Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2009-1430.NASL
HistorySep 11, 2009 - 12:00 a.m.

CentOS 4 / 5 : firefox / seamonkey (CESA-2009:1430)

2009-09-1100:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
90
JSON

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime (NSPR).

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075)

A use-after-free flaw was found in Firefox. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3077)

A flaw was found in the way Firefox handles malformed JavaScript. A website with an object containing malicious JavaScript could execute that JavaScript with the privileges of the user running Firefox.
(CVE-2009-3079)

Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user’s machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3076)

A flaw was found in the way Firefox displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)

A flaw was found in the way Firefox displays certain Unicode characters. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-3078)

For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.14. You can find a link to the Mozilla advisories in the References section of this errata.

All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.14, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2009:1430 and 
# CentOS Errata and Security Advisory 2009:1430 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(40932);
  script_version("1.25");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2009-2470", "CVE-2009-2654", "CVE-2009-2662", "CVE-2009-2663", "CVE-2009-2664", "CVE-2009-2665", "CVE-2009-3069", "CVE-2009-3070", "CVE-2009-3071", "CVE-2009-3072", "CVE-2009-3073", "CVE-2009-3074", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077", "CVE-2009-3078", "CVE-2009-3079");
  script_bugtraq_id(35803, 36343);
  script_xref(name:"RHSA", value:"2009:1430");

  script_name(english:"CentOS 4 / 5 : firefox / seamonkey (CESA-2009:1430)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated firefox packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

Mozilla Firefox is an open source Web browser. XULRunner provides the
XUL Runtime environment for Mozilla Firefox. nspr provides the
Netscape Portable Runtime (NSPR).

Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2009-3070, CVE-2009-3071, CVE-2009-3072,
CVE-2009-3074, CVE-2009-3075)

A use-after-free flaw was found in Firefox. An attacker could use this
flaw to crash Firefox or, potentially, execute arbitrary code with the
privileges of the user running Firefox. (CVE-2009-3077)

A flaw was found in the way Firefox handles malformed JavaScript. A
website with an object containing malicious JavaScript could execute
that JavaScript with the privileges of the user running Firefox.
(CVE-2009-3079)

Descriptions in the dialogs when adding and removing PKCS #11 modules
were not informative. An attacker able to trick a user into installing
a malicious PKCS #11 module could use this flaw to install their own
Certificate Authority certificates on a user's machine, making it
possible to trick the user into believing they are viewing a trusted
site or, potentially, execute arbitrary code with the privileges of
the user running Firefox. (CVE-2009-3076)

A flaw was found in the way Firefox displays the address bar when
window.open() is called in a certain way. An attacker could use this
flaw to conceal a malicious URL, possibly tricking a user into
believing they are viewing a trusted site. (CVE-2009-2654)

A flaw was found in the way Firefox displays certain Unicode
characters. An attacker could use this flaw to conceal a malicious
URL, possibly tricking a user into believing they are viewing a
trusted site. (CVE-2009-3078)

For technical details regarding these flaws, refer to the Mozilla
security advisories for Firefox 3.0.14. You can find a link to the
Mozilla advisories in the References section of this errata.

All Firefox users should upgrade to these updated packages, which
contain Firefox version 3.0.14, which corrects these issues. After
installing the update, Firefox must be restarted for the changes to
take effect."
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-September/016133.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c88899c7"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-September/016134.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?386f19ef"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-September/016163.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ae5ee355"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-September/016164.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?4398c541"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected firefox and / or seamonkey packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(20, 94, 119, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:firefox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:nspr");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:nspr-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xulrunner");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xulrunner-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xulrunner-devel-unstable");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/08/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/09/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x / 5.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"firefox-3.0.14-1.el4.centos")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"firefox-3.0.14-1.el4.centos")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"nspr-4.7.5-1.el4_8")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"nspr-4.7.5-1.el4_8")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"nspr-devel-4.7.5-1.el4_8")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"nspr-devel-4.7.5-1.el4_8")) flag++;

if (rpm_check(release:"CentOS-5", reference:"firefox-3.0.14-1.el5.centos")) flag++;
if (rpm_check(release:"CentOS-5", reference:"nspr-4.7.5-1.el5_4")) flag++;
if (rpm_check(release:"CentOS-5", reference:"nspr-devel-4.7.5-1.el5_4")) flag++;
if (rpm_check(release:"CentOS-5", reference:"xulrunner-1.9.0.14-1.el5_4")) flag++;
if (rpm_check(release:"CentOS-5", reference:"xulrunner-devel-1.9.0.14-1.el5_4")) flag++;
if (rpm_check(release:"CentOS-5", reference:"xulrunner-devel-unstable-1.9.0.14-1.el5_4")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / nspr / nspr-devel / xulrunner / xulrunner-devel / etc");
}
VendorProductVersionCPE
centoscentosfirefoxp-cpe:/a:centos:centos:firefox
centoscentosnsprp-cpe:/a:centos:centos:nspr
centoscentosnspr-develp-cpe:/a:centos:centos:nspr-devel
centoscentosxulrunnerp-cpe:/a:centos:centos:xulrunner
centoscentosxulrunner-develp-cpe:/a:centos:centos:xulrunner-devel
centoscentosxulrunner-devel-unstablep-cpe:/a:centos:centos:xulrunner-devel-unstable
centoscentos4cpe:/o:centos:centos:4
centoscentos5cpe:/o:centos:centos:5

References

Related

nessus 42
openvas 80
securityvulns 5
freebsd 1
fedora 41
redhat 3
suse 1
oraclelinux 2
centos 3
ubuntu 2
osv 2
debian 1
mozilla 4
ubuntucve 3
prion 4
cve 3
checkpoint_advisories 1
veracode 1
nessus
nessus
Oracle Linux 4 / 5 : firefox (ELSA-2009-1430)
2013-07-12 00:00:00
RHEL 4 / 5 : firefox (RHSA-2009:1430)
2009-09-10 00:00:00
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-6495)
2009-10-06 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2009-09-15 00:00:00
Mandrake Security Advisory MDVSA-2009:236 (firefox)
2009-09-21 00:00:00
FreeBSD Ports: firefox
2009-09-15 00:00:00
securityvulns
securityvulns
Mozilla Firefox multiple security vulnerabilities
2009-09-11 00:00:00
Mozilla Foundation Security Advisory 2009-47
2009-09-10 00:00:00
Mozilla Firefox, Thunderbird, SeaMonkey, NSS multiple security vulnerabilities
2009-08-07 00:00:00
freebsd
freebsd
mozilla firefox -- multiple vulnerabilities
2009-09-10 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: epiphany-extensions-2.26.1-6.fc11
2009-09-11 23:33:35
[SECURITY] Fedora 11 Update: perl-Gtk2-MozEmbed-0.08-6.fc11.5
2009-09-11 23:33:35
[SECURITY] Fedora 11 Update: hulahop-0.4.9-8.fc11
2009-09-11 23:33:35
redhat
redhat
(RHSA-2009:1430) Critical: firefox security update
2009-09-09 00:00:00
(RHSA-2009:1431) Critical: seamonkey security update
2009-09-09 00:00:00
(RHSA-2009:1432) Critical: seamonkey security update
2009-09-09 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-10-20 17:59:46
oraclelinux
oraclelinux
firefox security update
2009-09-10 00:00:00
seamonkey security update
2009-09-10 00:00:00
centos
centos
firefox, nspr, xulrunner security update
2009-09-10 22:47:20
seamonkey security update
2009-09-10 22:51:03
seamonkey security update
2009-09-10 11:03:30
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-09-10 00:00:00
Thunderbird vulnerabilities
2010-03-18 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-09-14 00:00:00
xulrunner - spoofing vulnerabilities
2009-08-26 00:00:00
debian
debian
[SECURITY] [DSA 1885-1] New xulrunner packages fix several vulnerabilities
2009-09-14 17:05:35
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.9.1.3/ 1.9.0.14) — Mozilla
2009-09-09 00:00:00
Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13) — Mozilla
2009-08-03 00:00:00
Data corruption with SOCKS5 reply containing DNS name longer than 15 characters — Mozilla
2009-07-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-2662
2009-08-04 00:00:00
CVE-2009-3073
2009-09-10 00:00:00
CVE-2009-2664
2009-08-04 00:00:00
prion
prion
Memory corruption
2009-08-04 16:30:00
Memory corruption
2009-09-10 21:30:00
Design/Logic Flaw
2009-08-04 16:30:00
cve
cve
CVE-2009-2662
2009-08-04 16:30:00
CVE-2009-3073
2009-09-10 21:30:00
CVE-2009-2664
2009-08-04 16:30:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Top-level Script Object Offset Calculation Memory Corruption (CVE-2009-3073)
2010-05-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:36:34
JSON
Related for CENTOS_RHSA-2009-1430.NASL
nessus42openvas80securityvulns5freebsd1fedora41redhat3suse1oraclelinux2centos3ubuntu2osv2debian1mozilla4ubuntucve3prion4cve3checkpoint_advisories1veracode1