gpl\", pkgver:\"8.15-4ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"ghostscript\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"ghostscript-doc\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"ghostscript-x\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gs\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gs-aladdin\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gs-common\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gs-esp\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gs-esp-x\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gs-gpl\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libgs-dev\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libgs-esp-dev\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libgs8\", pkgver:\"8.61.dfsg.1-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"ghostscript\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"ghostscript-doc\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"ghostscript-x\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"gs\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"gs-aladdin\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"gs-common\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"gs-esp\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"gs-esp-x\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"gs-gpl\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libgs-dev\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libgs-esp-dev\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libgs8\", pkgver:\"8.63.dfsg.1-0ubuntu6.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ghostscript / ghostscript-doc / ghostscript-x / gs / gs-aladdin / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:38", "description": "Several security issues have been discovered in Ghostscript, a GPL PostScript/PDF interpreter, which might lead to the execution of arbitrary code if a user processes a malformed PDF or Postscript file.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-03T00:00:00", "type": "nessus", "title": "Debian DSA-2080-1 : ghostscript - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-3522", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792", "CVE-2009-4270", "CVE-2010-1869"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ghostscript", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2080.NASL", "href": "https://www.tenable.com/plugins/nessus/48223", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2080. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48223);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-3522\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-4270\", \"CVE-2010-1869\");\n script_bugtraq_id(31470, 34184, 34337, 34340, 34445, 37410, 40103);\n script_xref(name:\"DSA\", value:\"2080\");\n\n script_name(english:\"Debian DSA-2080-1 : ghostscript - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security issues have been discovered in Ghostscript, a GPL\nPostScript/PDF interpreter, which might lead to the execution of\narbitrary code if a user processes a malformed PDF or Postscript file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2080\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ghostscript packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 8.62.dfsg.1-3.2lenny4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript-doc\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"ghostscript-x\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-aladdin\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-common\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-esp\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"gs-gpl\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libgs-dev\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libgs8\", reference:\"8.62.dfsg.1-3.2lenny4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:54", "description": "Multiple security vulnerabilities has been identified and fixed in ghostscript :\n\nA buffer underflow in Ghostscript's CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file (CVE-2007-6725).\n\nBuffer overflow in Ghostscript's BaseFont writer module allows remote attackers to cause a denial of service and possibly to execute arbitrary code via a crafted Postscript file (CVE-2008-6679).\n\nMultiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code by using either a PostScript or PDF file with crafte embedded images (CVE-2009-0583, CVE-2009-0584).\n\nMultiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code by using either a PostScript or PDF file with crafte embedded images. Note: this issue exists because of an incomplete fix for CVE-2009-0583 (CVE-2009-0792).\n\nHeap-based overflow in Ghostscript's JBIG2 decoding library allows attackers to cause denial of service and possibly to execute arbitrary code by using a crafted PDF file (CVE-2009-0196).\n\nMultiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation (CVE-2008-3520).\n\nBuffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (CVE-2008-3522).\n\nPreviousely the ghostscript packages were statically built against a bundled and private copy of the jasper library. This update makes ghostscript link against the shared system jasper library which makes it easier to address presumptive future security issues in the jasper library.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers\n\nThis update provides fixes for that vulnerabilities.", "cvss3": {"score": null, "vector": null}, "published": "2009-12-04T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : ghostscript (MDVSA-2009:311)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6725", "CVE-2008-3520", "CVE-2008-3522", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:ghostscript", "p-cpe:/a:mandriva:linux:ghostscript-X", "p-cpe:/a:mandriva:linux:ghostscript-common", "p-cpe:/a:mandriva:linux:ghostscript-doc", "p-cpe:/a:mandriva:linux:ghostscript-dvipdf", "p-cpe:/a:mandriva:linux:ghostscript-module-X", "p-cpe:/a:mandriva:linux:lib64gs8", "p-cpe:/a:mandriva:linux:lib64gs8-devel", "p-cpe:/a:mandriva:linux:lib64ijs1", "p-cpe:/a:mandriva:linux:lib64ijs1-devel", "p-cpe:/a:mandriva:linux:libgs8", "p-cpe:/a:mandriva:linux:libgs8-devel", "p-cpe:/a:mandriva:linux:libijs1", "p-cpe:/a:mandriva:linux:libijs1-devel", "cpe:/o:mandriva:linux:2008.0"], "id": "MANDRIVA_MDVSA-2009-311.NASL", "href": "https://www.tenable.com/plugins/nessus/42997", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:311. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42997);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2007-6725\",\n \"CVE-2008-3520\",\n \"CVE-2008-3522\",\n \"CVE-2008-6679\",\n \"CVE-2009-0196\",\n \"CVE-2009-0583\",\n \"CVE-2009-0584\",\n \"CVE-2009-0792\"\n );\n script_bugtraq_id(\n 31470,\n 34184,\n 34337,\n 34340,\n 34445\n );\n script_xref(name:\"MDVSA\", value:\"2009:311\");\n\n script_name(english:\"Mandriva Linux Security Advisory : ghostscript (MDVSA-2009:311)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities has been identified and fixed in\nghostscript :\n\nA buffer underflow in Ghostscript's CCITTFax decoding filter allows\nremote attackers to cause denial of service and possibly to execute\narbitrary by using a crafted PDF file (CVE-2007-6725).\n\nBuffer overflow in Ghostscript's BaseFont writer module allows remote\nattackers to cause a denial of service and possibly to execute\narbitrary code via a crafted Postscript file (CVE-2008-6679).\n\nMultiple interger overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial of\nservice (heap-based buffer overflow and application crash) and\npossibly execute arbitrary code by using either a PostScript or PDF\nfile with crafte embedded images (CVE-2009-0583, CVE-2009-0584).\n\nMultiple interger overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial of\nservice (heap-based buffer overflow and application crash) and\npossibly execute arbitrary code by using either a PostScript or PDF\nfile with crafte embedded images. Note: this issue exists because of\nan incomplete fix for CVE-2009-0583 (CVE-2009-0792).\n\nHeap-based overflow in Ghostscript's JBIG2 decoding library allows\nattackers to cause denial of service and possibly to execute arbitrary\ncode by using a crafted PDF file (CVE-2009-0196).\n\nMultiple integer overflows in JasPer 1.900.1 might allow\ncontext-dependent attackers to have an unknown impact via a crafted\nimage file, related to integer multiplication for memory allocation\n(CVE-2008-3520).\n\nBuffer overflow in the jas_stream_printf function in\nlibjasper/base/jas_stream.c in JasPer 1.900.1 might allow\ncontext-dependent attackers to have an unknown impact via vectors\nrelated to the mif_hdr_put function and use of vsprintf\n(CVE-2008-3522).\n\nPreviousely the ghostscript packages were statically built against a\nbundled and private copy of the jasper library. This update makes\nghostscript link against the shared system jasper library which makes\nit easier to address presumptive future security issues in the jasper\nlibrary.\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\n\nThis update provides fixes for that vulnerabilities.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-dvipdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ghostscript-module-X\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ijs1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgs8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libijs1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-X-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-common-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-doc-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-dvipdf-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"ghostscript-module-X-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64gs8-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64gs8-devel-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64ijs1-0.35-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64ijs1-devel-0.35-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libgs8-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libgs8-devel-8.60-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libijs1-0.35-55.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libijs1-devel-0.35-55.3mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:47:35", "description": "The remote host is affected by the vulnerability described in GLSA-201412-17 (GPL Ghostscript: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-3743", "CVE-2009-4270", "CVE-2009-4897", "CVE-2010-1628", "CVE-2010-2055", "CVE-2010-4054", "CVE-2012-4405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:ghostscript-gpl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-17.NASL", "href": "https://www.tenable.com/plugins/nessus/79970", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-17.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79970);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-3743\", \"CVE-2009-4270\", \"CVE-2009-4897\", \"CVE-2010-1628\", \"CVE-2010-2055\", \"CVE-2010-4054\", \"CVE-2012-4405\");\n script_bugtraq_id(34184, 34445, 37410, 40107, 40467, 41593, 42640, 43932, 55494);\n script_xref(name:\"GLSA\", value:\"201412-17\");\n\n script_name(english:\"GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-17\n(GPL Ghostscript: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GPL Ghostscript. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could entice a user to open a specially\n crafted PostScript file or PDF using GPL Ghostscript, possibly resulting\n in execution of arbitrary code with the privileges of the process or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GPL Ghostscript users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-text/ghostscript-gpl-9.10-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ghostscript-gpl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-text/ghostscript-gpl\", unaffected:make_list(\"ge 9.10-r2\"), vulnerable:make_list(\"lt 9.10-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GPL Ghostscript\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-26T08:55:48", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Ghostscript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65650", "href": "http://plugins.openvas.org/nasl.php?oid=65650", "sourceData": "#\n#VID 821fdfa281de6b75cdc24c1e4f935e7e\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Ghostscript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=489622\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=491897\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=492765\");\n script_id(65650);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for Ghostscript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:17", "description": "This host is installed with Ghostscript and is prone to\n Buffer Overflow Vulnerability.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792"], "modified": "2017-01-20T00:00:00", "id": "OPENVAS:900540", "href": "http://plugins.openvas.org/nasl.php?oid=900540", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ghostscript_mult_bof_vuln_win.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows).\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation allows the attacker to execute arbitrary code in\n the context of the affected application and can cause denial of service.\n Impact Level: Application\";\ntag_affected = \"Ghostscript version 8.64 and prior on Windows.\";\ntag_insight = \"These flaws arise due to,\n - a boundary error in the jbig2_symbol_dict.c() function in the JBIG2\n decoding library (jbig2dec) while decoding JBIG2 symbol dictionary\n segments.\n - multiple integer overflows in icc.c in the ICC Format library while\n processing malformed PDF and PostScript files with embedded images.\";\ntag_solution = \"Upgrade to Ghostscript version 8.71 or later.\n For updates refer to http://ghostscript.com/releases/\";\ntag_summary = \"This host is installed with Ghostscript and is prone to\n Buffer Overflow Vulnerability.\";\n\nif(description)\n{\n script_id(900540);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 07:58:48 +0200 (Tue, 28 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-0792\", \"CVE-2009-0196\");\n script_bugtraq_id(34445, 34184);\n script_name(\"Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/34292\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2009/0983\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/alerts/2009/Apr/1022029.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_ghostscript_detect_win.nasl\");\n script_require_keys(\"Ghostscript/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nghostVer = get_kb_item(\"Ghostscript/Win/Ver\");\nif(!ghostVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:ghostVer, test_version:\"8.64\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-27T20:38:19", "description": "This host is installed with Ghostscript and is prone to\n a buffer overflow vulnerability.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Ghostscript < 8.71 Multiple Buffer Overflow Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792"], "modified": "2020-01-25T00:00:00", "id": "OPENVAS:1361412562310900542", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900542", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ghostscript Multiple Buffer Overflow Vulnerabilities (Linux).\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:ghostscript:ghostscript\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900542\");\n script_version(\"2020-01-25T06:51:23+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-25 06:51:23 +0000 (Sat, 25 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 07:58:48 +0200 (Tue, 28 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-0792\", \"CVE-2009-0196\");\n script_bugtraq_id(34445, 34184);\n script_name(\"Ghostscript < 8.71 Multiple Buffer Overflow Vulnerabilities (Linux)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_ghostscript_detect_lin.nasl\");\n script_mandatory_keys(\"ghostscript/detected\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34292\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2009/0983\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/alerts/2009/Apr/1022029.html\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows an attacker to execute arbitrary code in\n the context of the affected application and to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Ghostscript version 8.64 and prior.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to:\n\n - A boundary error in the jbig2_symbol_dict.c() function in the JBIG2\n decoding library (jbig2dec) while decoding JBIG2 symbol dictionary segments.\n\n - multiple integer overflows in icc.c in the ICC Format library while\n processing malformed PDF and PostScript files with embedded images.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Ghostscript version 8.71 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Ghostscript and is prone to\n a buffer overflow vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nlocation = infos[\"location\"];\nversion = infos[\"version\"];\n\nif(version_is_less_equal(version:version, test_version:\"8.64\")) {\n report = report_fixed_ver(installed_version:version, fixed_version:\"8.71\", install_path:location);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-29T22:26:35", "description": "This host is installed with Ghostscript and is prone to\n Buffer Overflow Vulnerability.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792"], "modified": "2020-04-27T00:00:00", "id": "OPENVAS:1361412562310900540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900540", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows).\n#\n# Authors:\n# Nikita MR <rnikita@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900540\");\n script_version(\"2020-04-27T09:00:11+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-27 09:00:11 +0000 (Mon, 27 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 07:58:48 +0200 (Tue, 28 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-0792\", \"CVE-2009-0196\");\n script_bugtraq_id(34445, 34184);\n script_name(\"Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34292\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2009/0983\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/alerts/2009/Apr/1022029.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_ghostscript_detect_win.nasl\");\n script_mandatory_keys(\"Ghostscript/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation allows the attacker to execute arbitrary code in\n the context of the affected application and can cause denial of service.\");\n script_tag(name:\"affected\", value:\"Ghostscript version 8.64 and prior on Windows.\");\n script_tag(name:\"insight\", value:\"These flaws arise due to,\n\n - a boundary error in the jbig2_symbol_dict.c() function in the JBIG2\n decoding library (jbig2dec) while decoding JBIG2 symbol dictionary\n segments.\n\n - multiple integer overflows in icc.c in the ICC Format library while\n processing malformed PDF and PostScript files with embedded images.\");\n script_tag(name:\"solution\", value:\"Upgrade to Ghostscript version 8.71 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Ghostscript and is prone to\n Buffer Overflow Vulnerability.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://ghostscript.com/releases/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nghostVer = get_kb_item(\"Ghostscript/Win/Ver\");\nif(!ghostVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:ghostVer, test_version:\"8.64\")){\n report = report_fixed_ver(installed_version:ghostVer, vulnerable_range:\"Less than or equal to 8.64\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:39:00", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Ghostscript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065650", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065650", "sourceData": "#\n#VID 821fdfa281de6b75cdc24c1e4f935e7e\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Ghostscript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=489622\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=491897\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=492765\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65650\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for Ghostscript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~32.23.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:27", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-serv\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5049760 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for GhostScript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065559", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065559", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5049760.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for GhostScript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-serv\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5049760 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65559\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2007-6725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for GhostScript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.18\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:37", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-serv\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5049760 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for GhostScript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65559", "href": "http://plugins.openvas.org/nasl.php?oid=65559", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5049760.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for GhostScript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-serv\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5049760 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65559);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2007-6725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for GhostScript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~7.07.1rc1~195.18\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:51:03", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-181-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-181-01 ghostscript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2009-0583"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64381", "href": "http://plugins.openvas.org/nasl.php?oid=64381", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_181_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New ghostscript packages are available for Slackware 12.1, 12.2, and -current\nto fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-181-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-181-01\";\n \nif(description)\n{\n script_id(64381);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2009-181-01 ghostscript \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"ghostscript\", ver:\"8.62-i486-6_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"ghostscript\", ver:\"8.63-i486-3_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:52", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for GhostScript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065665", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065665", "sourceData": "#\n#VID ab7a3ecdd7f2b22db74d66fd6e23832b\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for GhostScript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=489622\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=491897\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=492765\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65665\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2007-6725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for GhostScript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:08", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for GhostScript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065867", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065867", "sourceData": "#\n#VID slesp2-ghostscript-fonts-other-6245\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for GhostScript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65867\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2007-6725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for GhostScript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.22\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.23\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:43", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-181-01.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2009-181-01 ghostscript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2009-0583"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231064381", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064381", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_181_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64381\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2009-181-01 ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(12\\.1|12\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-181-01\");\n\n script_tag(name:\"insight\", value:\"New ghostscript packages are available for Slackware 12.1, 12.2, and -current\nto fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2009-181-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"ghostscript\", ver:\"8.62-i486-6_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"ghostscript\", ver:\"8.63-i486-3_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-26T08:55:30", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for GhostScript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65867", "href": "http://plugins.openvas.org/nasl.php?oid=65867", "sourceData": "#\n#VID slesp2-ghostscript-fonts-other-6245\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for GhostScript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n libgimpprint-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65867);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2007-6725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for GhostScript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.15.4~16.11\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~62.22\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint-devel\", rpm:\"libgimpprint-devel~4.2.7~62.23\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:05", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for GhostScript", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65665", "href": "http://plugins.openvas.org/nasl.php?oid=65665", "sourceData": "#\n#VID ab7a3ecdd7f2b22db74d66fd6e23832b\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for GhostScript\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ghostscript-fonts-other\n ghostscript-fonts-rus\n ghostscript-fonts-std\n ghostscript-library\n ghostscript-omni\n ghostscript-x11\n libgimpprint\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=489622\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=491897\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=492765\");\n script_id(65665);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2007-6725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for GhostScript\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-other\", rpm:\"ghostscript-fonts-other~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-rus\", rpm:\"ghostscript-fonts-rus~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-fonts-std\", rpm:\"ghostscript-fonts-std~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-library\", rpm:\"ghostscript-library~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-omni\", rpm:\"ghostscript-omni~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-x11\", rpm:\"ghostscript-x11~8.62~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgimpprint\", rpm:\"libgimpprint~4.2.7~32.25.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:13", "description": "Oracle Linux Local Security Checks ELSA-2009-0421", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122495", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122495", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0421.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122495\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:40 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0421\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0421 - ghostscript security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0421\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0421.html\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2008-6679\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15.2~9.4.el5_3.7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.15.2~9.4.el5_3.7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.15.2~9.4.el5_3.7\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:39:20", "description": "The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3709.", "cvss3": {}, "published": "2009-04-20T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-3709 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063835", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063835", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3709.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3709 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security flaws: CVE-2009-0792 (multiple integer\noverflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing\nboundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in\npdfwrite device).\n\nChangeLog:\n\n* Wed Apr 15 2009 Tim Waugh 8.63-6\n- Applied patch to fix CVE-2009-0792 (bug #491853).\n- Applied patch to fix CVE-2009-0196 (bug #493379).\n- Applied patch to fix CVE-2008-6679 (bug #493445).\n* Fri Mar 20 2009 Tim Waugh 8.63-5\n- Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584\n(bug #487744).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update ghostscript' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3709\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3709.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63835\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2009-0792\", \"CVE-2009-0196\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-3709 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493445\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493379\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=491853\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3709.", "cvss3": {}, "published": "2009-04-20T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-3709 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63835", "href": "http://plugins.openvas.org/nasl.php?oid=63835", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3709.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3709 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security flaws: CVE-2009-0792 (multiple integer\noverflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing\nboundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in\npdfwrite device).\n\nChangeLog:\n\n* Wed Apr 15 2009 Tim Waugh 8.63-6\n- Applied patch to fix CVE-2009-0792 (bug #491853).\n- Applied patch to fix CVE-2009-0196 (bug #493379).\n- Applied patch to fix CVE-2008-6679 (bug #493445).\n* Fri Mar 20 2009 Tim Waugh 8.63-5\n- Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584\n(bug #487744).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update ghostscript' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3709\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3709.\";\n\n\n\nif(description)\n{\n script_id(63835);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2009-0792\", \"CVE-2009-0196\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-3709 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493445\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493379\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=491853\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.63~6.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:50", "description": "The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3710.", "cvss3": {}, "published": "2009-04-20T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-3710 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063836", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063836", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3710.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3710 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security flaws: CVE-2009-0792 (multiple integer\noverflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing\nboundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in\npdfwrite device).\n\nChangeLog:\n\n* Wed Apr 15 2009 Tim Waugh 8.63-3\n- Applied patch to fix CVE-2009-0792 (bug #491853).\n- Applied patch to fix CVE-2009-0196 (bug #493379).\n- Applied patch to fix CVE-2008-6679 (bug #493445).\n* Fri Mar 20 2009 Tim Waugh 8.63-2\n- Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584\n(bug #487744).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update ghostscript' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3710\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3710.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63836\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2009-0792\", \"CVE-2009-0196\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-3710 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493445\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493379\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=491853\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:15", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0421.\n\nGhostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\naddress all possible integer overflow flaws in Ghostscript's International\nColor Consortium Format library (icclib). Using specially-crafted ICC\nprofiles, an attacker could create a malicious PostScript or PDF file with\nembedded images that could cause Ghostscript to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in\nGhostscript. An attacker could create a specially-crafted PostScript or PDF\nfile that could cause Ghostscript to crash or, potentially, execute\narbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "cvss3": {}, "published": "2009-04-15T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63765", "href": "http://plugins.openvas.org/nasl.php?oid=63765", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0421.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0421 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0421.\n\nGhostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\naddress all possible integer overflow flaws in Ghostscript's International\nColor Consortium Format library (icclib). Using specially-crafted ICC\nprofiles, an attacker could create a malicious PostScript or PDF file with\nembedded images that could cause Ghostscript to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in\nGhostscript. An attacker could create a specially-crafted PostScript or PDF\nfile that could cause Ghostscript to crash or, potentially, execute\narbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63765);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-15 22:11:00 +0200 (Wed, 15 Apr 2009)\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-0583\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0421\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0421.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:56", "description": "The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3710.", "cvss3": {}, "published": "2009-04-20T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-3710 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63836", "href": "http://plugins.openvas.org/nasl.php?oid=63836", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_3710.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-3710 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis update fixes several security flaws: CVE-2009-0792 (multiple integer\noverflows and missing upper-bounds checks in icclib), CVE-2009-0196 (missing\nboundary check in jbig2dec library), and CVE-2008-6679 (buffer overflow in\npdfwrite device).\n\nChangeLog:\n\n* Wed Apr 15 2009 Tim Waugh 8.63-3\n- Applied patch to fix CVE-2009-0792 (bug #491853).\n- Applied patch to fix CVE-2009-0196 (bug #493379).\n- Applied patch to fix CVE-2008-6679 (bug #493445).\n* Fri Mar 20 2009 Tim Waugh 8.63-2\n- Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584\n(bug #487744).\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update ghostscript' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3710\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory FEDORA-2009-3710.