Debian security update for Mozilla Firefox ESR 78.
Reporter | Title | Published | Views | Family All 168 |
---|---|---|---|---|
Oracle linux | firefox security update | 24 Sep 202000:00 | – | oraclelinux |
Oracle linux | thunderbird security update | 13 Oct 202000:00 | – | oraclelinux |
Oracle linux | thunderbird security update | 23 Nov 202000:00 | – | oraclelinux |
Oracle linux | thunderbird security update | 4 Oct 202000:00 | – | oraclelinux |
Oracle linux | firefox security update | 14 Nov 202000:00 | – | oraclelinux |
Oracle linux | firefox security and bug fix update | 13 Oct 202000:00 | – | oraclelinux |
ALT Linux | Security fix for the ALT Linux 10 package firefox-esr version 78.3.0-alt1 | 23 Sep 202000:00 | – | altlinux |
ALT Linux | Security fix for the ALT Linux 10 package thunderbird version 78.3.0-alt1 | 25 Sep 202000:00 | – | altlinux |
OSV | Red Hat Security Advisory: firefox security update | 16 Sep 202404:46 | – | osv |
OSV | firefox-esr - security update | 28 Sep 202000:00 | – | osv |
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4768. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(140936);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/19");
script_cve_id(
"CVE-2020-15673",
"CVE-2020-15676",
"CVE-2020-15677",
"CVE-2020-15678"
);
script_xref(name:"DSA", value:"4768");
script_xref(name:"IAVA", value:"2020-A-0435-S");
script_name(english:"Debian DSA-4768-1 : firefox-esr - security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security-related update.");
script_set_attribute(attribute:"description", value:
"Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, cross-site scripting or spoofing the origin of a download.
Debian follows the extended support releases (ESR) of Firefox. Support
for the 68.x series has ended, so starting with this update we're now
following the 78.x releases.
Between 68.x and 78.x, Firefox has seen a number of feature updates.
For more information please refer to
https://www.mozilla.org/en-US/firefox/78.0esr/releasenotes/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/firefox/78.0esr/releasenotes/");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/firefox-esr");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/firefox-esr");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2020/dsa-4768");
script_set_attribute(attribute:"solution", value:
"Upgrade the firefox-esr packages.
For the stable distribution (buster), these problems have been fixed
in version 78.3.0esr-1~deb10u1.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-15678");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/01");
script_set_attribute(attribute:"patch_publication_date", value:"2020/09/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/09/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firefox-esr");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"10.0", prefix:"firefox-esr", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ach", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-af", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-all", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-an", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ar", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-as", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ast", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-az", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-be", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bg", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bn-bd", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bn-in", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-br", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bs", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ca", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-cak", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-cs", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-cy", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-da", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-de", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-dsb", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-el", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-en-gb", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-en-za", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-eo", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-ar", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-cl", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-es", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-mx", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-et", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-eu", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fa", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ff", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fi", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fr", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fy-nl", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ga-ie", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gd", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gl", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gn", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gu-in", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-he", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hi-in", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hr", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hsb", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hu", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hy-am", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ia", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-id", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-is", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-it", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ja", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ka", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-kab", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-kk", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-km", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-kn", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ko", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-lij", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-lt", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-lv", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-mai", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-mk", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ml", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-mr", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ms", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-my", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-nb-no", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ne-np", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-nl", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-nn-no", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-oc", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-or", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pa-in", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pl", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pt-br", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pt-pt", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-rm", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ro", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ru", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-si", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sk", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sl", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-son", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sq", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sr", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sv-se", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ta", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-te", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-th", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-tr", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-uk", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ur", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-uz", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-vi", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-xh", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-zh-cn", reference:"78.3.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-zh-tw", reference:"78.3.0esr-1~deb10u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo