{"id": "FEDORA_2007-278.NASL", "bulletinFamily": "scanner", "title": "Fedora Core 5 : nspr-4.6.5-0.5.0.fc5 / nss-3.11.5-0.5.0.fc5 (2007-278)", "description": "This update fixes two security vulnerabilities with SSL 2\n(CVE-2007-0008, CVE-2007-0009).\n\nAll users of NSS, which includes users of Firefox, Thunderbird,\nSeaMonkey, and other mozilla.org products, are recommended to update\nto this package.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2007-02-27T00:00:00", "modified": "2007-02-27T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/24714", "reporter": "This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?5aeb2fc8", "http://www.nessus.org/u?7c6c5e70"], "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "type": "nessus", "lastseen": "2021-01-12T10:06:07", "edition": 24, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-0009", "CVE-2007-0008"]}, {"type": "openvas", "idList": ["OPENVAS:861085", "OPENVAS:861225", "OPENVAS:1361412562310830036", "OPENVAS:840080", "OPENVAS:830036", "OPENVAS:58156", "OPENVAS:58468", "OPENVAS:861069", "OPENVAS:58160", "OPENVAS:861371"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200703-22.NASL", "SUN_JAVA_ES_NSS_CODE_EXEC.NASL", "UBUNTU_USN-431-1.NASL", "SLACKWARE_SSA_2007-066-04.NASL", "FEDORA_2007-308.NASL", "DEBIAN_DSA-1336.NASL", "MANDRAKE_MDKSA-2007-052.NASL", "FEDORA_2007-309.NASL", "GENTOO_GLSA-200703-18.NASL", "FEDORA_2007-279.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7303", "SECURITYVULNS:DOC:16172", "SECURITYVULNS:DOC:16173", "SECURITYVULNS:VULN:13537", "SECURITYVULNS:DOC:16204", "SECURITYVULNS:DOC:16174"]}, {"type": "fedora", "idList": ["FEDORA:L1QM3L4K007582", "FEDORA:L1QM3WDB007663", "FEDORA:L1QM3HUX007576", "FEDORA:L1QM3AHB007672"]}, {"type": "gentoo", "idList": ["GLSA-200703-22", "GLSA-200703-18"]}, {"type": "ubuntu", "idList": ["USN-428-1", "USN-431-1", "USN-428-2"]}, {"type": "cert", "idList": ["VU:592796", "VU:377812"]}, {"type": "osvdb", "idList": ["OSVDB:32105", "OSVDB:32106"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1336-1:293E6"]}, {"type": "freebsd", "idList": ["12BD6ECF-C430-11DB-95C5-000C6EC775D9"]}, {"type": "redhat", "idList": ["RHSA-2007:0079", "RHSA-2007:0108", "RHSA-2007:0097", "RHSA-2007:0078", "RHSA-2007:0077"]}, {"type": "centos", "idList": ["CESA-2007:0077-01", "CESA-2007:0079", "CESA-2007:0077-06", "CESA-2007:0077", "CESA-2007:0078"]}, {"type": "oraclelinux", "idList": ["ELSA-2007-0077", "ELSA-2007-0079", "ELSA-2007-0078"]}, {"type": "suse", "idList": ["SUSE-SA:2007:022", "SUSE-SA:2007:019"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2014-1972949"]}], "modified": "2021-01-12T10:06:07", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2021-01-12T10:06:07", "rev": 2}, "vulnersScore": 7.1}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-278.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24714);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_xref(name:\"FEDORA\", value:\"2007-278\");\n\n script_name(english:\"Fedora Core 5 : nspr-4.6.5-0.5.0.fc5 / nss-3.11.5-0.5.0.fc5 (2007-278)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes two security vulnerabilities with SSL 2\n(CVE-2007-0008, CVE-2007-0009).\n\nAll users of NSS, which includes users of Firefox, Thunderbird,\nSeaMonkey, and other mozilla.org products, are recommended to update\nto this package.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-February/001498.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7c6c5e70\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-February/001499.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5aeb2fc8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"nspr-4.6.5-0.5.0.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"nspr-debuginfo-4.6.5-0.5.0.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"nspr-devel-4.6.5-0.5.0.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"nss-3.11.5-0.5.0.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"nss-debuginfo-3.11.5-0.5.0.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"nss-devel-3.11.5-0.5.0.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"nss-pkcs11-devel-3.11.5-0.5.0.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"nss-tools-3.11.5-0.5.0.fc5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "24714", "cpe": ["p-cpe:/a:fedoraproject:fedora:nss-debuginfo", "p-cpe:/a:fedoraproject:fedora:nss-pkcs11-devel", "p-cpe:/a:fedoraproject:fedora:nspr-debuginfo", "p-cpe:/a:fedoraproject:fedora:nspr-devel", "cpe:/o:fedoraproject:fedora_core:5", "p-cpe:/a:fedoraproject:fedora:nss-devel", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nspr", "p-cpe:/a:fedoraproject:fedora:nss-tools"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T05:31:20", "description": "Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid \"Client Master Key\" length values.", "edition": 7, "cvss3": {}, "published": "2007-02-26T20:28:00", "title": "CVE-2007-0009", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0009"], "modified": "2019-10-09T22:51:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:canonical:ubuntu_linux:6.06", "cpe:/o:canonical:ubuntu_linux:6.10", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:canonical:ubuntu_linux:5.10"], "id": "CVE-2007-0009", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0009", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"]}, {"lastseen": "2021-02-02T05:31:20", "description": "Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the \"Master Secret\", which results in a heap-based overflow.", "edition": 6, "cvss3": {}, "published": "2007-02-26T20:28:00", "title": "CVE-2007-0008", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0008"], "modified": "2018-10-16T16:29:00", "cpe": ["cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:network_security_services:3.11.2", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:network_security_services:3.11.3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:network_security_services:3.11.4", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:thunderbird:0.3"], "id": "CVE-2007-0008", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0008", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:56:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "Check for the Version of nss", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861371", "href": "http://plugins.openvas.org/nasl.php?oid=861371", "type": "openvas", "title": "Fedora Update for nss FEDORA-2007-279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2007-279\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora Core 6\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-February/msg00144.html\");\n script_id(861371);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-279\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_name( \"Fedora Update for nss FEDORA-2007-279\");\n\n script_summary(\"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/nss-debuginfo\", rpm:\"x86_64/debug/nss-debuginfo~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss-pkcs11-devel\", rpm:\"x86_64/nss-pkcs11-devel~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss\", rpm:\"x86_64/nss~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss-tools\", rpm:\"x86_64/nss-tools~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss-devel\", rpm:\"x86_64/nss-devel~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss-tools\", rpm:\"i386/nss-tools~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss\", rpm:\"i386/nss~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss-devel\", rpm:\"i386/nss-devel~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/nss-debuginfo\", rpm:\"i386/debug/nss-debuginfo~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss-pkcs11-devel\", rpm:\"i386/nss-pkcs11-devel~3.11.