\";\n\n\n\nif(description)\n{\n script_id(63836);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2009-0792\", \"CVE-2009-0196\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-3710 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493445\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=493379\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=491853\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.63~3.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2009:0421 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880717", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880717", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2009:0421 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-April/015790.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880717\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:0421\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-0583\");\n script_name(\"CentOS Update for ghostscript CESA-2009:0421 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ghostscript'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"ghostscript on CentOS 5\");\n script_tag(name:\"insight\", value:\"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\n address all possible integer overflow flaws in Ghostscript's International\n Color Consortium Format library (icclib). Using specially-crafted ICC\n profiles, an attacker could create a malicious PostScript or PDF file with\n embedded images that could cause Ghostscript to crash or, potentially,\n execute arbitrary code when opened. (CVE-2009-0792)\n\n A buffer overflow flaw and multiple missing boundary checks were found in\n Ghostscript. An attacker could create a specially-crafted PostScript or PDF\n file that could cause Ghostscript to crash or, potentially, execute\n arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly reporting the CVE-2009-0196 flaw.\n\n Users of ghostscript are advised to upgrade to these updated packages,\n which contain backported patches to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15.2~9.4.el5_3.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.15.2~9.4.el5_3.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.15.2~9.4.el5_3.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:38:59", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0421.\n\nGhostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\naddress all possible integer overflow flaws in Ghostscript's International\nColor Consortium Format library (icclib). Using specially-crafted ICC\nprofiles, an attacker could create a malicious PostScript or PDF file with\nembedded images that could cause Ghostscript to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in\nGhostscript. An attacker could create a specially-crafted PostScript or PDF\nfile that could cause Ghostscript to crash or, potentially, execute\narbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "cvss3": {}, "published": "2009-04-15T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063765", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063765", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0421.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0421 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0421.\n\nGhostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\naddress all possible integer overflow flaws in Ghostscript's International\nColor Consortium Format library (icclib). Using specially-crafted ICC\nprofiles, an attacker could create a malicious PostScript or PDF file with\nembedded images that could cause Ghostscript to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in\nGhostscript. An attacker could create a specially-crafted PostScript or PDF\nfile that could cause Ghostscript to crash or, potentially, execute\narbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63765\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-15 22:11:00 +0200 (Wed, 15 Apr 2009)\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-0583\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0421\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0421.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-debuginfo\", rpm:\"ghostscript-debuginfo~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.15.2~9.4.el5_3.7\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:45", "description": "Check for the Version of ghostscript", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for ghostscript CESA-2009:0421 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880717", "href": "http://plugins.openvas.org/nasl.php?oid=880717", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ghostscript CESA-2009:0421 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ghostscript is a set of software that provides a PostScript interpreter, a\n set of C procedures (the Ghostscript library, which implements the graphics\n capabilities in the PostScript language) and an interpreter for Portable\n Document Format (PDF) files.\n\n It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\n address all possible integer overflow flaws in Ghostscript's International\n Color Consortium Format library (icclib). Using specially-crafted ICC\n profiles, an attacker could create a malicious PostScript or PDF file with\n embedded images that could cause Ghostscript to crash or, potentially,\n execute arbitrary code when opened. (CVE-2009-0792)\n \n A buffer overflow flaw and multiple missing boundary checks were found in\n Ghostscript. An attacker could create a specially-crafted PostScript or PDF\n file that could cause Ghostscript to crash or, potentially, execute\n arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly reporting the CVE-2009-0196 flaw.\n \n Users of ghostscript are advised to upgrade to these updated packages,\n which contain backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"ghostscript on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-April/015790.html\");\n script_id(880717);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2009:0421\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-0583\");\n script_name(\"CentOS Update for ghostscript CESA-2009:0421 centos5 i386\");\n\n script_summary(\"Check for the Version of ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15.2~9.4.el5_3.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-devel\", rpm:\"ghostscript-devel~8.15.2~9.4.el5_3.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ghostscript-gtk\", rpm:\"ghostscript-gtk~8.15.2~9.4.el5_3.7\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:37", "description": "Check for the Version of Ghostscript", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Ghostscript 115835-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855711", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855711", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Ghostscript 115835-05\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Ghostscript on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855711\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"115835-05\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for Ghostscript 115835-05\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-115835-05-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"115835-05\", package:\"SUNWespgs SUNWffiltersu SUNWa2psu SUNWgscr SUNWhpijs SUNWespgsS SUNWa2psr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:49", "description": "Check for the Version of Ghostscript", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Ghostscript 115836-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855758", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855758", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Ghostscript 115836-05\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Ghostscript on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855758\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"115836-05\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for Ghostscript 115836-05\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-115836-05-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of Ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"115836-05\", package:\"SUNWespgs SUNWffiltersu SUNWa2psu SUNWgscr SUNWhpijs SUNWespgsS SUNWa2psr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:53", "description": "Check for the Version of SunFreeware ghostscript man pages", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware ghostscript man pages 122262-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855706", "href": "http://plugins.openvas.org/nasl.php?oid=855706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware ghostscript man pages 122262-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware ghostscript man pages on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware ghostscript man pages\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855706);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122262-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware ghostscript man pages 122262-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122262-02-1\");\n\n script_summary(\"Check for the Version of SunFreeware ghostscript man pages\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"122262-02\", package:\"SUNWsfman\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:11", "description": "Check for the Version of SunFreeware ghostscript man pages", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware ghostscript man pages 122262-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855706", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware ghostscript man pages 122262-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware ghostscript man pages on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware ghostscript man pages\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855706\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122262-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware ghostscript man pages 122262-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122262-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of SunFreeware ghostscript man pages\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"122262-02\", package:\"SUNWsfman\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:04", "description": "Check for the Version of SunFreeware ghostscript man pages", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware ghostscript man pages 122261-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855654", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855654", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware ghostscript man pages 122261-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware ghostscript man pages on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware ghostscript man pages\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855654\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122261-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware ghostscript man pages 122261-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122261-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of SunFreeware ghostscript man pages\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"122261-02\", package:\"SUNWsfman\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:10", "description": "The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:095.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:095 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063873", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063873", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_095.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:095 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer underflow in Ghostscript's CCITTFax decoding filter allows\nremote attackers to cause denial of service and possibly to execute\narbitrary by using a crafted PDF file (CVE-2007-6725).\n\nBuffer overflow in Ghostscript's BaseFont writer module allows\nremote attackers to cause a denial of service and possibly to execute\narbitrary code via a crafted Postscript file (CVE-2008-6679).\n\nMultiple integer overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial\nof service (heap-based buffer overflow and application crash) and\npossibly execute arbirary code by using either a PostScript or PDF\nfile with crafte embedded images (CVE-2009-0583, CVE-2009-0584).\n\nMultiple integer overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial\nof service (heap-based buffer overflow and application crash) and\npossibly execute arbirary code by using either a PostScript or PDF\nfile with crafte embedded images. Note: this issue exists because of\nan incomplete fix for CVE-2009-0583 (CVE-2009-0792).\n\nHeap-based overflow in Ghostscript's JBIG2 decoding library allows\nattackers to cause denial of service and possibly to execute arbitrary\ncode by using a crafted PDF file (CVE-2009-0196).\n\nThis update provides fixes for that vulnerabilities.\n\nUpdate:\n\ngostscript packages from Mandriva Linux 2009.0 distribution are not\naffected by CVE-2007-6725.\n\nAffected: 2008.1, 2009.0, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:095\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:095.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63873\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2009-0196\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:095 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:52", "description": "Check for the Version of SunFreeware gnu esp ghostscript", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gnu esp ghostscript 122259-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855656", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855656", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gnu esp ghostscript 122259-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gnu esp ghostscript on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gnu esp ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855656\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122259-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware gnu esp ghostscript 122259-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122259-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of SunFreeware gnu esp ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"122259-02\", package:\"SUNWgscr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:08", "description": "Check for the Version of Ghostscript", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Ghostscript 115835-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855711", "href": "http://plugins.openvas.org/nasl.php?oid=855711", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Ghostscript 115835-05\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Ghostscript on solaris_5.9_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855711);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"115835-05\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for Ghostscript 115835-05\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-115835-05-1\");\n\n script_summary(\"Check for the Version of Ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"115835-05\", package:\"SUNWespgs SUNWffiltersu SUNWa2psu SUNWgscr SUNWhpijs SUNWespgsS SUNWa2psr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:52", "description": "Check for the Version of SunFreeware ghostscript man pages", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware ghostscript man pages 122261-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855654", "href": "http://plugins.openvas.org/nasl.php?oid=855654", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware ghostscript man pages 122261-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware ghostscript man pages on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware ghostscript man pages\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855654);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122261-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware ghostscript man pages 122261-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122261-02-1\");\n\n script_summary(\"Check for the Version of SunFreeware ghostscript man pages\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"122261-02\", package:\"SUNWsfman\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:13:59", "description": "Check for the Version of Ghostscript", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "Solaris Update for Ghostscript 115836-05", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855758", "href": "http://plugins.openvas.org/nasl.php?oid=855758", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for Ghostscript 115836-05\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"Ghostscript on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n Ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855758);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 15:16:45 +0200 (Tue, 13 Oct 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"115836-05\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for Ghostscript 115836-05\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-115836-05-1\");\n\n script_summary(\"Check for the Version of Ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"115836-05\", package:\"SUNWespgs SUNWffiltersu SUNWa2psu SUNWgscr SUNWhpijs SUNWespgsS SUNWa2psr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:10", "description": "Check for the Version of SunFreeware gnu esp ghostscript", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gnu esp ghostscript 122259-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855656", "href": "http://plugins.openvas.org/nasl.php?oid=855656", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gnu esp ghostscript 122259-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gnu esp ghostscript on solaris_5.10_sparc\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gnu esp ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855656);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122259-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware gnu esp ghostscript 122259-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122259-02-1\");\n\n script_summary(\"Check for the Version of SunFreeware gnu esp ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"122259-02\", package:\"SUNWgscr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:12", "description": "Check for the Version of SunFreeware gnu esp ghostscript", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gnu esp ghostscript 122260-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310855667", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855667", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gnu esp ghostscript 122260-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gnu esp ghostscript on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gnu esp ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855667\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122260-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware gnu esp ghostscript 122260-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122260-02-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of SunFreeware gnu esp ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"122260-02\", package:\"SUNWgscr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:04", "description": "The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:095.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:095 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:63873", "href": "http://plugins.openvas.org/nasl.php?oid=63873", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_095.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:095 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer underflow in Ghostscript's CCITTFax decoding filter allows\nremote attackers to cause denial of service and possibly to execute\narbitrary by using a crafted PDF file (CVE-2007-6725).\n\nBuffer overflow in Ghostscript's BaseFont writer module allows\nremote attackers to cause a denial of service and possibly to execute\narbitrary code via a crafted Postscript file (CVE-2008-6679).\n\nMultiple integer overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial\nof service (heap-based buffer overflow and application crash) and\npossibly execute arbirary code by using either a PostScript or PDF\nfile with crafte embedded images (CVE-2009-0583, CVE-2009-0584).\n\nMultiple integer overflows in Ghostsript's International Color\nConsortium Format Library (icclib) allows attackers to cause denial\nof service (heap-based buffer overflow and application crash) and\npossibly execute arbirary code by using either a PostScript or PDF\nfile with crafte embedded images. Note: this issue exists because of\nan incomplete fix for CVE-2009-0583 (CVE-2009-0792).\n\nHeap-based overflow in Ghostscript's JBIG2 decoding library allows\nattackers to cause denial of service and possibly to execute arbitrary\ncode by using a crafted PDF file (CVE-2009-0196).\n\nThis update provides fixes for that vulnerabilities.\n\nUpdate:\n\ngostscript packages from Mandriva Linux 2009.0 distribution are not\naffected by CVE-2007-6725.\n\nAffected: 2008.1, 2009.0, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:095\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:095.\";\n\n \n\nif(description)\n{\n script_id(63873);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2009-0196\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:095 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.61~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~60.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.63~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~62.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.15~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~46.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:14", "description": "Check for the Version of SunFreeware gnu esp ghostscript", "cvss3": {}, "published": "2009-09-23T00:00:00", "type": "openvas", "title": "Solaris Update for SunFreeware gnu esp ghostscript 122260-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583"], "modified": "2017-02-20T00:00:00", "id": "OPENVAS:855667", "href": "http://plugins.openvas.org/nasl.php?oid=855667", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for SunFreeware gnu esp ghostscript 122260-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"SunFreeware gnu esp ghostscript on solaris_5.10_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n SunFreeware gnu esp ghostscript\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855667);\n script_version(\"$Revision: 5359 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-23 10:48:35 +0200 (Wed, 23 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"122260-02\");\n script_cve_id(\"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2007-6725\");\n script_name(\"Solaris Update for SunFreeware gnu esp ghostscript 122260-02\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-122260-02-1\");\n\n script_summary(\"Check for the Version of SunFreeware gnu esp ghostscript\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.10\", arch:\"i386\", patch:\"122260-02\", package:\"SUNWgscr SUNWgscrS\") < 0)\n{\n security_message(0);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:54:25", "description": "The remote host is missing an update to ghostscript\nannounced via advisory DSA 2080-1.", "cvss3": {}, "published": "2010-08-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2080-1 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-4270", "CVE-2009-0792", "CVE-2008-3522", "CVE-2007-6725", "CVE-2008-6679", "CVE-2010-1869"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:136141256231067835", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067835", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2080_1.nasl 8296 2018-01-05 07:28:01Z teissa $\n# Description: Auto-generated from advisory DSA 2080-1 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several security issues have been discovered in Ghostscript, the GPL\nPostScript/PDF interpreter, which might lead to the execution of\narbitrary code if a user processes a malformed PDF or Postscript file.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 8.62.dfsg.1-3.2lenny4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8.71~dfsg-4.\n\nWe recommend that you upgrade your ghostscript packages.\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory DSA 2080-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202080-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67835\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-21 08:54:16 +0200 (Sat, 21 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-3522\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-4270\", \"CVE-2010-1869\");\n script_name(\"Debian Security Advisory DSA 2080-1 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:25", "description": "The remote host is missing an update to ghostscript\nannounced via advisory DSA 2080-1.", "cvss3": {}, "published": "2010-08-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2080-1 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-4270", "CVE-2009-0792", "CVE-2008-3522", "CVE-2007-6725", "CVE-2008-6679", "CVE-2010-1869"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:67835", "href": "http://plugins.openvas.org/nasl.php?oid=67835", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2080_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2080-1 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several security issues have been discovered in Ghostscript, the GPL\nPostScript/PDF interpreter, which might lead to the execution of\narbitrary code if a user processes a malformed PDF or Postscript file.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 8.62.dfsg.1-3.2lenny4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8.71~dfsg-4.\n\nWe recommend that you upgrade your ghostscript packages.\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory DSA 2080-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202080-1\";\n\n\nif(description)\n{\n script_id(67835);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-21 08:54:16 +0200 (Sat, 21 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-3522\", \"CVE-2008-6679\", \"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-4270\", \"CVE-2010-1869\");\n script_name(\"Debian Security Advisory DSA 2080-1 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.62.dfsg.1-3.2lenny4\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:08", "description": "The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:311.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:311 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2008-3522", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583", "CVE-2008-3520"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:66380", "href": "http://plugins.openvas.org/nasl.php?oid=66380", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_311.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:311 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides fixes for that vulnerabilities.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:311\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:311.\";\n\n \n\nif(description)\n{\n script_id(66380);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2009-0196\", \"CVE-2008-3520\", \"CVE-2008-3522\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:311 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:23", "description": "The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:311.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:311 (ghostscript)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2008-3522", "CVE-2009-0584", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0583", "CVE-2008-3520"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066380", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066380", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_311.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:311 (ghostscript)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update provides fixes for that vulnerabilities.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:311\";\ntag_summary = \"The remote host is missing an update to ghostscript\nannounced via advisory MDVSA-2009:311.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66380\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2007-6725\", \"CVE-2008-6679\", \"CVE-2009-0583\", \"CVE-2009-0584\", \"CVE-2009-0792\", \"CVE-2009-0196\", \"CVE-2008-3520\", \"CVE-2008-3522\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:311 (ghostscript)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ghostscript\", rpm:\"ghostscript~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-common\", rpm:\"ghostscript-common~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-doc\", rpm:\"ghostscript-doc~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-dvipdf\", rpm:\"ghostscript-dvipdf~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-module-X\", rpm:\"ghostscript-module-X~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ghostscript-X\", rpm:\"ghostscript-X~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8\", rpm:\"libgs8~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgs8-devel\", rpm:\"libgs8-devel~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1\", rpm:\"libijs1~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libijs1-devel\", rpm:\"libijs1-devel~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8\", rpm:\"lib64gs8~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gs8-devel\", rpm:\"lib64gs8-devel~8.60~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1\", rpm:\"lib64ijs1~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ijs1-devel\", rpm:\"lib64ijs1-devel~0.35~55.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:22", "description": "Gentoo Linux Local Security Checks GLSA 201412-17", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-17", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2012-4405", "CVE-2009-4270", "CVE-2010-1628", "CVE-2010-2055", "CVE-2009-0792", "CVE-2009-3743", "CVE-2009-4897", "CVE-2010-4054"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121303", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121303", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-17.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121303\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:11 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-17\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-17\");\n script_cve_id(\"CVE-2009-0196\", \"CVE-2009-0792\", \"CVE-2009-3743\", \"CVE-2009-4270\", \"CVE-2009-4897\", \"CVE-2010-1628\", \"CVE-2010-2055\", \"CVE-2010-4054\", \"CVE-2012-4405\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-17\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"app-text/ghostscript-gpl\", unaffected: make_list(\"ge 9.10-r2\"), vulnerable: make_list(\"lt 9.10-r2\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:29:09", "description": "The remote host is missing an update to gs-gpl\nannounced via advisory USN-757-1.", "cvss3": {}, "published": "2009-04-20T00:00:00", "type": "openvas", "title": "Ubuntu USN-757-1 (gs-gpl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0796", "CVE-2009-1185", "CVE-2009-0792", "CVE-2009-1016", "CVE-2009-0584", "CVE-2007-6725", "CVE-2009-1186", "CVE-2008-6679", "CVE-2009-0583", "CVE-2009-1012", "CVE-2008-5259"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:63856", "href": "http://plugins.openvas.org/nasl.php?oid=63856", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_757_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_757_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-757-1 (gs-gpl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n gs-esp 8.15.2.dfsg.0ubuntu1-0ubuntu1.2\n gs-gpl 8.15-4ubuntu3.3\n\nUbuntu 8.04 LTS:\n libgs8 8.61.dfsg.1-1ubuntu3.2\n\nUbuntu 8.10:\n libgs8 8.63.dfsg.1-0ubuntu6.4\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-757-1\";\n\ntag_insight = \"It was discovered that Ghostscript contained a buffer underflow in its\nCCITTFax decoding filter. If a user or automated system were tricked into\nopening a crafted PDF file, an attacker could cause a denial of service or\nexecute arbitrary code with privileges of the user invoking the program.\n(CVE-2007-6725)\n\nIt was discovered that Ghostscript contained a buffer overflow in the\nBaseFont writer module. If a user or automated system were tricked into\nopening a crafted Postscript file, an attacker could cause a denial of\nservice or execute arbitrary code with privileges of the user invoking the\nprogram. (CVE-2008-6679)\n\nIt was discovered that Ghostscript contained additional integer overflows\nin its ICC color management library. If a user or automated system were\ntricked into opening a crafted Postscript or PDF file, an attacker could\ncause a denial of service or execute arbitrary code with privileges of the\nuser invoking the program. (CVE-2009-0792)\n\nAlin Rad Pop discovered that Ghostscript contained a buffer overflow in the\njbig2dec library. If a user or automated system were tricked into opening a\ncrafted PDF file, an attacker could cause a denial of service or execute\narbitrary code with privileges of the user invoking the program.\n(CVE-2009-0196)\n\nUSN-743-1 provided updated ghostscript and gs-gpl packages to fix two\nsecurity vulnerabilities. This update corrects the same vulnerabilities in\nthe gs-esp package.\n\nOriginal advisory details:\n It was discovered that Ghostscript contained multiple integer overflows in\n its ICC color management library. If a user or automated system were\n tricked into opening a crafted Postscript file, an attacker could cause a\n denial of service or execute arbitrary code with privileges of the user\n invoking the program. (CVE-2009-0583)\n\n It was discovered that Ghostscript did not properly perform bounds\n checking in its ICC color management library. If a user or automated\n system were tricked into opening a crafted Postscript file, an attacker\n could cause a denial of service or execute arbitrary code with privileges\n of the user invoking the program. (CVE-2009-0584)\";\ntag_summary = \"The remote host is missing an update to gs-gpl\nannounced via advisory USN-757-1.\";\n\n \n\n\nif(description)\n{\n script_id(63856);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2008-5259\", \"CVE-2009-0584\", \"CVE-2009-0583\", \"CVE-2009-1012\", \"CVE-2007-6725\", \"CVE-2009-1016\", \"CVE-2009-1185\", \"CVE-2009-0796\", \"CVE-2009-0792\", \"CVE-2009-0196\", \"CVE-2008-6679\", \"CVE-2009-1186\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-757-1 (gs-gpl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-757-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.15-4ubuntu3.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.15.2.dfsg.0ubuntu1-0ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.15-4ubuntu3.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp-x\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.61.dfsg.1-1ubuntu3.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-doc\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-common\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-gpl\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-esp-dev\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-aladdin\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp-x\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gs-esp\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript-x\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ghostscript\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs-dev\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgs8\", ver:\"8.63.dfsg.1-0ubuntu6.4\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"udev\", ver:\"079-0ubuntu35.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvolume-id-dev\", ver:\"113-0ubuntu17.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvolume-id0\", ver:\"113-0ubuntu17.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"udev\", ver:\"113-0ubuntu17.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"volumeid\", ver:\"113-0ubuntu17.2\", rls:\"UBUNTU7.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvolume-id-dev\", ver:\"117-8ubuntu0.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvolume-id0\", ver:\"117-8ubuntu0.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"udev\", ver:\"117-8ubuntu0.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvolume-id-dev\", ver:\"124-9ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvolume-id0\", ver:\"124-9ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"udev\", ver:\"124-9ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:42", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:009", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0928", "CVE-2009-0586", "CVE-2009-0658", "CVE-2009-0792", "CVE-2009-0922", "CVE-2009-1241", "CVE-2008-4311", "CVE-2009-0927", "CVE-2009-0698", "CVE-2009-0365", "CVE-2009-0193", "CVE-2009-1062", "CVE-2009-1171", "CVE-2008-4989", "CVE-2009-0578", "CVE-2009-0790", "CVE-2009-1061"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:63891", "href": "http://plugins.openvas.org/nasl.php?oid=63891", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_009.