Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-4895.NASLHistoryApr 22, 2021 - 12:00 a.m.
Debian DSA-4895-1 : firefox-esr - security update
2021-04-2200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
35
8.8 High
AI Score
Confidence
High
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4895. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include("compat.inc");
if (description)
{
script_id(148932);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/12");
script_cve_id("CVE-2021-23961", "CVE-2021-23994", "CVE-2021-23995", "CVE-2021-23998", "CVE-2021-23999", "CVE-2021-24002", "CVE-2021-29945", "CVE-2021-29946");
script_xref(name:"DSA", value:"4895");
script_xref(name:"IAVA", value:"2021-A-0185-S");
script_name(english:"Debian DSA-4895-1 : firefox-esr - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, information disclosure, privilege escalation or spoofing."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/source-package/firefox-esr"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/buster/firefox-esr"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2021/dsa-4895"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the firefox-esr packages.
For the stable distribution (buster), these problems have been fixed
in version 78.10.0esr-1~deb10u1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-29946");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firefox-esr");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/02/26");
script_set_attribute(attribute:"patch_publication_date", value:"2021/04/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/22");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"10.0", prefix:"firefox-esr", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ach", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-af", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-all", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-an", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ar", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-as", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ast", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-az", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-be", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bg", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bn-bd", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bn-in", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-br", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-bs", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ca", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-cak", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-cs", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-cy", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-da", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-de", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-dsb", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-el", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-en-gb", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-en-za", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-eo", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-ar", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-cl", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-es", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-es-mx", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-et", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-eu", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fa", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ff", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fi", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fr", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-fy-nl", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ga-ie", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gd", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gl", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gn", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-gu-in", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-he", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hi-in", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hr", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hsb", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hu", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-hy-am", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ia", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-id", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-is", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-it", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ja", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ka", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-kab", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-kk", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-km", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-kn", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ko", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-lij", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-lt", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-lv", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-mai", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-mk", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ml", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-mr", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ms", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-my", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-nb-no", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ne-np", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-nl", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-nn-no", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-oc", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-or", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pa-in", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pl", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pt-br", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-pt-pt", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-rm", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ro", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ru", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-si", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sk", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sl", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-son", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sq", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sr", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-sv-se", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ta", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-te", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-th", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-tr", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-uk", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-ur", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-uz", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-vi", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-xh", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-zh-cn", reference:"78.10.0esr-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"firefox-esr-l10n-zh-tw", reference:"78.10.0esr-1~deb10u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | firefox-esr | p-cpe:/a:debian:debian_linux:firefox-esr |
| debian | debian_linux | 10.0 | cpe:/o:debian:debian_linux:10.0 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
packages.debian.org/source/buster/firefox-esr
security-tracker.debian.org/tracker/source-package/firefox-esr
www.debian.org/security/2021/dsa-4895
Related
nessus
nessus
RHEL 8 : firefox (RHSA-2021:1360)
2021-04-26 00:00:00
Debian DLA-2633-1 : firefox-esr security update
2021-04-27 00:00:00
CentOS 8 : firefox (CESA-2021:1360)
2021-05-03 00:00:00
osv
osv
firefox-esr - security update
2021-04-20 00:00:00
firefox-esr - security update
2021-04-23 00:00:00
thunderbird - security update
2021-04-22 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2021-04-29 12:41:35
Updated thunderbird packages fix security vulnerabilities
2021-04-29 12:41:35
oraclelinux
oraclelinux
firefox security update
2021-04-27 00:00:00
firefox security update
2021-04-27 00:00:00
thunderbird security update
2021-04-27 00:00:00
debian
debian
[SECURITY] [DSA 4895-1] firefox-esr security update
2021-04-20 18:17:37
[SECURITY] [DLA 2633-1] firefox-esr security update
2021-04-23 10:43:12
[SECURITY] [DSA 4897-1] thunderbird security update
2021-04-22 09:31:32
openvas
openvas
Debian: Security Advisory (DSA-4895-1)
2021-04-22 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1433-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2021-0199)
2022-01-28 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2021-04-26 00:00:00
Security update for MozillaThunderbird (important)
2021-05-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 78.10.0-alt1
2021-04-21 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 78.10.0-alt1
2021-04-26 00:00:00
redhat
redhat
(RHSA-2021:1363) Important: firefox security update
2021-04-26 10:29:25
(RHSA-2021:1362) Important: firefox security update
2021-04-26 10:29:17
(RHSA-2021:1361) Important: firefox security update
2021-04-26 10:29:12
kaspersky
kaspersky
KLA12150 Multiple vulnerabilities in Mozilla Firefox ESR
2021-04-19 00:00:00
KLA12148 Multiple vulnerabilities in Mozilla Thunderbird
2021-04-19 00:00:00
KLA12149 Multiple vulnerabilities in Mozilla Firefox
2021-04-19 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 78.10 — Mozilla
2021-04-19 00:00:00
Security Vulnerabilities fixed in Thunderbird 78.10 — Mozilla
2021-04-19 00:00:00
Security Vulnerabilities fixed in Firefox 88 — Mozilla
2021-04-19 00:00:00
almalinux
almalinux
Important: firefox security update
2021-04-26 10:29:07
Important: thunderbird security update
2021-04-26 05:03:41
archlinux
archlinux
[ASA-202104-4] thunderbird: multiple issues
2021-04-29 00:00:00
[ASA-202104-3] firefox: multiple issues
2021-04-29 00:00:00
[ASA-202102-1] firefox: multiple issues
2021-02-01 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Mozilla Firefox
2021-12-01 15:06:50
amazon
amazon
Important: thunderbird
2021-05-20 17:05:00
ubuntu
ubuntu
Firefox vulnerabilities
2021-04-26 00:00:00
Thunderbird vulnerabilities
2021-06-25 00:00:00
Thunderbird vulnerabilities
2021-06-22 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple vulnerabilities
2021-04-30 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2021-04-30 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2021-02-01 00:00:00
threatpost
threatpost
Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock
2021-04-20 20:40:09
prion
prion
Integer overflow
2021-06-24 14:15:00
Code injection
2021-06-24 14:15:00
Memory corruption
2021-06-24 14:15:00
cve
cve
debiancve
debiancve
redhatcve
redhatcve
ubuntucve
ubuntucve
veracode
veracode
Spoofable Secure Lock Icon
2021-04-21 18:13:47
Arbitrary Code Execution
2021-04-21 18:13:39
Port Blocking BYPASS
2021-04-22 09:05:54
alpinelinux
alpinelinux
thn
thn
New Attack Could Let Remote Hackers Target Devices On Internal Networks
2021-01-27 12:58:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1835
2021-07-02 16:43:38