Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-3590.NASL
HistoryJun 02, 2016 - 12:00 a.m.

Debian DSA-3590-1 : chromium-browser - security update

2016-06-0200:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
JSON

Several vulnerabilities have been discovered in the chromium web browser.

  • CVE-2016-1667 Mariusz Mylinski discovered a cross-origin bypass.

  • CVE-2016-1668 Mariusz Mylinski discovered a cross-origin bypass in bindings to v8.

  • CVE-2016-1669 Choongwoo Han discovered a buffer overflow in the v8 JavaScript library.

  • CVE-2016-1670 A race condition was found that could cause the renderer process to reuse ids that should have been unique.

  • CVE-2016-1672 Mariusz Mylinski discovered a cross-origin bypass in extension bindings.

  • CVE-2016-1673 Mariusz Mylinski discovered a cross-origin bypass in Blink/Webkit.

  • CVE-2016-1674 Mariusz Mylinski discovered another cross-origin bypass in extension bindings.

  • CVE-2016-1675 Mariusz Mylinski discovered another cross-origin bypass in Blink/Webkit.

  • CVE-2016-1676 Rob Wu discovered a cross-origin bypass in extension bindings.

  • CVE-2016-1677 Guang Gong discovered a type confusion issue in the v8 JavaScript library.

  • CVE-2016-1678 Christian Holler discovered an overflow issue in the v8 JavaScript library.

  • CVE-2016-1679 Rob Wu discovered a use-after-free issue in the bindings to v8.

  • CVE-2016-1680 Atte Kettunen discovered a use-after-free issue in the skia library.

  • CVE-2016-1681 Aleksandar Nikolic discovered an overflow issue in the pdfium library.

  • CVE-2016-1682 KingstonTime discovered a way to bypass the Content Security Policy.

  • CVE-2016-1683 Nicolas Gregoire discovered an out-of-bounds write issue in the libxslt library.

  • CVE-2016-1684 Nicolas Gregoire discovered an integer overflow issue in the libxslt library.

  • CVE-2016-1685 Ke Liu discovered an out-of-bounds read issue in the pdfium library.

  • CVE-2016-1686 Ke Liu discovered another out-of-bounds read issue in the pdfium library.

  • CVE-2016-1687 Rob Wu discovered an information leak in the handling of extensions.

  • CVE-2016-1688 Max Korenko discovered an out-of-bounds read issue in the v8 JavaScript library.

  • CVE-2016-1689 Rob Wu discovered a buffer overflow issue.

  • CVE-2016-1690 Rob Wu discovered a use-after-free issue.

  • CVE-2016-1691 Atte Kettunen discovered a buffer overflow issue in the skia library.

  • CVE-2016-1692 Til Jasper Ullrich discovered a cross-origin bypass issue.

  • CVE-2016-1693 Khalil Zhani discovered that the Software Removal Tool download was done over an HTTP connection.

  • CVE-2016-1694 Ryan Lester and Bryant Zadegan discovered that pinned public keys would be removed when clearing the browser cache.

  • CVE-2016-1695 The chrome development team found and fixed various issues during internal auditing.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-3590. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(91429);
  script_version("2.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2016-1667", "CVE-2016-1668", "CVE-2016-1669", "CVE-2016-1670", "CVE-2016-1672", "CVE-2016-1673", "CVE-2016-1674", "CVE-2016-1675", "CVE-2016-1676", "CVE-2016-1677", "CVE-2016-1678", "CVE-2016-1679", "CVE-2016-1680", "CVE-2016-1681", "CVE-2016-1682", "CVE-2016-1683", "CVE-2016-1684", "CVE-2016-1685", "CVE-2016-1686", "CVE-2016-1687", "CVE-2016-1688", "CVE-2016-1689", "CVE-2016-1690", "CVE-2016-1691", "CVE-2016-1692", "CVE-2016-1693", "CVE-2016-1694", "CVE-2016-1695");
  script_xref(name:"DSA", value:"3590");

  script_name(english:"Debian DSA-3590-1 : chromium-browser - security update");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in the chromium web
browser.

  - CVE-2016-1667
    Mariusz Mylinski discovered a cross-origin bypass.

  - CVE-2016-1668
    Mariusz Mylinski discovered a cross-origin bypass in
    bindings to v8.

  - CVE-2016-1669
    Choongwoo Han discovered a buffer overflow in the v8
    JavaScript library.

  - CVE-2016-1670
    A race condition was found that could cause the renderer
    process to reuse ids that should have been unique.

  - CVE-2016-1672
    Mariusz Mylinski discovered a cross-origin bypass in
    extension bindings.

  - CVE-2016-1673
    Mariusz Mylinski discovered a cross-origin bypass in
    Blink/Webkit.