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200703-22.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:58160", "href": "http://plugins.openvas.org/nasl.php?oid=58160", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200703-22 (nss)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Mozilla Network Security Services libraries are vulnerable to two\nbuffer overflows that could result in the remote execution of arbitrary\ncode.\";\ntag_solution = \"All NSS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/nss-3.11.5'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200703-22\nhttp://bugs.gentoo.org/show_bug.cgi?id=165555\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200703-22.\";\n\n \n\nif(description)\n{\n script_id(58160);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200703-22 (nss)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-libs/nss\", unaffected: make_list(\"ge 3.11.5\"), vulnerable: make_list(\"lt 3.11.5\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "Check for the Version of nss", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861225", "href": "http://plugins.openvas.org/nasl.php?oid=861225", "type": "openvas", "title": "Fedora Update for nss FEDORA-2007-278", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2007-278\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora Core 5\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-February/msg00142.html\");\n script_id(861225);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-278\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_name( \"Fedora Update for nss FEDORA-2007-278\");\n\n script_summary(\"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss\", rpm:\"x86_64/nss~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss-devel\", rpm:\"x86_64/nss-devel~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss-tools\", rpm:\"x86_64/nss-tools~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/nss-debuginfo\", rpm:\"x86_64/debug/nss-debuginfo~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nss-pkcs11-devel\", rpm:\"x86_64/nss-pkcs11-devel~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss-tools\", rpm:\"i386/nss-tools~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss-devel\", rpm:\"i386/nss-devel~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/nss-debuginfo\", rpm:\"i386/debug/nss-debuginfo~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss\", rpm:\"i386/nss~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nss-pkcs11-devel\", rpm:\"i386/nss-pkcs11-devel~3.11.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "Check for the Version of nspr", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861085", "href": "http://plugins.openvas.org/nasl.php?oid=861085", "type": "openvas", "title": "Fedora Update for nspr FEDORA-2007-279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nspr FEDORA-2007-279\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nspr on Fedora Core 6\";\ntag_insight = \"NSPR provides platform independence for non-GUI operating system\n facilities. These facilities include threads, thread synchronization,\n normal file and network I/O, interval timing and calendar time, basic\n memory management (malloc and free) and shared library linking.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-February/msg00143.html\");\n script_id(861085);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-279\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_name( \"Fedora Update for nspr FEDORA-2007-279\");\n\n script_summary(\"Check for the Version of nspr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.6.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nspr-devel\", rpm:\"x86_64/nspr-devel~4.6.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nspr\", rpm:\"x86_64/nspr~4.6.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/nspr-debuginfo\", rpm:\"x86_64/debug/nspr-debuginfo~4.6.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nspr\", rpm:\"i386/nspr~4.6.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/nspr-debuginfo\", rpm:\"i386/debug/nspr-debuginfo~4.6.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nspr-devel\", rpm:\"i386/nspr-devel~4.6.5~0.6.0.fc6\", rls:\"FC6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "Check for the Version of nspr", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861069", "href": "http://plugins.openvas.org/nasl.php?oid=861069", "type": "openvas", "title": "Fedora Update for nspr FEDORA-2007-278", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nspr FEDORA-2007-278\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nspr on Fedora Core 5\";\ntag_insight = \"NSPR provides platform independence for non-GUI operating system\n facilities. These facilities include threads, thread synchronization,\n normal file and network I/O, interval timing and calendar time, basic\n memory management (malloc and free) and shared library linking.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-February/msg00141.html\");\n script_id(861069);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-278\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_name( \"Fedora Update for nspr FEDORA-2007-278\");\n\n script_summary(\"Check for the Version of nspr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.6.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nspr-devel\", rpm:\"x86_64/nspr-devel~4.6.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/nspr\", rpm:\"x86_64/nspr~4.6.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/nspr-debuginfo\", rpm:\"x86_64/debug/nspr-debuginfo~4.6.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nspr\", rpm:\"i386/nspr~4.6.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/nspr-debuginfo\", rpm:\"i386/debug/nspr-debuginfo~4.6.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/nspr-devel\", rpm:\"i386/nspr-devel~4.6.5~0.5.0.fc5\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "description": "Check for the Version of mozilla-thunderbird", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830036", "href": "http://plugins.openvas.org/nasl.php?oid=830036", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDKSA-2007:052 (mozilla-thunderbird)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDKSA-2007:052 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Thunderbird program, version 1.5.0.10.\n\n This update provides the latest Thunderbird to correct these issues.