Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2021-1687.NASL
HistoryMar 24, 2021 - 12:00 a.m.

EulerOS 2.0 SP5 : libreoffice (EulerOS-SA-2021-1687)

2021-03-2400:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12

6.2 Medium

AI Score

Confidence

Low

JSON

According to the versions of the libreoffice packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  • LibreOffice has a ‘stealth mode’ in which only documents from locations deemed ‘trusted’ are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice’s ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.(CVE-2019-9849)

  • ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files.
    User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.(CVE-2020-12803)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(148079);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/08");

  script_cve_id("CVE-2019-9849", "CVE-2020-12803");

  script_name(english:"EulerOS 2.0 SP5 : libreoffice (EulerOS-SA-2021-1687)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the libreoffice packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - LibreOffice has a 'stealth mode' in which only
    documents from locations deemed 'trusted' are allowed
    to retrieve remote resources. This mode is not the
    default mode, but can be enabled by users who want to
    disable LibreOffice's ability to include remote
    resources within a document. A flaw existed where
    bullet graphics were omitted from this protection prior
    to version 6.2.5. This issue affects: Document
    Foundation LibreOffice versions prior to
    6.2.5.(CVE-2019-9849)

  - ODF documents can contain forms to be filled out by the
    user. Similar to HTML forms, the contained form data
    can be submitted to a URI, for example, to an external
    web server. To create submittable forms, ODF implements
    the XForms W3C standard, which allows data to be
    submitted without the need for macros or other active
    scripting Prior to version 6.4.4 LibreOffice allowed
    forms to be submitted to any URI, including file: URIs,
    enabling form submissions to overwrite local files.
    User-interaction is required to submit the form, but to
    avoid the possibility of malicious documents engineered
    to maximize the possibility of inadvertent user
    submission this feature has now been limited to http[s]
    URIs, removing the possibility to overwrite local
    files. This issue affects: The Document Foundation
    LibreOffice versions prior to 6.4.4.(CVE-2020-12803)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1687
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e9cdaf9f");
  script_set_attribute(attribute:"solution", value:
"Update the affected libreoffice packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-12803");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2021/03/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/03/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:autocorr-en");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-calc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-data");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-draw");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-filters");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-graphicfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-gtk2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-gtk3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-impress");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-langpack-en");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-math");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-opensymbol-fonts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-pdfimport");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-pyuno");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-ure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-ure-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-writer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-x11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreoffice-xsltfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libreofficekit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["autocorr-en-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-calc-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-core-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-data-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-draw-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-filters-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-graphicfilter-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-gtk2-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-gtk3-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-impress-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-langpack-en-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-math-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-opensymbol-fonts-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-pdfimport-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-pyuno-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-ure-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-ure-common-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-writer-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-x11-5.3.6.1-10.h5.eulerosv2r7",
        "libreoffice-xsltfilter-5.3.6.1-10.h5.eulerosv2r7",
        "libreofficekit-5.3.6.1-10.h5.eulerosv2r7"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libreoffice");
}
VendorProductVersionCPE
huaweieulerosautocorr-enp-cpe:/a:huawei:euleros:autocorr-en
huaweieuleroslibreoffice-calcp-cpe:/a:huawei:euleros:libreoffice-calc
huaweieuleroslibreoffice-corep-cpe:/a:huawei:euleros:libreoffice-core
huaweieuleroslibreoffice-datap-cpe:/a:huawei:euleros:libreoffice-data
huaweieuleroslibreoffice-drawp-cpe:/a:huawei:euleros:libreoffice-draw
huaweieuleroslibreoffice-filtersp-cpe:/a:huawei:euleros:libreoffice-filters
huaweieuleroslibreoffice-graphicfilterp-cpe:/a:huawei:euleros:libreoffice-graphicfilter
huaweieuleroslibreoffice-gtk2p-cpe:/a:huawei:euleros:libreoffice-gtk2
huaweieuleroslibreoffice-gtk3p-cpe:/a:huawei:euleros:libreoffice-gtk3
huaweieuleroslibreoffice-impressp-cpe:/a:huawei:euleros:libreoffice-impress
Rows per page:
1-10 of 221