  - CVE-2016-1674
    Mariusz Mylinski discovered another cross-origin bypass
    in extension bindings.

  - CVE-2016-1675
    Mariusz Mylinski discovered another cross-origin bypass
    in Blink/Webkit.

  - CVE-2016-1676
    Rob Wu discovered a cross-origin bypass in extension
    bindings.

  - CVE-2016-1677
    Guang Gong discovered a type confusion issue in the v8
    JavaScript library.

  - CVE-2016-1678
    Christian Holler discovered an overflow issue in the v8
    JavaScript library.

  - CVE-2016-1679
    Rob Wu discovered a use-after-free issue in the bindings
    to v8.

  - CVE-2016-1680
    Atte Kettunen discovered a use-after-free issue in the
    skia library.

  - CVE-2016-1681
    Aleksandar Nikolic discovered an overflow issue in the
    pdfium library.

  - CVE-2016-1682
    KingstonTime discovered a way to bypass the Content
    Security Policy.

  - CVE-2016-1683
    Nicolas Gregoire discovered an out-of-bounds write issue
    in the libxslt library.

  - CVE-2016-1684
    Nicolas Gregoire discovered an integer overflow issue in
    the libxslt library.

  - CVE-2016-1685
    Ke Liu discovered an out-of-bounds read issue in the
    pdfium library.

  - CVE-2016-1686
    Ke Liu discovered another out-of-bounds read issue in
    the pdfium library.

  - CVE-2016-1687
    Rob Wu discovered an information leak in the handling of
    extensions.

  - CVE-2016-1688
    Max Korenko discovered an out-of-bounds read issue in
    the v8 JavaScript library.

  - CVE-2016-1689
    Rob Wu discovered a buffer overflow issue.

  - CVE-2016-1690
    Rob Wu discovered a use-after-free issue.

  - CVE-2016-1691
    Atte Kettunen discovered a buffer overflow issue in the
    skia library.

  - CVE-2016-1692
    Til Jasper Ullrich discovered a cross-origin bypass
    issue.

  - CVE-2016-1693
    Khalil Zhani discovered that the Software Removal Tool
    download was done over an HTTP connection.

  - CVE-2016-1694
    Ryan Lester and Bryant Zadegan discovered that pinned
    public keys would be removed when clearing the browser
    cache.

  - CVE-2016-1695
    The chrome development team found and fixed various
    issues during internal auditing."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1667"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1668"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1669"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1670"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1672"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1673"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1674"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1675"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1676"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1677"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1678"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1679"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1680"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1681"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1682"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1683"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1684"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1685"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1686"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1687"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1688"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1689"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1690"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1691"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1692"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1693"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1694"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2016-1695"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/jessie/chromium-browser"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2016/dsa-3590"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the chromium-browser packages.

For the stable distribution (jessie), these problems have been fixed
in version 51.0.2704.63-1~deb8u1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:chromium-browser");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/05/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/06/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/02");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"8.0", prefix:"chromedriver", reference:"51.0.2704.63-1~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"chromium", reference:"51.0.2704.63-1~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"chromium-dbg", reference:"51.0.2704.63-1~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"chromium-inspector", reference:"51.0.2704.63-1~deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"chromium-l10n", reference:"51.0.2704.63-1~deb8u1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxchromium-browserp-cpe:/a:debian:debian_linux:chromium-browser
debiandebian_linux8.0cpe:/o:debian:debian_linux:8.0