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:009\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63891);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-4311\", \"CVE-2008-4989\", \"CVE-2009-0193\", \"CVE-2009-0196\", \"CVE-2009-0365\", \"CVE-2009-0578\", \"CVE-2009-0586\", \"CVE-2009-0658\", \"CVE-2009-0698\", \"CVE-2009-0790\", \"CVE-2009-0792\", \"CVE-2009-0922\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\", \"CVE-2009-1171\", \"CVE-2009-1241\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager\", rpm:\"NetworkManager~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-devel\", rpm:\"NetworkManager-devel~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-doc\", rpm:\"NetworkManager-doc~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-glib\", rpm:\"NetworkManager-glib~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs\", rpm:\"aufs~cvs20081020~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-default\", rpm:\"aufs-kmp-default~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-pae\", rpm:\"aufs-kmp-pae~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-xen\", rpm:\"aufs-kmp-xen~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1\", rpm:\"dbus-1~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel\", rpm:\"dbus-1-devel~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel-doc\", rpm:\"dbus-1-devel-doc~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"deb\", rpm:\"deb~1.14.21~10.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base\", rpm:\"gstreamer-0_10-plugins-base~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-devel\", rpm:\"gstreamer-0_10-plugins-base-devel~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-doc\", rpm:\"gstreamer-0_10-plugins-base-doc~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-lang\", rpm:\"gstreamer-0_10-plugins-base-lang~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi\", rpm:\"kde4-akonadi~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi-devel\", rpm:\"kde4-akonadi-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akregator\", rpm:\"kde4-akregator~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-dolphin\", rpm:\"kde4-dolphin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kaddressbook\", rpm:\"kde4-kaddressbook~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kalarm\", rpm:\"kde4-kalarm~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdepasswd\", rpm:\"kde4-kdepasswd~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdialog\", rpm:\"kde4-kdialog~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm\", rpm:\"kde4-kdm~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm-branding-upstream\", rpm:\"kde4-kdm-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-keditbookmarks\", rpm:\"kde4-keditbookmarks~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kfind\", rpm:\"kde4-kfind~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kgreeter-plugins\", rpm:\"kde4-kgreeter-plugins~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kinfocenter\", rpm:\"kde4-kinfocenter~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kjots\", rpm:\"kde4-kjots~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kmail\", rpm:\"kde4-kmail~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knode\", rpm:\"kde4-knode~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knotes\", rpm:\"kde4-knotes~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konqueror\", rpm:\"kde4-konqueror~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konsole\", rpm:\"kde4-konsole~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kontact\", rpm:\"kde4-kontact~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-korganizer\", rpm:\"kde4-korganizer~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktimetracker\", rpm:\"kde4-ktimetracker~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktnef\", rpm:\"kde4-ktnef~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwin\", rpm:\"kde4-kwin~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwrite\", rpm:\"kde4-kwrite~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4\", rpm:\"kdebase4~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-libkonq\", rpm:\"kdebase4-libkonq~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-nsplugin\", rpm:\"kdebase4-nsplugin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-runtime\", rpm:\"kdebase4-runtime~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace\", rpm:\"kdebase4-workspace~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-branding-upstream\", rpm:\"kdebase4-workspace-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-devel\", rpm:\"kdebase4-workspace-devel~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-ksysguardd\", rpm:\"kdebase4-workspace-ksysguardd~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4\", rpm:\"kdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-devel\", rpm:\"kdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-wizards\", rpm:\"kdepim4-wizards~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepimlibs4\", rpm:\"kdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kio_iso\", rpm:\"kio_iso~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krusader\", rpm:\"krusader~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libakonadi4\", rpm:\"libakonadi4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas\", rpm:\"libgnomecanvas~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-devel\", rpm:\"libgnomecanvas-devel~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-doc\", rpm:\"libgnomecanvas-doc~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-lang\", rpm:\"libgnomecanvas-lang~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstinterfaces-0_10-0\", rpm:\"libgstinterfaces-0_10-0~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4\", rpm:\"libkdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4-devel\", rpm:\"libkdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4\", rpm:\"libkdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4-devel\", rpm:\"libkdepimlibs4-devel~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq-devel\", rpm:\"libkonq-devel~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq5\", rpm:\"libkonq5~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap0\", rpm:\"libpcap0~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev0\", rpm:\"libudev0~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~126~17.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id1\", rpm:\"libvolume_id1~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-gnome-vfs\", rpm:\"libxine1-gnome-vfs~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-pulse\", rpm:\"libxine1-pulse~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"module-init-tools\", rpm:\"module-init-tools~3.4~56.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"phonon-backend-xine\", rpm:\"phonon-backend-xine~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.71.11~7.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-audio\", rpm:\"bluez-audio~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.8~3.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~0.11.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls-devel\", rpm:\"gnutls-devel~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.4~49.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.2~4.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:42", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-04-28T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:009", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0928", "CVE-2009-0586", "CVE-2009-0658", "CVE-2009-0792", "CVE-2009-0922", "CVE-2009-1241", "CVE-2008-4311", "CVE-2009-0927", "CVE-2009-0698", "CVE-2009-0365", "CVE-2009-0193", "CVE-2009-1062", "CVE-2009-1171", "CVE-2008-4989", "CVE-2009-0578", "CVE-2009-0790", "CVE-2009-1061"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063891", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063891", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_009.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:009\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:009. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63891\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-28 20:40:12 +0200 (Tue, 28 Apr 2009)\");\n script_cve_id(\"CVE-2008-4311\", \"CVE-2008-4989\", \"CVE-2009-0193\", \"CVE-2009-0196\", \"CVE-2009-0365\", \"CVE-2009-0578\", \"CVE-2009-0586\", \"CVE-2009-0658\", \"CVE-2009-0698\", \"CVE-2009-0790\", \"CVE-2009-0792\", \"CVE-2009-0922\", \"CVE-2009-0927\", \"CVE-2009-0928\", \"CVE-2009-1061\", \"CVE-2009-1062\", \"CVE-2009-1171\", \"CVE-2009-1241\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager\", rpm:\"NetworkManager~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-devel\", rpm:\"NetworkManager-devel~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-doc\", rpm:\"NetworkManager-doc~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"NetworkManager-glib\", rpm:\"NetworkManager-glib~0.7.0.r4359~15.2.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs\", rpm:\"aufs~cvs20081020~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-default\", rpm:\"aufs-kmp-default~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-pae\", rpm:\"aufs-kmp-pae~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-xen\", rpm:\"aufs-kmp-xen~cvs20081020_2.6.27.21_0.1~1.32.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.9~7.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1\", rpm:\"dbus-1~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel\", rpm:\"dbus-1-devel~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dbus-1-devel-doc\", rpm:\"dbus-1-devel-doc~1.2.10~5.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"deb\", rpm:\"deb~1.14.21~10.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel\", rpm:\"gnome-panel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-devel\", rpm:\"gnome-panel-devel~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-doc\", rpm:\"gnome-panel-doc~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-extras\", rpm:\"gnome-panel-extras~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-panel-lang\", rpm:\"gnome-panel-lang~2.24.1~2.26.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~25.108.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base\", rpm:\"gstreamer-0_10-plugins-base~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-devel\", rpm:\"gstreamer-0_10-plugins-base-devel~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-doc\", rpm:\"gstreamer-0_10-plugins-base-doc~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gstreamer-0_10-plugins-base-lang\", rpm:\"gstreamer-0_10-plugins-base-lang~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk\", rpm:\"java-1_6_0-openjdk~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-demo\", rpm:\"java-1_6_0-openjdk-demo~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-devel\", rpm:\"java-1_6_0-openjdk-devel~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-javadoc\", rpm:\"java-1_6_0-openjdk-javadoc~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-plugin\", rpm:\"java-1_6_0-openjdk-plugin~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_6_0-openjdk-src\", rpm:\"java-1_6_0-openjdk-src~1.4_b14~24.4.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi\", rpm:\"kde4-akonadi~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akonadi-devel\", rpm:\"kde4-akonadi-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-akregator\", rpm:\"kde4-akregator~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-dolphin\", rpm:\"kde4-dolphin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kaddressbook\", rpm:\"kde4-kaddressbook~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kalarm\", rpm:\"kde4-kalarm~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdepasswd\", rpm:\"kde4-kdepasswd~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdialog\", rpm:\"kde4-kdialog~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm\", rpm:\"kde4-kdm~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kdm-branding-upstream\", rpm:\"kde4-kdm-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-keditbookmarks\", rpm:\"kde4-keditbookmarks~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kfind\", rpm:\"kde4-kfind~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kgreeter-plugins\", rpm:\"kde4-kgreeter-plugins~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kinfocenter\", rpm:\"kde4-kinfocenter~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kjots\", rpm:\"kde4-kjots~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kmail\", rpm:\"kde4-kmail~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knode\", rpm:\"kde4-knode~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-knotes\", rpm:\"kde4-knotes~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konqueror\", rpm:\"kde4-konqueror~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-konsole\", rpm:\"kde4-konsole~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kontact\", rpm:\"kde4-kontact~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-korganizer\", rpm:\"kde4-korganizer~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktimetracker\", rpm:\"kde4-ktimetracker~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-ktnef\", rpm:\"kde4-ktnef~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwin\", rpm:\"kde4-kwin~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kde4-kwrite\", rpm:\"kde4-kwrite~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4\", rpm:\"kdebase4~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-libkonq\", rpm:\"kdebase4-libkonq~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-nsplugin\", rpm:\"kdebase4-nsplugin~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-runtime\", rpm:\"kdebase4-runtime~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace\", rpm:\"kdebase4-workspace~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-branding-upstream\", rpm:\"kdebase4-workspace-branding-upstream~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-devel\", rpm:\"kdebase4-workspace-devel~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdebase4-workspace-ksysguardd\", rpm:\"kdebase4-workspace-ksysguardd~4.1.3~10.3.7\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4\", rpm:\"kdelibs4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-core\", rpm:\"kdelibs4-core~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdelibs4-doc\", rpm:\"kdelibs4-doc~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4\", rpm:\"kdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-devel\", rpm:\"kdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim4-wizards\", rpm:\"kdepim4-wizards~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepimlibs4\", rpm:\"kdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.21~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.21~0.1.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kio_iso\", rpm:\"kio_iso~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~211.12.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~132.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krusader\", rpm:\"krusader~1.99.2.beta2~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libakonadi4\", rpm:\"libakonadi4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas\", rpm:\"libgnomecanvas~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-devel\", rpm:\"libgnomecanvas-devel~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-doc\", rpm:\"libgnomecanvas-doc~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnomecanvas-lang\", rpm:\"libgnomecanvas-lang~2.20.1.1~25.81.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~24.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgstinterfaces-0_10-0\", rpm:\"libgstinterfaces-0_10-0~0.10.21~2.21.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.18.2~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4\", rpm:\"libkde4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkde4-devel\", rpm:\"libkde4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4\", rpm:\"libkdecore4~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdecore4-devel\", rpm:\"libkdecore4-devel~4.1.3~4.10.4\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4\", rpm:\"libkdepim4~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepim4-devel\", rpm:\"libkdepim4-devel~4.1.3~3.14.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4\", rpm:\"libkdepimlibs4~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkdepimlibs4-devel\", rpm:\"libkdepimlibs4-devel~4.1.3~5.2.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq-devel\", rpm:\"libkonq-devel~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkonq5\", rpm:\"libkonq5~4.1.3~3.8.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.10~8.14.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpcap0\", rpm:\"libpcap0~0.9.8~50.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev-devel\", rpm:\"libudev-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libudev0\", rpm:\"libudev0~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~126~17.38.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id1\", rpm:\"libvolume_id1~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-gnome-vfs\", rpm:\"libxine1-gnome-vfs~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxine1-pulse\", rpm:\"libxine1-pulse~1.1.15~23.3.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"module-init-tools\", rpm:\"module-init-tools~3.4~56.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.6.16~1.47.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"phonon-backend-xine\", rpm:\"phonon-backend-xine~4.1.3~4.2.9\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom190\", rpm:\"python-xpcom190~1.9.0.8~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.71.11~7.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~128~9.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~97.78.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~3.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-audio\", rpm:\"bluez-audio~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.32~8.7\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.3.7~25.