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-03/msg00004.php\");\n script_id(830036);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:052\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\");\n script_name( \"Mandriva Update for mozilla-thunderbird MDKSA-2007:052 (mozilla-thunderbird)\");\n\n script_summary(\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es\", rpm:\"mozilla-thunderbird-es~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb\", rpm:\"mozilla-thunderbird-nb~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv\", rpm:\"mozilla-thunderbird-sv~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "description": "Check for the Version of mozilla-thunderbird", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:1361412562310830036", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830036", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDKSA-2007:052 (mozilla-thunderbird)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDKSA-2007:052 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Thunderbird program, version 1.5.0.10.\n\n This update provides the latest Thunderbird to correct these issues.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-03/msg00004.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830036\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:052\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\");\n script_name( \"Mandriva Update for mozilla-thunderbird MDKSA-2007:052 (mozilla-thunderbird)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es\", rpm:\"mozilla-thunderbird-es~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb\", rpm:\"mozilla-thunderbird-nb~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv\", rpm:\"mozilla-thunderbird-sv~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~1.5.0.10~1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-431-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840080", "href": "http://plugins.openvas.org/nasl.php?oid=840080", "type": "openvas", "title": "Ubuntu Update for mozilla-thunderbird vulnerabilities USN-431-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_431_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for mozilla-thunderbird vulnerabilities USN-431-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SSLv2 protocol support in the NSS library did not sufficiently\n check the validity of public keys presented with a SSL certificate. A\n malicious SSL web site using SSLv2 could potentially exploit this to\n execute arbitrary code with the user's privileges. (CVE-2007-0008)\n\n The SSLv2 protocol support in the NSS library did not sufficiently\n verify the validity of client master keys presented in an SSL client\n certificate. A remote attacker could exploit this to execute arbitrary\n code in a server application that uses the NSS library. (CVE-2007-0009)\n \n Various flaws have been reported that could allow an attacker to execute\n arbitrary code with user privileges by tricking the user into opening a\n malicious web page. (CVE-2007-0775, CVE-2007-0776, CVE-2007-0777)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-431-1\";\ntag_affected = \"mozilla-thunderbird vulnerabilities on Ubuntu 5.10 ,\n Ubuntu 6.06 LTS ,\n Ubuntu 6.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-431-1/\");\n script_id(840080);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:55:18 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"431-1\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\");\n script_name( \"Ubuntu Update for mozilla-thunderbird vulnerabilities USN-431-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.10-0ubuntu0.6.06\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.10-0ubuntu0.6.06\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.10-0ubuntu0.6.06\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.10-0ubuntu0.6.06\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.10-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.10-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.10-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.10-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU5.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.10-0ubuntu0.5.10\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.10-0ubuntu0.5.10\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.10-0ubuntu0.5.10\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.10-0ubuntu0.5.10\", rls:\"UBUNTU5.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200703-18.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:58156", "href": "http://plugins.openvas.org/nasl.php?oid=58156", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200703-18 (mozilla-thunderbird)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been reported in Mozilla Thunderbird, some of\nwhich may allow user-assisted arbitrary remote code execution.\";\ntag_solution = \"All Mozilla Thunderbird users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-1.5.0.10'\n\nAll Mozilla Thunderbird binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-1.5.0.10'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200703-18\nhttp://bugs.gentoo.org/show_bug.cgi?id=165555\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200703-18.\";\n\n \n\nif(description)\n{\n script_id(58156);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\", \"CVE-2007-1282\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200703-18 (mozilla-thunderbird)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"mail-client/mozilla-thunderbird\", unaffected: make_list(\"ge 1.5.0.10\"), vulnerable: make_list(\"lt 1.5.0.10\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"mail-client/mozilla-thunderbird-bin\", unaffected: make_list(\"ge 1.5.0.10\"), vulnerable: make_list(\"lt 1.5.0.10\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0045", "CVE-2007-0981", "CVE-2007-0778", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0994"], "description": "The remote host is missing an update to mozilla-firefox\nannounced via advisory DSA 1336-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:58468", "href": "http://plugins.openvas.org/nasl.php?oid=58468", "type": "openvas", "title": "Debian Security Advisory DSA 1336-1 (mozilla-firefox)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1336_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1336-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in Mozilla Firefox.\n\nThis will be the last security update of Mozilla-based products for\nthe oldstable (sarge) distribution of Debian. We recommend to upgrade\nto stable (etch) as soon as possible.\n\nThe Common Vulnerabilities and Exposures project identifies the following\nvulnerabilities:\n\nCVE-2007-1282\n\nIt was discovered that an integer overflow in text/enhanced message\nparsing allows the execution of arbitrary code.\n\nCVE-2007-0994\n\nIt was discovered that a regression in the Javascript engine allows\nthe execution of Javascript with elevated privileges.\n\nCVE-2007-0995\n\nIt was discovered that incorrect parsing of invalid HTML characters\nallows the bypass of content filters.\n\nCVE-2007-0996\n\nIt was discovered that insecure child frame handling allows cross-site\nscripting.\n\nCVE-2007-0981\n\nIt was discovered that Firefox handles URI withs a null byte in the\nhostname insecurely.\n\nCVE-2007-0008\n\nIt was discovered that a buffer overflow in the NSS code allows the\nexecution of arbitrary code.\n\nCVE-2007-0009\n\nIt was discovered that a buffer overflow in the NSS code allows the\nexecution of arbitrary code.