References

Related

mageia 3
freebsd 3
openvas 22
debian 5
osv 2
kaspersky 2
threatpost 3
suse 6
archlinux 2
gentoo 1
chrome 2
nessus 23
redhat 5
ubuntu 2
veracode 4
cve 21
prion 20
debiancve 20
redhatcve 19
ubuntucve 22
seebug 5
ibm 4
f5 1
checkpoint_advisories 1
talos 1
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerabilities
2016-06-03 00:40:03
Updated chromium-browser-stable packages fix security vulnerability
2016-05-18 23:14:22
Updated libxslt packages fix security vulnerability
2016-06-08 00:39:50
freebsd
freebsd
chromium -- multiple vulnerabilities
2016-05-25 00:00:00
chromium -- multiple vulnerabilities
2016-05-11 00:00:00
libxslt -- Denial of Service
2016-05-25 00:00:00
openvas
openvas
Debian Security Advisory DSA 3590-1 (chromium-browser - security update)
2016-06-01 00:00:00
Debian: Security Advisory (DSA-3590-1)
2016-05-31 00:00:00
openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:1430-1)
2016-06-03 00:00:00
debian
debian
[SECURITY] [DSA 3590-1] chromium-browser security update
2016-06-01 03:49:42
[SECURITY] [DSA 3590-1] chromium-browser security update
2016-06-01 03:49:03
[SECURITY] [DSA 3605-1] libxslt security update
2016-06-19 05:00:31
osv
osv
chromium-browser - security update
2016-06-01 00:00:00
libxslt - security update
2016-06-12 00:00:00
kaspersky
kaspersky
KLA10816 Multiple vulnerabilities in Google Chrome
2016-05-25 00:00:00
KLA10809 Multiple vulnerabilities in Google Chrome
2016-05-11 00:00:00
threatpost
threatpost
Researcher Pockets $30,000 in Chrome Bounties
2016-05-27 07:00:25
5 Vulnerabilities Fixed In Chrome Browser, Google Pays $20K to Bug Hunters
2016-05-12 11:58:15
Google Patches High Severity Browser PDF Exploit
2016-06-09 13:46:59
suse
suse
Security update for Chromium (important)
2016-05-28 01:08:05
Security update for Chromium (important)
2016-05-28 01:08:32
Security update for Chromium (important)
2016-06-05 16:07:48
archlinux
archlinux
chromium: multiple issues
2016-05-28 00:00:00
chromium: multiple issues
2016-05-12 00:00:00
gentoo
gentoo
Chromium: Multiple vulnerabilities
2016-07-16 00:00:00
chrome
chrome
Stable Channel Update
2016-05-25 00:00:00
Stable Channel Update
2016-05-11 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (1a6bbb95-24b8-11e6-bd31-3065ec8fd3ec)
2016-05-31 00:00:00
RHEL 6 : chromium-browser (RHSA-2016:1190)
2016-06-02 00:00:00
Google Chrome < 51.0.2704.63 Multiple Vulnerabilities
2016-05-27 00:00:00
redhat
redhat
(RHSA-2016:1190) Important: chromium-browser security update
2016-06-01 10:34:16
(RHSA-2016:1080) Important: chromium-browser security update
2016-05-13 07:23:21
(RHSA-2017:0881) Moderate: v8 security update
2017-04-05 02:04:25
ubuntu
ubuntu
Oxide vulnerabilities
2016-06-06 00:00:00
Oxide vulnerabilities
2016-05-18 00:00:00
veracode
veracode
Copy-Paste Vulnerability (CPV) Through Libxslt
2017-05-17 07:06:54
Denial Of Service (DoS)
2018-07-17 10:26:43
Denial Of Service (DoS)
2019-01-15 09:14:45
cve
cve
CVE-2016-1691
2016-06-05 23:59:00
CVE-2016-1689
2016-06-05 23:59:00
CVE-2016-1680
2016-06-05 23:59:00
prion
prion
Heap overflow
2016-06-05 23:59:00
Design/Logic Flaw
2016-06-05 23:59:00
Design/Logic Flaw
2016-06-05 23:59:00
debiancve
debiancve
CVE-2016-1691
2016-06-05 23:59:00
CVE-2016-1673
2016-06-05 23:59:00
CVE-2016-1668
2016-05-14 21:59:00
redhatcve
redhatcve
CVE-2016-1691
2016-05-26 10:50:20
CVE-2016-1668
2016-05-12 09:19:07
CVE-2016-1683
2016-05-26 10:48:43
ubuntucve
ubuntucve
CVE-2016-1691
2016-05-31 00:00:00
CVE-2016-1673
2016-05-31 00:00:00
CVE-2016-1689
2016-05-31 00:00:00
seebug
seebug
Chrome Universal XSS using iterables (CVE-2016-1668)
2017-04-21 00:00:00
Chrome Universal XSS using a FrameNavigationDisabler bypass (CVE-2016-1673)
2017-04-24 00:00:00
Google Chrome PDFium jpeg2000 SIZ Code Execution Vulnerability(CVE-2016-1681)
2017-10-20 00:00:00
ibm
ibm
Security Bulletin: Buffer overflow in V8 in Node.js affects IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux
2018-08-03 04:23:43
Security Bulletin: IBM® SDK for Node.js™ may be affected by CVE-2016-1669
2018-08-09 04:20:36
Security Bulletin: IBM® SDK for Node.js™ in IBM Bluemix may be affected by CVE-2016-1669
2018-08-09 04:20:36
f5
f5
K35655050 : NodeJS vulnerability CVE-2016-1669
2017-04-19 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenJPEG Buffer Overflow (CVE-2016-1681)
2021-02-23 00:00:00
talos
talos
Google Chrome PDFium jpeg2000 SIZ Code Execution Vulnerability
2016-06-08 00:00:00
JSON
Related for DEBIAN_DSA-3590.NASL
mageia3freebsd3openvas22debian5osv2kaspersky2threatpost3suse6archlinux2gentoo1chrome2nessus23redhat5ubuntu2veracode4cve21prion20debiancve20redhatcve19ubuntucve22seebug5ibm4f51checkpoint_advisories1talos1