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-branding-upstream\", rpm:\"glib2-branding-upstream~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2-lang\", rpm:\"gpg2-lang~2.0.9~22.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.11~8.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~157.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.3~50.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-2_0-0\", rpm:\"libgio-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgio-fam\", rpm:\"libgio-fam~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libglib-2_0-0\", rpm:\"libglib-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgmodule-2_0-0\", rpm:\"libgmodule-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra-devel\", rpm:\"libgnutls-extra-devel~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-extra26\", rpm:\"libgnutls-extra26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.2.2~17.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgobject-2_0-0\", rpm:\"libgobject-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgthread-2_0-0\", rpm:\"libgthread-2_0-0~2.16.3~20.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal\", rpm:\"libkcal~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal-devel\", rpm:\"libkcal-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkcal2\", rpm:\"libkcal2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime-devel\", rpm:\"libkmime-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libkmime2\", rpm:\"libkmime2~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef-devel\", rpm:\"libktnef-devel~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libktnef1\", rpm:\"libktnef1~3.5.9~53.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190\", rpm:\"mozilla-xulrunner190~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-devel\", rpm:\"mozilla-xulrunner190-devel~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-gnomevfs\", rpm:\"mozilla-xulrunner190-gnomevfs~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-xulrunner190-translations\", rpm:\"mozilla-xulrunner190-translations~1.9.0.8~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~130.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.3.7~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.8~3.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~120~13.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.12~8.5\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~95.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"zypper\", rpm:\"zypper~0.11.11~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.21post~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-cups\", rpm:\"bluez-cups~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-test\", rpm:\"bluez-test~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bluez-utils\", rpm:\"bluez-utils~3.18~13.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.95.1~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.21\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2\", rpm:\"glib2~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-devel\", rpm:\"glib2-devel~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-doc\", rpm:\"glib2-doc~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"glib2-lang\", rpm:\"glib2-lang~2.14.1~4.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls-devel\", rpm:\"gnutls-devel~1.6.1~36.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gpg2\", rpm:\"gpg2~2.0.4~49.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3\", rpm:\"kdepim3~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-devel\", rpm:\"kdepim3-devel~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-kpilot\", rpm:\"kdepim3-kpilot~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-mobile\", rpm:\"kdepim3-mobile~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-notes\", rpm:\"kdepim3-notes~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kdepim3-time-management\", rpm:\"kdepim3-time-management~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kitchensync\", rpm:\"kitchensync~3.5.7.enterprise.0.20070904.708012~9.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"klamav\", rpm:\"klamav~0.46~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database\", rpm:\"koffice-database~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-mysql\", rpm:\"koffice-database-mysql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-database-psql\", rpm:\"koffice-database-psql~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-extra\", rpm:\"koffice-extra~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-illustration\", rpm:\"koffice-illustration~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-planning\", rpm:\"koffice-planning~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-presentation\", rpm:\"koffice-presentation~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-python\", rpm:\"koffice-python~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-ruby\", rpm:\"koffice-ruby~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-spreadsheet\", rpm:\"koffice-spreadsheet~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"koffice-wordprocessing\", rpm:\"koffice-wordprocessing~1.6.3~51.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5\", rpm:\"krb5~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-clients\", rpm:\"krb5-apps-clients~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-apps-servers\", rpm:\"krb5-apps-servers~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-client\", rpm:\"krb5-client~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-devel\", rpm:\"krb5-devel~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"krb5-server\", rpm:\"krb5-server~1.6.2~22.9\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id\", rpm:\"libvolume_id~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvolume_id-devel\", rpm:\"libvolume_id-devel~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan\", rpm:\"openswan~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openswan-doc\", rpm:\"openswan-doc~2.4.7~64.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.2.13~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sysconfig\", rpm:\"sysconfig~0.70.2~4.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"timezone\", rpm:\"timezone~2009d~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"udev\", rpm:\"udev~114~19.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-devel\", rpm:\"xine-devel~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-extra\", rpm:\"xine-extra~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~14.14\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~19.8\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:54", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:011. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-06-15T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-1095", "CVE-2009-1093", "CVE-2009-1104", "CVE-2009-1096", "CVE-2009-1379", "CVE-2009-1099", "CVE-2009-1377", "CVE-2009-0792", "CVE-2009-1268", "CVE-2009-1266", "CVE-2007-6725", "CVE-2009-0688", "CVE-2009-1100", "CVE-2009-1210", "CVE-2009-1378", "CVE-2008-6679", "CVE-2009-1492", "CVE-2009-0159", "CVE-2008-6123", "CVE-2009-1098", "CVE-2009-1267", "CVE-2009-1094", "CVE-2009-1274", "CVE-2009-1269", "CVE-2009-0241", "CVE-2009-1103", "CVE-2009-1364", "CVE-2007-5400", "CVE-2009-1252", "CVE-2009-1107", "CVE-2009-1493"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:64196", "href": "http://plugins.openvas.org/nasl.php?oid=64196", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_011.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:011\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:011. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(64196);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-15 19:20:43 +0200 (Mon, 15 Jun 2009)\");\n script_cve_id(\"CVE-2007-5400\", \"CVE-2007-6725\", \"CVE-2008-6123\", \"CVE-2008-6679\", \"CVE-2009-0159\", \"CVE-2009-0196\", \"CVE-2009-0241\", \"CVE-2009-0688\", \"CVE-2009-0792\", \"CVE-2009-1093\", \"CVE-2009-1094\", \"CVE-2009-1095\", \"CVE-2009-1096\", \"CVE-2009-1098\", \"CVE-2009-1099\", \"CVE-2009-1100\", \"CVE-2009-1103\", \"CVE-2009-1104\", \"CVE-2009-1107\", \"CVE-2009-1210\", \"CVE-2009-1252\", \"CVE-2009-1266\", \"CVE-2009-1267\", \"CVE-2009-1268\", \"CVE-2009-1269\", \"CVE-2009-1274\", \"CVE-2009-1364\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1492\", \"CVE-2009-1493\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:011\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_security2\", rpm:\"apache2-mod_security2~2.5.6~1.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.23_0.1~1.32.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.23_0.1~1.32.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brocade-bfa-kmp-debug\", rpm:\"brocade-bfa-kmp-debug~1.1.0.2_2.6.27.23_0.1~1.7.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brocade-bfa-kmp-trace\", rpm:\"brocade-bfa-kmp-trace~1.1.0.2_2.6.27.23_0.1~1.7.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-crammd5\", rpm:\"cyrus-sasl-crammd5~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-devel\", rpm:\"cyrus-sasl-devel~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-digestmd5\", rpm:\"cyrus-sasl-digestmd5~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-ntlm\", rpm:\"cyrus-sasl-ntlm~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-otp\", rpm:\"cyrus-sasl-otp~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dazuko-kmp-debug\", rpm:\"dazuko-kmp-debug~2.3.6_2.6.27.23_0.1~1.49.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dazuko-kmp-trace\", rpm:\"dazuko-kmp-trace~2.3.6_2.6.27.23_0.1~1.49.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dos2unix\", rpm:\"dos2unix~3.1~437.37.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.7_2.6.27.23_0.1~1.19.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-trace\", rpm:\"drbd-kmp-trace~8.2.7_2.6.27.23_0.1~1.19.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core\", rpm:\"ganglia-monitor-core~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-devel\", rpm:\"ganglia-monitor-core-devel~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmetad\", rpm:\"ganglia-monitor-core-gmetad~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmond\", rpm:\"ganglia-monitor-core-gmond~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-webfrontend\", rpm:\"ganglia-webfrontend~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gdbm\", rpm:\"gdbm~1.8.3~371.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gdbm-devel\", rpm:\"gdbm-devel~1.8.3~371.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"intel-iamt-heci-kmp-debug\", rpm:\"intel-iamt-heci-kmp-debug~3.1.0.31_2.6.27.23_0.1~2.40.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"intel-iamt-heci-kmp-trace\", rpm:\"intel-iamt-heci-kmp-trace~3.1.0.31_2.6.27.23_0.1~2.40.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kmp-debug\", rpm:\"iscsitarget-kmp-debug~0.4.15_2.6.27.23_0.1~89.11.12\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kmp-trace\", rpm:\"iscsitarget-kmp-trace~0.4.15_2.6.27.23_0.1~89.11.12\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kmp-debug\", rpm:\"kqemu-kmp-debug~1.4.0pre1_2.6.27.23_0.1~2.1.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kmp-trace\", rpm:\"kqemu-kmp-trace~1.4.0pre1_2.6.27.23_0.1~2.1.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kvm-kmp-trace\", rpm:\"kvm-kmp-trace~78_2.6.27.23_0.1~6.6.20\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse-browse0\", rpm:\"libpulse-browse0~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse-devel\", rpm:\"libpulse-devel~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse-mainloop-glib0\", rpm:\"libpulse-mainloop-glib0~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse0\", rpm:\"libpulse0~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsnmp15\", rpm:\"libsnmp15~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.30.3~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.30.3~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lirc-kmp-trace\", rpm:\"lirc-kmp-trace~0.8.4_2.6.27.23_0.1~0.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-client\", rpm:\"nfs-client~1.1.3~18.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-doc\", rpm:\"nfs-doc~1.1.3~18.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-kernel-server\", rpm:\"nfs-kernel-server~1.1.3~18.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ofed-kmp-debug\", rpm:\"ofed-kmp-debug~1.4_2.6.27.23_0.1~21.15.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ofed-kmp-trace\", rpm:\"ofed-kmp-trace~1.4_2.6.27.23_0.1~21.15.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"optipng\", rpm:\"optipng~0.6.1~10.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"oracleasm-kmp-debug\", rpm:\"oracleasm-kmp-debug~2.0.5_2.6.27.23_0.1~2.36.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"oracleasm-kmp-trace\", rpm:\"oracleasm-kmp-trace~2.0.5_2.6.27.23_0.1~2.36.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango\", rpm:\"pango~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango-devel\", rpm:\"pango-devel~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango-doc\", rpm:\"pango-doc~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango-module-thai-lang\", rpm:\"pango-module-thai-lang~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcfclock-kmp-debug\", rpm:\"pcfclock-kmp-debug~0.44_2.6.27.23_0.1~227.56.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcfclock-kmp-trace\", rpm:\"pcfclock-kmp-trace~0.44_2.6.27.23_0.1~227.56.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio\", rpm:\"pulseaudio~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-esound-compat\", rpm:\"pulseaudio-esound-compat~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-lang\", rpm:\"pulseaudio-lang~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-bluetooth\", rpm:\"pulseaudio-module-bluetooth~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-gconf\", rpm:\"pulseaudio-module-gconf~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-jack\", rpm:\"pulseaudio-module-jack~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-lirc\", rpm:\"pulseaudio-module-lirc~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-x11\", rpm:\"pulseaudio-module-x11~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-zeroconf\", rpm:\"pulseaudio-module-zeroconf~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-utils\", rpm:\"pulseaudio-utils~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.10~17.30.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.10~17.30.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"snmp-mibs\", rpm:\"snmp-mibs~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virt-manager\", rpm:\"virt-manager~0.5.3~64.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virt-viewer\", rpm:\"virt-viewer~0.0.3~3.28.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-debug\", rpm:\"virtualbox-ose-kmp-debug~2.0.6_2.6.27.23_0.1~2.8.32\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-trace\", rpm:\"virtualbox-ose-kmp-trace~2.0.6_2.6.27.23_0.1~2.8.32\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vm-install\", rpm:\"vm-install~0.3.24~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vmware-kmp-debug\", rpm:\"vmware-kmp-debug~2008.09.03_2.6.27.23_0.1~5.50.25\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vmware-kmp-trace\", rpm:\"vmware-kmp-trace~2008.09.03_2.6.27.23_0.1~5.50.25\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.4~2.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.0.4~2.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-doc-pdf\", rpm:\"xen-doc-pdf~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"RealPlayer\", rpm:\"RealPlayer~10.0.9~51.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acerhk-kmp-debug\", rpm:\"acerhk-kmp-debug~0.5.35_2.6.25.20_0.4~98.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acx-kmp-debug\", rpm:\"acx-kmp-debug~20080210_2.6.25.20_0.4~3.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"appleir-kmp-debug\", rpm:\"appleir-kmp-debug~1.1_2.6.25.20_0.4~108.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at76_usb-kmp-debug\", rpm:\"at76_usb-kmp-debug~0.17_2.6.25.20_0.4~2.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"atl2-kmp-debug\", rpm:\"atl2-kmp-debug~2.0.4_2.6.25.20_0.4~4.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20080429_2.6.25.20_0.4~13.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-crammd5\", rpm:\"cyrus-sasl-crammd5~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-devel\", rpm:\"cyrus-sasl-devel~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-digestmd5\", rpm:\"cyrus-sasl-digestmd5~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-ntlm\", rpm:\"cyrus-sasl-ntlm~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-otp\", rpm:\"cyrus-sasl-otp~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dazuko-kmp-debug\", rpm:\"dazuko-kmp-debug~2.3.4.4_2.6.25.20_0.4~42.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dos2unix\", rpm:\"dos2unix~3.1~413.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.6_2.6.25.20_0.4~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core\", rpm:\"ganglia-monitor-core~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-devel\", rpm:\"ganglia-monitor-core-devel~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmetad\", rpm:\"ganglia-monitor-core-gmetad~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmond\", rpm:\"ganglia-monitor-core-gmond~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-webfrontend\", rpm:\"ganglia-webfrontend~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gspcav-kmp-debug\", rpm:\"gspcav-kmp-debug~01.00.20_2.6.25.20_0.4~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kmp-debug\", rpm:\"iscsitarget-kmp-debug~0.4.15_2.6.25.20_0.4~63.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ivtv-kmp-debug\", rpm:\"ivtv-kmp-debug~1.0.3_2.6.25.20_0.4~66.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kmp-debug\", rpm:\"kqemu-kmp-debug~1.3.0pre11_2.6.25.20_0.4~7.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsnmp15\", rpm:\"libsnmp15~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.20_0.4~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"omnibook-kmp-debug\", rpm:\"omnibook-kmp-debug~20080313_2.6.25.20_0.4~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"optipng\", rpm:\"optipng~0.6.2~2.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcc-acpi-kmp-debug\", rpm:\"pcc-acpi-kmp-debug~0.9_2.6.25.20_0.4~4.