\n\nCVE-2007-0775\n\nIt was discovered that multiple programming errors in the layout engine\nallow the execution of arbitrary code.\n\nCVE-2007-0778\n\nIt was discovered that the page cache calculates hashes in an insecure\nmanner.\n\nCVE-2006-6077\n\nIt was discovered that the password manager allows the disclosure of\npasswords.\n\nFor the oldstable distribution (sarge) these problems have been fixed in\nversion 1.0.4-2sarge17. You should upgrade to etch as soon as possible.\n\nThe stable distribution (etch) isn't affected. These vulnerabilities have\nbeen fixed prior to the release of Debian etch.\n\nThe unstable distribution (sid) no longer contains mozilla-firefox. Iceweasel\nis already fixed.\";\ntag_summary = \"The remote host is missing an update to mozilla-firefox\nannounced via advisory DSA 1336-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201336-1\";\n\nif(description)\n{\n script_id(58468);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-1282\", \"CVE-2007-0994\", \"CVE-2007-0995\", \"CVE-2007-0996\", \"CVE-2007-0981\", \"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0778\", \"CVE-2007-0045\", \"CVE-2006-6077\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1336-1 (mozilla-firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"1.0.4-2sarge17\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"1.0.4-2sarge17\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"1.0.4-2sarge17\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-12T10:06:07", "description": "This update fixes two security vulnerabilities with SSL 2\n(CVE-2007-0008, CVE-2007-0009).\n\nAll users of NSS, which includes users of Firefox, Thunderbird,\nSeaMonkey, and other mozilla.org products, are recommended to update\nto this package.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2007-02-27T00:00:00", "title": "Fedora Core 6 : nspr-4.6.5-0.6.0.fc6 / nss-3.11.5-0.6.0.fc6 (2007-279)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "modified": "2007-02-27T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nss-debuginfo", "cpe:/o:fedoraproject:fedora_core:6", "p-cpe:/a:fedoraproject:fedora:nss-pkcs11-devel", "p-cpe:/a:fedoraproject:fedora:nspr-debuginfo", "p-cpe:/a:fedoraproject:fedora:nspr-devel", "p-cpe:/a:fedoraproject:fedora:nss-devel", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nspr", "p-cpe:/a:fedoraproject:fedora:nss-tools"], "id": "FEDORA_2007-279.NASL", "href": "https://www.tenable.com/plugins/nessus/24715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-279.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24715);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_xref(name:\"FEDORA\", value:\"2007-279\");\n\n script_name(english:\"Fedora Core 6 : nspr-4.6.5-0.6.0.fc6 / nss-3.11.5-0.6.0.fc6 (2007-279)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes two security vulnerabilities with SSL 2\n(CVE-2007-0008, CVE-2007-0009).\n\nAll users of NSS, which includes users of Firefox, Thunderbird,\nSeaMonkey, and other mozilla.org products, are recommended to update\nto this package.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-February/001500.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ada15665\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-February/001501.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?880ed9d2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"nspr-4.6.5-0.6.0.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"nspr-debuginfo-4.6.5-0.6.0.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"nspr-devel-4.6.5-0.6.0.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"nss-3.11.5-0.6.0.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"nss-debuginfo-3.11.5-0.6.0.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"nss-devel-3.11.5-0.6.0.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"nss-pkcs11-devel-3.11.5-0.6.0.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"nss-tools-3.11.5-0.6.0.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:52:11", "description": "The remote host is affected by the vulnerability described in GLSA-200703-22\n(Mozilla Network Security Service: Remote execution of arbitrary code)\n\n iDefense has reported two potential buffer overflow vulnerabilities\n found by researcher 'regenrecht' in the code implementing the SSLv2\n protocol.\n \nImpact :\n\n A remote attacker could send a specially crafted SSL master key to a\n server using NSS for the SSLv2 protocol, or entice a user to connect to\n a malicious server with a client-side application using NSS like one of\n the Mozilla products. This could trigger the vulnerabilities and result\n in the possible execution of arbitrary code with the rights of the\n vulnerable application.\n \nWorkaround :\n\n Disable the SSLv2 protocol in the applications using NSS.", "edition": 26, "published": "2007-03-26T00:00:00", "title": "GLSA-200703-22 : Mozilla Network Security Service: Remote execution of arbitrary code", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "modified": "2007-03-26T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:nss"], "id": "GENTOO_GLSA-200703-22.NASL", "href": "https://www.tenable.com/plugins/nessus/24888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200703-22.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24888);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_xref(name:\"GLSA\", value:\"200703-22\");\n\n script_name(english:\"GLSA-200703-22 : Mozilla Network Security Service: Remote execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200703-22\n(Mozilla Network Security Service: Remote execution of arbitrary code)\n\n iDefense has reported two potential buffer overflow vulnerabilities\n found by researcher 'regenrecht' in the code implementing the SSLv2\n protocol.\n \nImpact :\n\n A remote attacker could send a specially crafted SSL master key to a\n server using NSS for the SSLv2 protocol, or entice a user to connect to\n a malicious server with a client-side application using NSS like one of\n the Mozilla products. This could trigger the vulnerabilities and result\n in the possible execution of arbitrary code with the rights of the\n vulnerable application.\n \nWorkaround :\n\n Disable the SSLv2 protocol in the applications using NSS.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200703-22\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All NSS users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/nss-3.11.5'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/03/26\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/02/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/nss\", unaffected:make_list(\"ge 3.11.5\"), vulnerable:make_list(\"lt 3.11.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Network Security Service\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T06:27:37", "description": "The version of Sun Java Enterprise Server (ES) installed on the remote\nhost includes a set of libraries known as Network Security Services\n(NSS) for use with many of Java ES' services. On a Windows host,\nthough, vulnerabilities in their implementation of SSL2 support\nreportedly allow a remote attacker to execute arbitrary code with\nLOCAL SYSTEM privileges.", "edition": 27, "published": "2007-04-06T00:00:00", "title": "Sun Java Enterprise Server NSS Remote Code Execution Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "modified": "2021-03-02T00:00:00", "cpe": [], "id": "SUN_JAVA_ES_NSS_CODE_EXEC.NASL", "href": "https://www.tenable.com/plugins/nessus/25000", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25000);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\");\n script_bugtraq_id(22694);\n\n script_name(english:\"Sun Java Enterprise Server NSS Remote Code Execution Vulnerabilities\");\n script_summary(english:\"Checks version of JES' nss3.dll\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host uses a library that may allow remote code\nexecution.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Sun Java Enterprise Server (ES) installed on the remote\nhost includes a set of libraries known as Network Security Services\n(NSS) for use with many of Java ES' services. On a Windows host,\nthough, vulnerabilities in their implementation of SSL2 support\nreportedly allow a remote attacker to execute arbitrary code with\nLOCAL SYSTEM privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1001023.1.html\");\n script_set_attribute(attribute:\"solution\", value:\"Apply patch 125923-01.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/02/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/04/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"audit.inc\");\n\n\n# Connect to the appropriate share.\nif (!get_kb_item(\"SMB/Registry/Enumerated\")) exit(0);\nname = kb_smb_name();\nport = kb_smb_transport();\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\n\n\nif(! smb_session_init()) audit(AUDIT_FN_FAIL, 'smb_session_init');\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:\"IPC$\");\nif (rc != 1)\n{\n NetUseDel();\n exit(0);\n}\n\n\n# Connect to remote registry.\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n NetUseDel();\n exit(0);\n}\n\n\n# Check whether it's installed.\npath = NULL;\n\nkey = \"SOFTWARE\\Sun Microsystems\";\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n info = RegQueryInfoKey(handle:key_h);\n for (i=0; i<info[1]; ++i)\n {\n subkey = RegEnumKey(handle:key_h, index:i);\n if (strlen(subkey) && subkey =~ \"^Ent\")\n {\n key2 = key + \"\\\" + subkey + \"\\Installer\";\n key2_h = RegOpenKey(handle:hklm, key:key2, mode:MAXIMUM_ALLOWED);\n if (!isnull(key2_h))\n {\n value = RegQueryValue(handle:key2_h, item:\"InstallPath\");\n if (!isnull(value))\n {\n path = value[1];\n path = ereg_replace(pattern:\"^(.+)\\\\$\", replace:\"\\1\", string:path);\n }\n RegCloseKey(handle:key2_h);\n }\n }\n }\n RegCloseKey (handle:key_h);\n}\nRegCloseKey(handle:hklm);\nif (isnull(path))\n{\n NetUseDel();\n exit(0);\n}\n\n\n# Determine the version of nss3.dll.\nshare = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\ndll = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\share\\lib\\nss3.dll\", string:path);\nNetUseDel(close:FALSE);\n\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\nif (rc != 1)\n{\n NetUseDel();\n exit(0);\n}\n\nfh = CreateFile(\n file:dll,\n desired_access:GENERIC_READ,\n file_attributes:FILE_ATTRIBUTE_NORMAL,\n share_mode:FILE_SHARE_READ,\n create_disposition:OPEN_EXISTING\n);\nver = NULL;\nif (!isnull(fh))\n{\n ver = GetFileVersion(handle:fh);\n CloseFile(handle:fh);\n}\n\n\n# Check the version number.\nif (!isnull(ver))\n{\n fix = split(\"3.11.6.0\", sep:'.', keep:FALSE);\n for (i=0; i<max_index(fix); i++)\n fix[i] = int(fix[i]);\n\n for (i=0; i<max_index(ver); i++)\n if ((ver[i] < fix[i]))\n {\n security_warning(port);\n break;\n }\n else if (ver[i] > fix[i])\n break;\n}\n\n\n# Clean up.\nNetUseDel();\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:41", "description": "A number of security vulnerabilities have been discovered and\ncorrected in the latest Mozilla Thunderbird program, version 1.5.0.10.\n\nThis update provides the latest Thunderbird to correct these issues.", "edition": 27, "published": "2007-03-07T00:00:00", "title": "Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2007:052)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "modified": "2007-03-07T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:mozilla-thunderbird-pa_IN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-da", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt", "p-cpe:/a:mandriva:linux:nsinstall", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-de", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-el", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-devel", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-it", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-mk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-hu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-bg", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-gu_IN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-he", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_CN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de", "p-cpe:/a:mandriva:linux:mozilla-thunderbird", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-es", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es_AR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv"], "id": "MANDRAKE_MDKSA-2007-052.NASL", "href": "https://www.tenable.com/plugins/nessus/24778", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:052. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24778);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2007-0008\",\n \"CVE-2007-0009\",\n \"CVE-2007-0775\",\n \"CVE-2007-0776\",\n \"CVE-2007-0777\"\n );\n script_bugtraq_id(22694);\n script_xref(name:\"MDKSA\", value:\"2007:052\");\n\n script_name(english:\"Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2007:052)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of security vulnerabilities have been discovered and\ncorrected in the latest Mozilla Thunderbird program, version 1.5.0.10.\n\nThis update provides the latest Thunderbird to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-01.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2007/mfsa2007-06.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2007-10/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gu_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pa_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nsinstall\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-bg-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-ca-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-cs-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-da-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-de-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-devel-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-el-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-ca-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-cs-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-de-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-el-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-es-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-es_AR-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-fi-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-fr-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-hu-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-it-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-ja-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-nb-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-nl-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-pl-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-pt-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-pt_BR-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-ru-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-sk-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-sl-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-sv-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-enigmail-zh_CN-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-es-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-es_AR-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-eu-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-fi-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-fr-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-ga-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-gu_IN-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-he-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-hu-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-it-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-ja-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-ko-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-lt-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-mk-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-nb-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-nl-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-pa_IN-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-pl-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-pt_BR-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-ru-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-sk-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-sl-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-sv-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-tr-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"mozilla-thunderbird-zh_CN-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"nsinstall-1.5.0.10-1mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:42:18", "description": "The SSLv2 protocol support in the NSS library did not sufficiently\ncheck the validity of public keys presented with a SSL certificate. A\nmalicious SSL website using SSLv2 could potentially exploit this to\nexecute arbitrary code with the user's privileges. (CVE-2007-0008)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently\nverify the validity of client master keys presented in an SSL client\ncertificate. A remote attacker could exploit this to execute arbitrary\ncode in a server application that uses the NSS library.\n(CVE-2007-0009)\n\nVarious flaws have been reported that could allow an attacker to\nexecute arbitrary code with user privileges by tricking the user into\nopening a malicious web page. (CVE-2007-0775, CVE-2007-0776,\nCVE-2007-0777).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.10 / 6.06 LTS / 6.10 : mozilla-thunderbird vulnerabilities (USN-431-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "modified": "2007-11-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev", "p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-inspector", "p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-typeaheadfind", "p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird", "cpe:/o:canonical:ubuntu_linux:5.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-431-1.NASL", "href": "https://www.tenable.com/plugins/nessus/28025", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-431-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28025);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\");\n script_bugtraq_id(22694);\n script_xref(name:\"USN\", value:\"431-1\");\n\n script_name(english:\"Ubuntu 5.10 / 6.06 LTS / 6.10 : mozilla-thunderbird vulnerabilities (USN-431-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SSLv2 protocol support in the NSS library did not sufficiently\ncheck the validity of public keys presented with a SSL certificate. A\nmalicious SSL website using SSLv2 could potentially exploit this to\nexecute arbitrary code with the user's privileges. (CVE-2007-0008)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently\nverify the validity of client master keys presented in an SSL client\ncertificate. A remote attacker could exploit this to execute arbitrary\ncode in a server application that uses the NSS library.\n(CVE-2007-0009)\n\nVarious flaws have been reported that could allow an attacker to\nexecute arbitrary code with user privileges by tricking the user into\nopening a malicious web page. (CVE-2007-0775, CVE-2007-0776,\nCVE-2007-0777).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/431-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-typeaheadfind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.10|6\\.06|6\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.10 / 6.06 / 6.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.5.0.10-0ubuntu0.5.10\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"1.5.0.10-0ubuntu0.5.10\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird-inspector\", pkgver:\"1.5.0.10-0ubuntu0.5.10\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"mozilla-thunderbird-typeaheadfind\", pkgver:\"1.5.0.10-0ubuntu0.5.10\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.5.0.10-0ubuntu0.6.06\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"1.5.0.10-0ubuntu0.6.06\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird-inspector\", pkgver:\"1.5.0.10-0ubuntu0.6.06\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mozilla-thunderbird-typeaheadfind\", pkgver:\"1.5.0.10-0ubuntu0.6.06\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.5.0.10-0ubuntu0.6.10\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"1.5.0.10-0ubuntu0.6.10\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mozilla-thunderbird-inspector\", pkgver:\"1.5.0.10-0ubuntu0.6.10\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"mozilla-thunderbird-typeaheadfind\", pkgver:\"1.5.0.10-0ubuntu0.6.10\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-thunderbird / mozilla-thunderbird-dev / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:52:11", "description": "The remote host is affected by the vulnerability described in GLSA-200703-18\n(Mozilla Thunderbird: Multiple vulnerabilities)\n\n Georgi Guninski reported a possible integer overflow in the code\n handling text/enhanced or text/richtext MIME emails. Additionally,\n various researchers reported errors in the JavaScript engine\n potentially leading to memory corruption. Additionally, the binary\n version of Mozilla Thunderbird includes a vulnerable NSS library which\n contains two possible buffer overflows involving the SSLv2 protocol.\n \nImpact :\n\n An attacker could entice a user to read a specially crafted email that\n could trigger one of the vulnerabilities, some of them being related to\n Mozilla Thunderbird's handling of JavaScript, possibly leading to the\n execution of arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time for all of these issues, but\n some of them can be avoided by disabling JavaScript. Note that the\n execution of JavaScript is disabled by default and enabling it is\n strongly discouraged.", "edition": 26, "published": "2007-03-19T00:00:00", "title": "GLSA-200703-18 : Mozilla Thunderbird: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "modified": "2007-03-19T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mozilla-thunderbird-bin", "p-cpe:/a:gentoo:linux:mozilla-thunderbird"], "id": "GENTOO_GLSA-200703-18.NASL", "href": "https://www.tenable.com/plugins/nessus/24867", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200703-18.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24867);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\", \"CVE-2007-1282\");\n script_xref(name:\"GLSA\", value:\"200703-18\");\n\n script_name(english:\"GLSA-200703-18 : Mozilla Thunderbird: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200703-18\n(Mozilla Thunderbird: Multiple vulnerabilities)\n\n Georgi Guninski reported a possible integer overflow in the code\n handling text/enhanced or text/richtext MIME emails. Additionally,\n various researchers reported errors in the JavaScript engine\n potentially leading to memory corruption. Additionally, the binary\n version of Mozilla Thunderbird includes a vulnerable NSS library which\n contains two possible buffer overflows involving the SSLv2 protocol.\n \nImpact :\n\n An attacker could entice a user to read a specially crafted email that\n could trigger one of the vulnerabilities, some of them being related to\n Mozilla Thunderbird's handling of JavaScript, possibly leading to the\n execution of arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time for all of these issues, but\n some of them can be avoided by disabling JavaScript. Note that the\n execution of JavaScript is disabled by default and enabling it is\n strongly discouraged.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200703-18\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Mozilla Thunderbird users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-1.5.0.10'\n All Mozilla Thunderbird binary users should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/mozilla-thunderbird-bin-1.5.0.10'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mozilla-thunderbird-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/03/19\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/02/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"mail-client/mozilla-thunderbird-bin\", unaffected:make_list(\"ge 1.5.0.10\"), vulnerable:make_list(\"lt 1.5.0.10\"))) flag++;\nif (qpkg_check(package:\"mail-client/mozilla-thunderbird\", unaffected:make_list(\"ge 1.5.0.10\"), vulnerable:make_list(\"lt 1.5.0.10\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla Thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:09", "description": " - Thu Mar 1 2007 Martin Stransky <stransky at redhat.com>\n 1.5.0.10-1\n\n - Update to 1.5.0.10\n\n - Tue Dec 19 2006 Matthias Clasen <mclasen at\n redhat.com> 1.5.0.9-2\n\n - Add a Requires: launchmail (#219884)\n\n - Tue Dec 19 2006 Christopher Aillon <caillon at\n redhat.com> 1.5.0.9-1\n\n - Update to 1.5.0.9\n\n - Take firefox's pango fixes\n\n - Don't offer to import...nothing.\n\n - Tue Nov 7 2006 Christopher Aillon <caillon at\n redhat.com> 1.5.0.8-1\n\n - Update to 1.5.0.8\n\n - Allow choosing of download directory\n\n - Take the user to the correct directory from the\n Download Manager.\n\n - Patch to add support for printing via pango from\n Behdad.\n\n - Sun Oct 8 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-4\n\n - Default to use of system colors\n\n - Wed Oct 4 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-3\n\n - Bring the invisible character to parity with GTK+\n\n - Wed Sep 27 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-2\n\n - Fix crash when changing gtk key theme\n\n - Prevent UI freezes while changing GNOME theme\n\n - Remove verbiage about pango; no longer required by\n upstream.\n\n - Wed Sep 13 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-1\n\n - Update to 1.5.0.7\n\n - Thu Sep 7 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-8\n\n - Shuffle order of the install phase around\n\n - Thu Sep 7 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-7\n\n - Let there be art for Alt+Tab again\n\n - s/tbdir/mozappdir/g\n\n - Wed Sep 6 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-6\n\n - Fix for cursor position in editor widgets by tagoh and\n behdad (#198759)\n\n - Tue Sep 5 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-5\n\n - Update nopangoxft.patch\n\n - Fix rendering of MathML thanks to Behdad Esfahbod.\n\n - Update start page text to reflect the MathML fixes.\n\n - Enable pango by default on all locales\n\n - Build using -rpath\n\n - Re-enable GCC visibility\n\n - Thu Aug 3 2006 Kai Engert <kengert at redhat.com> -\n 1.5.0.5-4\n\n - Fix a build failure in mailnews mime code.\n\n - Tue Aug 1 2006 Matthias Clasen <mclasen at redhat.com>\n - 1.5.0.5-3\n\n - Rebuild\n\n - Thu Jul 27 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-2\n\n - Update to 1.5.0.5\n\n - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com>\n - 1.5.0.4-2.1\n\n - rebuild\n\n - Mon Jun 12 2006 Kai Engert <kengert at redhat.com> -\n 1.5.0.4-2\n\n - Update to 1.5.0.4\n\n - Fix desktop-file-utils requires\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2007-03-06T00:00:00", "title": "Fedora Core 5 : thunderbird-1.5.0.10-1.fc5 (2007-309)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-2868", "CVE-2007-1282", "CVE-2007-0775", "CVE-2007-2867", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "modified": "2007-03-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:thunderbird-debuginfo", "cpe:/o:fedoraproject:fedora_core:5", "p-cpe:/a:fedoraproject:fedora:thunderbird"], "id": "FEDORA_2007-309.NASL", "href": "https://www.tenable.com/plugins/nessus/24769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-309.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24769);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\", \"CVE-2007-1282\", \"CVE-2007-2867\", \"CVE-2007-2868\");\n script_xref(name:\"FEDORA\", value:\"2007-309\");\n\n script_name(english:\"Fedora Core 5 : thunderbird-1.5.0.10-1.fc5 (2007-309)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Mar 1 2007 Martin Stransky <stransky at redhat.com>\n 1.5.0.10-1\n\n - Update to 1.5.0.10\n\n - Tue Dec 19 2006 Matthias Clasen <mclasen at\n redhat.com> 1.5.0.9-2\n\n - Add a Requires: launchmail (#219884)\n\n - Tue Dec 19 2006 Christopher Aillon <caillon at\n redhat.com> 1.5.0.9-1\n\n - Update to 1.5.0.9\n\n - Take firefox's pango fixes\n\n - Don't offer to import...nothing.\n\n - Tue Nov 7 2006 Christopher Aillon <caillon at\n redhat.com> 1.5.0.8-1\n\n - Update to 1.5.0.8\n\n - Allow choosing of download directory\n\n - Take the user to the correct directory from the\n Download Manager.\n\n - Patch to add support for printing via pango from\n Behdad.