##############################################################################
#
#  SuSE update for opera: SUSE-SA:2005:057 (9.3)
#
#  Copyright: OS2A and it's member companies
#
#  Date Written: 2005/10/05
#
#  $Revision: 1.1 $
#
#  $Log: os2a_SUSE-SA_2005_057_9.3_600478.nasl,v $
#  Revision 1.1  2005/10/08 11:40:02  bchandra
#  Issue #942 To production
#
#  Revision 1.1  2005/10/05 06:08:47  hshreesha
#  issue #947
#
#
#  ------------------------------------------------------------------------
#  This program was written by OS2A and/or it's member companies and is
#  licensed under the GNU GPL license. Please see below for details. This
#  header contains information regarding licensing terms under the GPL, and
#  information regarding obtaining source code from the Author. Consequently,
#  pursuant to section 3(c) of the GPL, you must accompany the information
#  found in this header with any distribution you make of this Program.
#  ------------------------------------------------------------------------
##############################################################################


if(description)
{
 script_id(600478);
 script_bugtraq_id(14880);
 script_cve_id("CAN-2005-3006, CAN-2005-3007");
 script_copyright(english:"Copyright (C) 2005 OS2A");
 script_version("$Revision: 1.1 $");
 script_category(ACT_GATHER_INFO);
 script_family(english:"SuSE Local Security Checks");
 name["english"] = "SuSE update for opera: SUSE-SA:2005:057 (9.3)";
 script_name(english:name["english"]);
 summary["english"] = "Check for the version of opera package";
 script_summary(english:summary["english"]);
 
 desc["english"] = "
 Overview : This remote host does not have the updates for opera package
 for SUSE-SA:2005:057.
 
 Impact : 
 This update upgrades the Opera web browser to the 8.50 release.
 Following security problems were fixed:
 1. Attached files are opened without any warnings directly from the 
    user's cache directory. This can be exploited to execute arbitrary 
    Javascript in context of 'file://'. 
 2. Normally, filename extensions are determined by the 'Content-Type'
    in Opera Mail. However, by appending an additional '.' to the end of 
    a filename, an HTML file could be spoofed to be e.g. 'image.jpg.'.
 These two vulnerabilities combined may be exploited to conduct script
 insertion attacks if the user chooses to view an attachment named
 e.g. 'image.jpg.' resulting in disclosure of local files.
 
 Platforms Affected : SuSE 9.3

 Solution : Upgrade to updated packages:
       ftp://ftp.suse.com/pub/suse/i386/update/9.3
 
 References : 
 http://www.novell.com/linux/security/advisories/2005_57_opera.html

 Risk factor : High";

 script_description(english:desc["english"]);
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/SuSE/rpm-list");

 exit(0);
}


include("rpm.inc");

if(rpm_check(reference:"opera-8.50-2.1", release:"SUSE9.3"))
{
	 security_hole(0);
	 exit(0);
}

if(rpm_exists(rpm:"opera-", release:"SUSE9.3"))
{
	set_kb_item(name:"CAN-2005-3006", value:TRUE);
	set_kb_item(name:"CAN-2005-3007", value:TRUE);
}