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcfclock-kmp-debug\", rpm:\"pcfclock-kmp-debug~0.44_2.6.25.20_0.4~207.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.9~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.9~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"snmp-mibs\", rpm:\"snmp-mibs~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tpctl-kmp-debug\", rpm:\"tpctl-kmp-debug~4.17_2.6.25.20_0.4~189.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"uvcvideo-kmp-debug\", rpm:\"uvcvideo-kmp-debug~r200_2.6.25.20_0.4~2.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-debug\", rpm:\"virtualbox-ose-kmp-debug~1.5.6_2.6.25.20_0.4~33.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vmware-kmp-debug\", rpm:\"vmware-kmp-debug~2008.04.14_2.6.25.20_0.4~21.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.0~17.12\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.0.0~17.12\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wlan-ng-kmp-debug\", rpm:\"wlan-ng-kmp-debug~0.2.8_2.6.25.20_0.4~107.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"RealPlayer\", rpm:\"RealPlayer~10.0.9~11.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-crammd5\", rpm:\"cyrus-sasl-crammd5~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-devel\", rpm:\"cyrus-sasl-devel~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-digestmd5\", rpm:\"cyrus-sasl-digestmd5~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-otp\", rpm:\"cyrus-sasl-otp~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dos2unix\", rpm:\"dos2unix~3.1~376.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core\", rpm:\"ganglia-monitor-core~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-devel\", rpm:\"ganglia-monitor-core-devel~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmetad\", rpm:\"ganglia-monitor-core-gmetad~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmond\", rpm:\"ganglia-monitor-core-gmond~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-webfrontend\", rpm:\"ganglia-webfrontend~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsnmp15\", rpm:\"libsnmp15~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"optipng\", rpm:\"optipng~0.6.2~2.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.7~37.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.7~37.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"snmp-mibs\", rpm:\"snmp-mibs~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.6~31.18\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~0.99.6~31.18\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:19", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:011. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-06-15T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-1095", "CVE-2009-1093", "CVE-2009-1104", "CVE-2009-1096", "CVE-2009-1379", "CVE-2009-1099", "CVE-2009-1377", "CVE-2009-0792", "CVE-2009-1268", "CVE-2009-1266", "CVE-2007-6725", "CVE-2009-0688", "CVE-2009-1100", "CVE-2009-1210", "CVE-2009-1378", "CVE-2008-6679", "CVE-2009-1492", "CVE-2009-0159", "CVE-2008-6123", "CVE-2009-1098", "CVE-2009-1267", "CVE-2009-1094", "CVE-2009-1274", "CVE-2009-1269", "CVE-2009-0241", "CVE-2009-1103", "CVE-2009-1364", "CVE-2007-5400", "CVE-2009-1252", "CVE-2009-1107", "CVE-2009-1493"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064196", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064196", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_011.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:011\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:011. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64196\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-15 19:20:43 +0200 (Mon, 15 Jun 2009)\");\n script_cve_id(\"CVE-2007-5400\", \"CVE-2007-6725\", \"CVE-2008-6123\", \"CVE-2008-6679\", \"CVE-2009-0159\", \"CVE-2009-0196\", \"CVE-2009-0241\", \"CVE-2009-0688\", \"CVE-2009-0792\", \"CVE-2009-1093\", \"CVE-2009-1094\", \"CVE-2009-1095\", \"CVE-2009-1096\", \"CVE-2009-1098\", \"CVE-2009-1099\", \"CVE-2009-1100\", \"CVE-2009-1103\", \"CVE-2009-1104\", \"CVE-2009-1107\", \"CVE-2009-1210\", \"CVE-2009-1252\", \"CVE-2009-1266\", \"CVE-2009-1267\", \"CVE-2009-1268\", \"CVE-2009-1269\", \"CVE-2009-1274\", \"CVE-2009-1364\", \"CVE-2009-1377\", \"CVE-2009-1378\", \"CVE-2009-1379\", \"CVE-2009-1492\", \"CVE-2009-1493\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:011\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"apache2-mod_security2\", rpm:\"apache2-mod_security2~2.5.6~1.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20081020_2.6.27.23_0.1~1.32.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-trace\", rpm:\"aufs-kmp-trace~cvs20081020_2.6.27.23_0.1~1.32.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brocade-bfa-kmp-debug\", rpm:\"brocade-bfa-kmp-debug~1.1.0.2_2.6.27.23_0.1~1.7.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brocade-bfa-kmp-trace\", rpm:\"brocade-bfa-kmp-trace~1.1.0.2_2.6.27.23_0.1~1.7.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-crammd5\", rpm:\"cyrus-sasl-crammd5~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-devel\", rpm:\"cyrus-sasl-devel~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-digestmd5\", rpm:\"cyrus-sasl-digestmd5~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-ntlm\", rpm:\"cyrus-sasl-ntlm~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-otp\", rpm:\"cyrus-sasl-otp~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.22~182.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dazuko-kmp-debug\", rpm:\"dazuko-kmp-debug~2.3.6_2.6.27.23_0.1~1.49.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dazuko-kmp-trace\", rpm:\"dazuko-kmp-trace~2.3.6_2.6.27.23_0.1~1.49.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dos2unix\", rpm:\"dos2unix~3.1~437.37.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.7_2.6.27.23_0.1~1.19.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-trace\", rpm:\"drbd-kmp-trace~8.2.7_2.6.27.23_0.1~1.19.6\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core\", rpm:\"ganglia-monitor-core~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-devel\", rpm:\"ganglia-monitor-core-devel~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmetad\", rpm:\"ganglia-monitor-core-gmetad~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmond\", rpm:\"ganglia-monitor-core-gmond~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-webfrontend\", rpm:\"ganglia-webfrontend~2.5.7~172.40.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gdbm\", rpm:\"gdbm~1.8.3~371.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gdbm-devel\", rpm:\"gdbm-devel~1.8.3~371.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"intel-iamt-heci-kmp-debug\", rpm:\"intel-iamt-heci-kmp-debug~3.1.0.31_2.6.27.23_0.1~2.40.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"intel-iamt-heci-kmp-trace\", rpm:\"intel-iamt-heci-kmp-trace~3.1.0.31_2.6.27.23_0.1~2.40.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kmp-debug\", rpm:\"iscsitarget-kmp-debug~0.4.15_2.6.27.23_0.1~89.11.12\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kmp-trace\", rpm:\"iscsitarget-kmp-trace~0.4.15_2.6.27.23_0.1~89.11.12\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.23~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kmp-debug\", rpm:\"kqemu-kmp-debug~1.4.0pre1_2.6.27.23_0.1~2.1.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kmp-trace\", rpm:\"kqemu-kmp-trace~1.4.0pre1_2.6.27.23_0.1~2.1.8\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kvm-kmp-trace\", rpm:\"kvm-kmp-trace~78_2.6.27.23_0.1~6.6.20\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse-browse0\", rpm:\"libpulse-browse0~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse-devel\", rpm:\"libpulse-devel~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse-mainloop-glib0\", rpm:\"libpulse-mainloop-glib0~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpulse0\", rpm:\"libpulse0~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsatsolver-devel\", rpm:\"libsatsolver-devel~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsnmp15\", rpm:\"libsnmp15~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-devel\", rpm:\"libvirt-devel~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-doc\", rpm:\"libvirt-doc~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libvirt-python\", rpm:\"libvirt-python~0.4.6~11.13.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp\", rpm:\"libzypp~5.30.3~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libzypp-devel\", rpm:\"libzypp-devel~5.30.3~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lirc-kmp-trace\", rpm:\"lirc-kmp-trace~0.8.4_2.6.27.23_0.1~0.1.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-client\", rpm:\"nfs-client~1.1.3~18.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-doc\", rpm:\"nfs-doc~1.1.3~18.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nfs-kernel-server\", rpm:\"nfs-kernel-server~1.1.3~18.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ofed-kmp-debug\", rpm:\"ofed-kmp-debug~1.4_2.6.27.23_0.1~21.15.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ofed-kmp-trace\", rpm:\"ofed-kmp-trace~1.4_2.6.27.23_0.1~21.15.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"optipng\", rpm:\"optipng~0.6.1~10.4.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"oracleasm-kmp-debug\", rpm:\"oracleasm-kmp-debug~2.0.5_2.6.27.23_0.1~2.36.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"oracleasm-kmp-trace\", rpm:\"oracleasm-kmp-trace~2.0.5_2.6.27.23_0.1~2.36.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango\", rpm:\"pango~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango-devel\", rpm:\"pango-devel~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango-doc\", rpm:\"pango-doc~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pango-module-thai-lang\", rpm:\"pango-module-thai-lang~1.22.1~2.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcfclock-kmp-debug\", rpm:\"pcfclock-kmp-debug~0.44_2.6.27.23_0.1~227.56.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcfclock-kmp-trace\", rpm:\"pcfclock-kmp-trace~0.44_2.6.27.23_0.1~227.56.10\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-satsolver\", rpm:\"perl-satsolver~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio\", rpm:\"pulseaudio~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-esound-compat\", rpm:\"pulseaudio-esound-compat~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-lang\", rpm:\"pulseaudio-lang~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-bluetooth\", rpm:\"pulseaudio-module-bluetooth~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-gconf\", rpm:\"pulseaudio-module-gconf~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-jack\", rpm:\"pulseaudio-module-jack~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-lirc\", rpm:\"pulseaudio-module-lirc~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-x11\", rpm:\"pulseaudio-module-x11~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-module-zeroconf\", rpm:\"pulseaudio-module-zeroconf~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pulseaudio-utils\", rpm:\"pulseaudio-utils~0.9.14~2.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-satsolver\", rpm:\"python-satsolver~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.10~17.30.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.10~17.30.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ruby-satsolver\", rpm:\"ruby-satsolver~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"satsolver-tools\", rpm:\"satsolver-tools~0.13.7~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"snmp-mibs\", rpm:\"snmp-mibs~5.4.2.1~5.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.8~1.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.8~1.25.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virt-manager\", rpm:\"virt-manager~0.5.3~64.24.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virt-viewer\", rpm:\"virt-viewer~0.0.3~3.28.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-debug\", rpm:\"virtualbox-ose-kmp-debug~2.0.6_2.6.27.23_0.1~2.8.32\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-trace\", rpm:\"virtualbox-ose-kmp-trace~2.0.6_2.6.27.23_0.1~2.8.32\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vm-install\", rpm:\"vm-install~0.3.24~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vmware-kmp-debug\", rpm:\"vmware-kmp-debug~2008.09.03_2.6.27.23_0.1~5.50.25\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vmware-kmp-trace\", rpm:\"vmware-kmp-trace~2008.09.03_2.6.27.23_0.1~5.50.25\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.4~2.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.0.4~2.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-doc-pdf\", rpm:\"xen-doc-pdf~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~3.3.1_18546_16~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"RealPlayer\", rpm:\"RealPlayer~10.0.9~51.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acerhk-kmp-debug\", rpm:\"acerhk-kmp-debug~0.5.35_2.6.25.20_0.4~98.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acx-kmp-debug\", rpm:\"acx-kmp-debug~20080210_2.6.25.20_0.4~3.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"appleir-kmp-debug\", rpm:\"appleir-kmp-debug~1.1_2.6.25.20_0.4~108.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at76_usb-kmp-debug\", rpm:\"at76_usb-kmp-debug~0.17_2.6.25.20_0.4~2.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"atl2-kmp-debug\", rpm:\"atl2-kmp-debug~2.0.4_2.6.25.20_0.4~4.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"aufs-kmp-debug\", rpm:\"aufs-kmp-debug~cvs20080429_2.6.25.20_0.4~13.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-crammd5\", rpm:\"cyrus-sasl-crammd5~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-devel\", rpm:\"cyrus-sasl-devel~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-digestmd5\", rpm:\"cyrus-sasl-digestmd5~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-ntlm\", rpm:\"cyrus-sasl-ntlm~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-otp\", rpm:\"cyrus-sasl-otp~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.22~140.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dazuko-kmp-debug\", rpm:\"dazuko-kmp-debug~2.3.4.4_2.6.25.20_0.4~42.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dos2unix\", rpm:\"dos2unix~3.1~413.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.6_2.6.25.20_0.4~0.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core\", rpm:\"ganglia-monitor-core~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-devel\", rpm:\"ganglia-monitor-core-devel~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmetad\", rpm:\"ganglia-monitor-core-gmetad~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmond\", rpm:\"ganglia-monitor-core-gmond~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-webfrontend\", rpm:\"ganglia-webfrontend~2.5.7~162.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gspcav-kmp-debug\", rpm:\"gspcav-kmp-debug~01.00.20_2.6.25.20_0.4~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kmp-debug\", rpm:\"iscsitarget-kmp-debug~0.4.15_2.6.25.20_0.4~63.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ivtv-kmp-debug\", rpm:\"ivtv-kmp-debug~1.0.3_2.6.25.20_0.4~66.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.25.20~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kmp-debug\", rpm:\"kqemu-kmp-debug~1.3.0pre11_2.6.25.20_0.4~7.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsnmp15\", rpm:\"libsnmp15~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.20_0.4~0.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"omnibook-kmp-debug\", rpm:\"omnibook-kmp-debug~20080313_2.6.25.20_0.4~1.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"optipng\", rpm:\"optipng~0.6.2~2.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcc-acpi-kmp-debug\", rpm:\"pcc-acpi-kmp-debug~0.9_2.6.25.20_0.4~4.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pcfclock-kmp-debug\", rpm:\"pcfclock-kmp-debug~0.44_2.6.25.20_0.4~207.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.9~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.9~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"snmp-mibs\", rpm:\"snmp-mibs~5.4.1~77.6\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan\", rpm:\"strongswan~4.2.1~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"strongswan-doc\", rpm:\"strongswan-doc~4.2.1~11.8\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tpctl-kmp-debug\", rpm:\"tpctl-kmp-debug~4.17_2.6.25.20_0.4~189.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"uvcvideo-kmp-debug\", rpm:\"uvcvideo-kmp-debug~r200_2.6.25.20_0.4~2.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-debug\", rpm:\"virtualbox-ose-kmp-debug~1.5.6_2.6.25.20_0.4~33.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vmware-kmp-debug\", rpm:\"vmware-kmp-debug~2008.04.14_2.6.25.20_0.4~21.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~1.0.0~17.12\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~1.0.0~17.12\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wlan-ng-kmp-debug\", rpm:\"wlan-ng-kmp-debug~0.2.8_2.6.25.20_0.4~107.1\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"RealPlayer\", rpm:\"RealPlayer~10.0.9~11.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"acroread\", rpm:\"acroread~8.1.5~0.1\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~22.24\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-crammd5\", rpm:\"cyrus-sasl-crammd5~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-devel\", rpm:\"cyrus-sasl-devel~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-digestmd5\", rpm:\"cyrus-sasl-digestmd5~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-otp\", rpm:\"cyrus-sasl-otp~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.22~82.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"dos2unix\", rpm:\"dos2unix~3.1~376.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core\", rpm:\"ganglia-monitor-core~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-devel\", rpm:\"ganglia-monitor-core-devel~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmetad\", rpm:\"ganglia-monitor-core-gmetad~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-monitor-core-gmond\", rpm:\"ganglia-monitor-core-gmond~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ganglia-webfrontend\", rpm:\"ganglia-webfrontend~2.5.7~99.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.22.19~0.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libsnmp15\", rpm:\"libsnmp15~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp\", rpm:\"net-snmp~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"net-snmp-devel\", rpm:\"net-snmp-devel~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.11\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"optipng\", rpm:\"optipng~0.6.2~2.3\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-SNMP\", rpm:\"perl-SNMP~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga\", rpm:\"quagga~0.99.7~37.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"quagga-devel\", rpm:\"quagga-devel~0.99.7~37.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"snmp-mibs\", rpm:\"snmp-mibs~5.4.1~19.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark\", rpm:\"wireshark~0.99.6~31.18\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"wireshark-devel\", rpm:\"wireshark-devel~0.99.6~31.18\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2019-05-30T07:37:14", "description": "New ghostscript packages are available for Slackware 12.1, 12.2, and -current\nto fix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/ghostscript-8.63-i486-3_slack12.2.tgz: Rebuilt.\n Patched various problems with ghostscript that could lead to a denial\n of service or the execution of arbitrary code when processing a malicious\n or malformed file.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/ghostscript-8.62-i486-6_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/ghostscript-8.63-i486-3_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/ghostscript-8.64-i486-2.txz\n\nUpdated package for Slackware64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/ghostscript-8.64-x86_64-2.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 package:\n052df55ec047d8ea8523dbd344ed75f1 ghostscript-8.62-i486-6_slack12.1.tgz\n\nSlackware 12.2 package:\n2a674db1adf4f1c77bdfecb0758df5a2 ghostscript-8.63-i486-3_slack12.2.tgz\n\nSlackware -current package:\ncfb4a6cad4e409fb6cfdcfc13208b8b6 ghostscript-8.64-i486-2.txz\n\nSlackware64 -current package:\n8b313fdb584c6533175b3adc2ceccf8f ghostscript-8.64-x86_64-2.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg ghostscript-8.63-i486-3_slack12.2.tgz", "cvss3": {}, "published": "2009-06-29T23:40:52", "type": "slackware", "title": "ghostscript", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-0584", "CVE-2009-0583"], "modified": "2009-06-29T23:40:52", "id": "SSA-2009-181-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425842", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:01", "description": "[8.15.2-9.4:.7]\n- Added extra checking for CVE-2009-0792 (bug #491853).\n[8.15.2-9.4:.6]\n- Applied patch to fix gdevpdtb buffer overflow (bug #493445).\n- Applied patch to fix scfd buffer underrun (bug #493442).\n- Applied patch to fix CVE-2009-0792 (bug #491853).\n- Applied patch to fix CVE-2009-0196 (bug #493379). ", "cvss3": {}, "published": "2009-04-14T00:00:00", "type": "oraclelinux", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2007-6725", "CVE-2008-6679"], "modified": "2009-04-14T00:00:00", "id": "ELSA-2009-0421", "href": "http://linux.oracle.com/errata/ELSA-2009-0421.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:45:32", "description": "Ghostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\naddress all possible integer overflow flaws in Ghostscript's International\nColor Consortium Format library (icclib). Using specially-crafted ICC\nprofiles, an attacker could create a malicious PostScript or PDF file with\nembedded images that could cause Ghostscript to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in\nGhostscript. An attacker could create a specially-crafted PostScript or PDF\nfile that could cause Ghostscript to crash or, potentially, execute\narbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "cvss3": {}, "published": "2009-04-14T00:00:00", "type": "redhat", "title": "(RHSA-2009:0421) Moderate: ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2017-09-08T07:48:01", "id": "RHSA-2009:0421", "href": "https://access.redhat.com/errata/RHSA-2009:0421", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T12:02:13", "description": "**CentOS Errata and Security Advisory** CESA-2009:0421\n\n\nGhostscript is a set of software that provides a PostScript interpreter, a\nset of C procedures (the Ghostscript library, which implements the graphics\ncapabilities in the PostScript language) and an interpreter for Portable\nDocument Format (PDF) files.\n\nIt was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not\naddress all possible integer overflow flaws in Ghostscript's International\nColor Consortium Format library (icclib). Using specially-crafted ICC\nprofiles, an attacker could create a malicious PostScript or PDF file with\nembedded images that could cause Ghostscript to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0792)\n\nA buffer overflow flaw and multiple missing boundary checks were found in\nGhostscript. An attacker could create a specially-crafted PostScript or PDF\nfile that could cause Ghostscript to crash or, potentially, execute\narbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly reporting the CVE-2009-0196 flaw.\n\nUsers of ghostscript are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-April/052709.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-April/052710.html\n\n**Affected packages:**\nghostscript\nghostscript-devel\nghostscript-gtk\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:0421", "cvss3": {}, "published": "2009-04-20T10:16:55", "type": "centos", "title": "ghostscript security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792"], "modified": "2009-04-20T10:16:55", "id": "CESA-2009:0421", "href": "https://lists.centos.org/pipermail/centos-announce/2009-April/052709.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "Ghostscript is a set of software that provides a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "edition": 2, "cvss3": {}, "published": "2009-04-15T21:49:53", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: ghostscript-8.63-6.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792"], "modified": "2009-04-15T21:49:53", "id": "FEDORA:1217E10F851", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "Ghostscript is a set of software that provides a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. ", "edition": 2, "cvss3": {}, "published": "2009-04-15T21:50:26", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: ghostscript-8.63-3.fc9", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0583", "CVE-2009-0584", "CVE-2009-0792"], "modified": "2009-04-15T21:50:26", "id": "FEDORA:3E12610F851", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T13:28:19", "description": "It was discovered that Ghostscript contained a buffer underflow in its \nCCITTFax decoding filter. If a user or automated system were tricked into \nopening a crafted PDF file, an attacker could cause a denial of service or \nexecute arbitrary code with privileges of the user invoking the program. \n(CVE-2007-6725)\n\nIt was discovered that Ghostscript contained a buffer overflow in the \nBaseFont writer module. If a user or automated system were tricked into \nopening a crafted Postscript file, an attacker could cause a denial of \nservice or execute arbitrary code with privileges of the user invoking the \nprogram. (CVE-2008-6679)\n\nIt was discovered that Ghostscript contained additional integer overflows \nin its ICC color management library. If a user or automated system were \ntricked into opening a crafted Postscript or PDF file, an attacker could \ncause a denial of service or execute arbitrary code with privileges of the \nuser invoking the program. (CVE-2009-0792)\n\nAlin Rad Pop discovered that Ghostscript contained a buffer overflow in the \njbig2dec library. If a user or automated system were tricked into opening a \ncrafted PDF file, an attacker could cause a denial of service or execute \narbitrary code with privileges of the user invoking the program. \n(CVE-2009-0196)\n\nUSN-743-1 provided updated ghostscript and gs-gpl packages to fix two \nsecurity vulnerabilities. This update corrects the same vulnerabilities in \nthe gs-esp package.\n\nOriginal advisory details: \nIt was discovered that Ghostscript contained multiple integer overflows in \nits ICC color management library. If a user or automated system were \ntricked into opening a crafted Postscript file, an attacker could cause a \ndenial of service or execute arbitrary code with privileges of the user \ninvoking the program. (CVE-2009-0583)\n\nIt was discovered that Ghostscript did not properly perform bounds \nchecking in its ICC color management library. If a user or automated \nsystem were tricked into opening a crafted Postscript file, an attacker \ncould cause a denial of service or execute arbitrary code with privileges \nof the user invoking the program. (CVE-2009-0584)\n", "cvss3": {}, "published": "2009-04-15T00:00:00", "type": "ubuntu", "title": "Ghostscript vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0584", "CVE-2009-0196", "CVE-2009-0583", "CVE-2007-6725", "CVE-2008-6679", "CVE-2009-0792"], "modified": "2009-04-15T00:00:00", "id": "USN-757-1", "href": "https://ubuntu.com/security/notices/USN-757-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2022-01-07T00:54:56", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2080-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 01, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : ghostscript\nVulnerability : several\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-6725 CVE-2008-3522 CVE-2008-6679 CVE-2009-0196 CVE-2009-0792 CVE-2009-4270 CVE-2010-1869\n\nSeveral security issues have been discovered in Ghostscript, the GPL\nPostScript/PDF interpreter, which might lead to the execution of\narbitrary code if a user processes a malformed PDF or Postscript file.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 8.62.dfsg.1-3.2lenny4.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8.71~dfsg-4.\n\nWe recommend that you upgrade your ghostscript packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4.diff.gz\n Size/MD5 checksum: 104592 c1f5f4ee971ea44f4b0cef7488fea58a\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny2.diff.gz\n Size/MD5 checksum: 104465 712a48aa6a1a28c2800ee3a950f24c93\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 12212309 42fc1b31aa745c3765c2fcd2da243236\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/g/ghostscript/gs-gpl_8.62.dfsg.1-3.2lenny4_all.deb\n Size/MD5 checksum: 28702 dcf8382cede0279d2ced25016b5d63b0\n http://security.debian.org/pool/updates/main/g/ghostscript/gs-aladdin_8.62.dfsg.1-3.2lenny4_all.deb\n Size/MD5 checksum: 28704 a62393cb1d1449c44398279e40804a20\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-doc_8.62.dfsg.1-3.2lenny4_all.deb\n Size/MD5 checksum: 2784654 379db3cc220700a5320c0f3505ec6185\n http://security.debian.org/pool/updates/main/g/ghostscript/gs_8.62.dfsg.1-3.2lenny4_all.deb\n Size/MD5 checksum: 28692 f327874c01d90518ae69cc746ae8c245\n http://security.debian.org/pool/updates/main/g/ghostscript/gs-common_8.62.dfsg.1-3.2lenny4_all.deb\n Size/MD5 checksum: 28902 d790c6a598e425e86655613e3d842feb\n http://security.debian.org/pool/updates/main/g/ghostscript/gs-esp_8.62.dfsg.1-3.2lenny4_all.deb\n Size/MD5 checksum: 28696 6e1b2ffd61b41b2210c80035fa1c18d2\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_alpha.deb\n Size/MD5 checksum: 66154 af55aa7bcd5471ef673c0c5f5fddf693\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_alpha.deb\n Size/MD5 checksum: 36444 e2e1d7dbf80456743f43c063ddd31d2a\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_alpha.deb\n Size/MD5 checksum: 797568 50220131de97010d530c84e4685b9ba3\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_alpha.deb\n Size/MD5 checksum: 2629590 bf6713489c1974a68e72244cd0ab313e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_amd64.deb\n Size/MD5 checksum: 63102 b381fcd9f08a512ec234aefc4db55e6d\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_amd64.deb\n Size/MD5 checksum: 794264 1d6aa96ecda1cc3caaee6e02ec8131d0\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_amd64.deb\n Size/MD5 checksum: 36296 1c234970f6695e233c98f6c8b17a228d\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_amd64.deb\n Size/MD5 checksum: 2322612 ff18916f3e0b984520dc6a65a1850545\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_arm.deb\n Size/MD5 checksum: 59898 691db1eafdbb597550e41936a588dc2e\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_arm.deb\n Size/MD5 checksum: 2179214 fce17c2014ef0633694921ff7a2dbbf6\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_arm.deb\n Size/MD5 checksum: 34898 94bfb293db43933b96defcc65c2ce1e4\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_arm.deb\n Size/MD5 checksum: 796618 133283cd0ce5ad2ddfb180149dd1cdde\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_armel.deb\n Size/MD5 checksum: 797658 bfee3d7ee43ecf42c762f707e15be417\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_armel.deb\n Size/MD5 checksum: 63604 ba4c4769c7a604e1cbd65e42d4a20308\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_armel.deb\n Size/MD5 checksum: 2214322 659428a1eb467fd459a8a10ac6e57f53\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_armel.deb\n Size/MD5 checksum: 36442 59d91a5b9a24bec78946a5e01345589b\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_hppa.deb\n Size/MD5 checksum: 66854 e46caba3e0fc3e99c9d672210b414c85\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_hppa.deb\n Size/MD5 checksum: 2573688 98b1cb485944aeec0c762f4d3d6b5627\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_hppa.deb\n Size/MD5 checksum: 36330 5a36e8704d153f1c1269ddbe3d37368e\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_hppa.deb\n Size/MD5 checksum: 800058 3770d71e6644cf0bf82b5618c07879fe\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_i386.deb\n Size/MD5 checksum: 35476 2c35e644cc7bc6d5a29125de9bda777c\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_i386.deb\n Size/MD5 checksum: 2221692 263aab297fcd59829a0c5e0e2b0f1e6d\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_i386.deb\n Size/MD5 checksum: 761660 44c35e23d34cb081bb785c5a89683701\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_i386.deb\n Size/MD5 checksum: 60818 b150caecdd7fdd47538ac364b3a23baa\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_ia64.deb\n Size/MD5 checksum: 80902 c44a55178f56e171274891ff828be57c\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_ia64.deb\n Size/MD5 checksum: 36332 59188d6b794be8a8632f68c99e53fabe\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_ia64.deb\n Size/MD5 checksum: 3613878 b2037a5a573797ed7e8db63b25c54980\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_ia64.deb\n Size/MD5 checksum: 801702 f478ffb34fedecea724a6eff2c0c6aeb\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_mips.deb\n Size/MD5 checksum: 62840 1bf8443154d4ed4a3d7329078b16839f\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_mips.deb\n Size/MD5 checksum: 34916 965449e1371593ca5fdc0614c49f05ad\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_mips.deb\n Size/MD5 checksum: 798628 3673f32bc99ec26b919ad9a5a53742bc\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_mips.deb\n Size/MD5 checksum: 2304896 3713df01d5717a4d4af157cf0bb6fc88\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_mipsel.deb\n Size/MD5 checksum: 35472 322427312d6cc997684dd4070f47e870\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_mipsel.deb\n Size/MD5 checksum: 61774 22a19e60d87c94a8bcaa931b13f20179\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_mipsel.deb\n Size/MD5 checksum: 762160 90c8fb7ba07e88329bb247ab49cf290f\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_mipsel.deb\n Size/MD5 checksum: 2300466 2d7ba5f0f3cc18775f25bbd3881bd5f4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_powerpc.deb\n Size/MD5 checksum: 801086 eee24a6fc08a2e68405adc584d090819\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_powerpc.deb\n Size/MD5 checksum: 36432 4b62009ca227ff2aa28808ba5a696c02\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_powerpc.deb\n Size/MD5 checksum: 66012 ba51af4c986f7db06b66f7c3f3bef07e\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_powerpc.deb\n Size/MD5 checksum: 2408918 14806baf03b217ba15b6808493f4d46b\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_s390.deb\n Size/MD5 checksum: 36452 6a0cffde06a5f3fc635ac214fa874a94\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_s390.deb\n Size/MD5 checksum: 2437882 dd3fd6a06b07f8d45c9f07b339fe26dc\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_s390.deb\n Size/MD5 checksum: 64412 e60524ff7457eb9bf7a3430afcfba513\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_s390.deb\n Size/MD5 checksum: 800832 c91e9753ad83a76eebdf9abc7694f681\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs8_8.62.dfsg.1-3.2lenny4_sparc.deb\n Size/MD5 checksum: 2187340 476ff570ae6d30c7f881caba112b6e34\n http://security.debian.org/pool/updates/main/g/ghostscript/libgs-dev_8.62.dfsg.1-3.2lenny4_sparc.deb\n Size/MD5 checksum: 36350 4970f1e66a790e2a7b0aa4b285363c07\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny4_sparc.deb\n Size/MD5 checksum: 797876 f79742ddd68bee7476a39d4fde6ab68c\n http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-x_8.62.dfsg.1-3.2lenny4_sparc.deb\n Size/MD5 checksum: 59956 d7458a00b7f62c43b114aeff6deeec0c\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-08-01T01:24:55", "type": "debian", "title": "[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6725", "CVE-2008-3522", "CVE-2008-6679", "CVE-2009-0196", "CVE-2009-0792", "CVE-2009-4270", "CVE-2010-1869"], "modified": "2010-08-01T01:24:55", "id": "DEBIAN:DSA-2080-1:68D05", "href": "https://lists.debian.org/debian-security-announce/2010/msg00125.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:07:23", "description": "### Background\n\nGhostscript is an interpreter for the PostScript language and for PDF.\n\n### Description\n\nMultiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF using GPL Ghostscript, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GPL Ghostscript users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-text/ghostscript-gpl-9.10-r2\"", "cvss3": {}, "published": "2014-12-13T00:00:00", "type": "gentoo", "title": "GPL Ghostscript: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0196", "CVE-2009-0792", "CVE-2009-3743", "CVE-2009-4270", "CVE-2009-4897", "CVE-2010-1628", "CVE-2010-2055", "CVE-2010-4054", "CVE-2012-4405"], "modified": "2014-12-13T00:00:00", "id": "GLSA-201412-17", "href": "https://security.gentoo.org/glsa/201412-17", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