Related

openvas 21
veracode 3
redhatcve 2
ubuntucve 2
kaspersky 2
debiancve 2
osv 8
prion 2
cve 2
alpinelinux 2
nessus 30
suse 4
fedora 5
redhat 3
rocky 1
freebsd 1
oraclelinux 3
almalinux 1
debian 3
archlinux 1
gentoo 1
thn 1
ubuntu 2
centos 1
mageia 1
openvas
openvas
Huawei EulerOS: Security Advisory for libreoffice (EulerOS-SA-2021-1687)
2021-03-24 00:00:00
Fedora: Security Advisory for libreoffice (FEDORA-2020-8922773bc4)
2020-07-02 00:00:00
Libre Office Multiple Vulnerabilities (Jun 2020) - Mac OS X
2020-08-03 00:00:00
veracode
veracode
Arbitrary File Overwrite
2020-11-05 03:18:59
Unauthorized Access
2020-04-01 00:38:31
Information Disclosure
2020-11-05 03:18:59
redhatcve
redhatcve
CVE-2020-12803
2020-06-18 08:28:51
CVE-2019-9849
2019-08-05 11:22:22
ubuntucve
ubuntucve
CVE-2020-12803
2020-06-08 00:00:00
CVE-2019-9849
2019-07-16 00:00:00
kaspersky
kaspersky
KLA11804 XForms vulnerability in LibreOffice
2020-06-09 00:00:00
KLA11519 Multiple vulnerabilities in LibreOffice
2019-07-16 00:00:00
debiancve
debiancve
CVE-2020-12803
2020-06-08 16:15:00
CVE-2019-9849
2019-07-17 12:15:00
osv
osv
CVE-2020-12803
2020-06-08 16:15:10
CVE-2019-9849
2019-07-17 12:15:10
Low: libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
prion
prion
Deserialization of untrusted data
2020-06-08 16:15:00
Design/Logic Flaw
2019-07-17 12:15:00
cve
cve
CVE-2020-12803
2020-06-08 16:15:00
CVE-2019-9849
2019-07-17 12:15:00
alpinelinux
alpinelinux
CVE-2020-12803
2020-06-08 16:15:00
CVE-2019-9849
2019-07-17 12:15:00
nessus
nessus
Oracle Linux 8 : libreoffice (ELSA-2020-4628)
2020-11-12 00:00:00
openSUSE Security Update : libreoffice (openSUSE-2020-1261)
2020-08-27 00:00:00
Fedora 31 : 1:libreoffice (2020-8922773bc4)
2020-06-29 00:00:00
suse
suse
Security update for libreoffice (moderate)
2020-08-16 00:00:00
Security update for libreoffice (moderate)
2020-08-27 00:00:00
Security update for libreoffice (important)
2019-09-03 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libreoffice-6.3.6.2-4.fc31
2020-06-27 03:08:06
[SECURITY] Fedora 30 Update: libreoffice-6.2.5.2-1.fc30
2019-07-19 01:11:31
[SECURITY] Fedora 29 Update: libreoffice-6.1.6.3-3.fc29
2019-08-25 03:03:59
redhat
redhat
(RHSA-2020:4628) Low: libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
(RHSA-2020:1598) Moderate: libreoffice security and bug fix update
2020-04-28 08:55:11
(RHSA-2020:1151) Moderate: libreoffice security and bug fix update
2020-03-31 09:25:19
rocky
rocky
libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
freebsd
freebsd
LibreOffice Security Advisory
2020-06-08 00:00:00
oraclelinux
oraclelinux
libreoffice security, bug fix, and enhancement update
2020-11-10 00:00:00
libreoffice security and bug fix update
2020-05-05 00:00:00
libreoffice security and bug fix update
2020-04-06 00:00:00
almalinux
almalinux
Low: libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
debian
debian
[SECURITY] [DSA 4483-1] libreoffice security update
2019-07-16 21:14:39
[SECURITY] [DLA 3703-1] libreoffice security update
2023-12-31 09:28:21
[SECURITY] [DLA 1947-1] libreoffice security update
2019-10-06 11:31:38
archlinux
archlinux
[ASA-201908-9] libreoffice-still: multiple issues
2019-08-16 00:00:00
gentoo
gentoo
LibreOffice: Multiple vulnerabilities
2019-08-15 00:00:00
thn
thn
Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)
2019-07-26 14:22:00
ubuntu
ubuntu
LibreOffice vulnerabilities
2019-07-17 00:00:00
LibreOffice vulnerabilities
2022-10-20 00:00:00
centos
centos
autocorr, libreoffice, libreofficekit security update
2020-04-08 18:36:06
mageia
mageia
Updated libreoffice packages fix security vulnerabilities
2019-11-30 16:06:06

6.2 Medium

AI Score

Confidence

Low

JSON
Related for EULEROS_SA-2021-1687.NASL
openvas21veracode3redhatcve2ubuntucve2kaspersky2debiancve2osv8prion2cve2alpinelinux2nessus30suse4fedora5redhat3rocky1freebsd1oraclelinux3almalinux1debian3archlinux1gentoo1thn1ubuntu2centos1mageia1