\n\n - Sun Oct 8 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-4\n\n - Default to use of system colors\n\n - Wed Oct 4 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-3\n\n - Bring the invisible character to parity with GTK+\n\n - Wed Sep 27 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-2\n\n - Fix crash when changing gtk key theme\n\n - Prevent UI freezes while changing GNOME theme\n\n - Remove verbiage about pango; no longer required by\n upstream.\n\n - Wed Sep 13 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.7-1\n\n - Update to 1.5.0.7\n\n - Thu Sep 7 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-8\n\n - Shuffle order of the install phase around\n\n - Thu Sep 7 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-7\n\n - Let there be art for Alt+Tab again\n\n - s/tbdir/mozappdir/g\n\n - Wed Sep 6 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-6\n\n - Fix for cursor position in editor widgets by tagoh and\n behdad (#198759)\n\n - Tue Sep 5 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-5\n\n - Update nopangoxft.patch\n\n - Fix rendering of MathML thanks to Behdad Esfahbod.\n\n - Update start page text to reflect the MathML fixes.\n\n - Enable pango by default on all locales\n\n - Build using -rpath\n\n - Re-enable GCC visibility\n\n - Thu Aug 3 2006 Kai Engert <kengert at redhat.com> -\n 1.5.0.5-4\n\n - Fix a build failure in mailnews mime code.\n\n - Tue Aug 1 2006 Matthias Clasen <mclasen at redhat.com>\n - 1.5.0.5-3\n\n - Rebuild\n\n - Thu Jul 27 2006 Christopher Aillon <caillon at\n redhat.com> - 1.5.0.5-2\n\n - Update to 1.5.0.5\n\n - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com>\n - 1.5.0.4-2.1\n\n - rebuild\n\n - Mon Jun 12 2006 Kai Engert <kengert at redhat.com> -\n 1.5.0.4-2\n\n - Update to 1.5.0.4\n\n - Fix desktop-file-utils requires\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-March/001535.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e20333a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/03/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"thunderbird-1.5.0.10-1.fc5\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"thunderbird-debuginfo-1.5.0.10-1.fc5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T09:10:18", "description": "New mozilla-thunderbird packages are available for Slackware 10.2,\nand 11.0 to fix security issues.", "edition": 25, "published": "2007-03-12T00:00:00", "title": "Slackware 10.2 / 11.0 : mozilla-thunderbird (SSA:2007-066-04)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-2868", "CVE-2007-1282", "CVE-2007-0775", "CVE-2007-2867", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "modified": "2007-03-12T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:10.2", "p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird"], "id": "SLACKWARE_SSA_2007-066-04.NASL", "href": "https://www.tenable.com/plugins/nessus/24790", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2007-066-04. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24790);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\", \"CVE-2007-1282\", \"CVE-2007-2867\", \"CVE-2007-2868\");\n script_bugtraq_id(22566, 22679, 22694, 22826);\n script_xref(name:\"SSA\", value:\"2007-066-04\");\n\n script_name(english:\"Slackware 10.2 / 11.0 : mozilla-thunderbird (SSA:2007-066-04)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New mozilla-thunderbird packages are available for Slackware 10.2,\nand 11.0 to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e60aab9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mozilla-thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/03/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/02/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"10.2\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.5.0.10\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"mozilla-thunderbird\", pkgver:\"1.5.0.10\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:09", "description": " - Thu Mar 1 2007 Martin Stransky <stransky at redhat.com>\n 1.5.0.10-1\n\n - Update to 1.5.0.10\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2007-03-06T00:00:00", "title": "Fedora Core 6 : thunderbird-1.5.0.10-1.fc6 (2007-308)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-2868", "CVE-2007-1282", "CVE-2007-0775", "CVE-2007-2867", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "modified": "2007-03-06T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora_core:6", "p-cpe:/a:fedoraproject:fedora:thunderbird-debuginfo", "p-cpe:/a:fedoraproject:fedora:thunderbird"], "id": "FEDORA_2007-308.NASL", "href": "https://www.tenable.com/plugins/nessus/24768", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-308.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24768);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0775\", \"CVE-2007-0776\", \"CVE-2007-0777\", \"CVE-2007-1282\", \"CVE-2007-2867\", \"CVE-2007-2868\");\n script_xref(name:\"FEDORA\", value:\"2007-308\");\n\n script_name(english:\"Fedora Core 6 : thunderbird-1.5.0.10-1.fc6 (2007-308)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Thu Mar 1 2007 Martin Stransky <stransky at redhat.com>\n 1.5.0.10-1\n\n - Update to 1.5.0.10\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-March/001534.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f367f02a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 6.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC6\", reference:\"thunderbird-1.5.0.10-1.fc6\")) flag++;\nif (rpm_check(release:\"FC6\", reference:\"thunderbird-debuginfo-1.5.0.10-1.fc6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:44:48", "description": "Several remote vulnerabilities have been discovered in Mozilla\nFirefox.\n\nThis will be the last security update of Mozilla-based products for\nthe oldstable (sarge) distribution of Debian. We recommend to upgrade\nto stable (etch) as soon as possible.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing vulnerabilities :\n\n - CVE-2007-1282\n It was discovered that an integer overflow in\n text/enhanced message parsing allows the execution of\n arbitrary code.\n\n - CVE-2007-0994\n It was discovered that a regression in the JavaScript\n engine allows the execution of JavaScript with elevated\n privileges.\n\n - CVE-2007-0995\n It was discovered that incorrect parsing of invalid HTML\n characters allows the bypass of content filters.\n\n - CVE-2007-0996\n It was discovered that insecure child frame handling\n allows cross-site scripting.\n\n - CVE-2007-0981\n It was discovered that Firefox handles URI with a null\n byte in the hostname insecurely.\n\n - CVE-2007-0008\n It was discovered that a buffer overflow in the NSS code\n allows the execution of arbitrary code.\n\n - CVE-2007-0009\n It was discovered that a buffer overflow in the NSS code\n allows the execution of arbitrary code.\n\n - CVE-2007-0775\n It was discovered that multiple programming errors in\n the layout engine allow the execution of arbitrary code.\n\n - CVE-2007-0778\n It was discovered that the page cache calculates hashes\n in an insecure manner.\n\n - CVE-2006-6077\n It was discovered that the password manager allows the\n disclosure of passwords.", "edition": 26, "published": "2007-07-27T00:00:00", "title": "Debian DSA-1336-1 : mozilla-firefox - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0045", "CVE-2007-0981", "CVE-2007-0778", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0994"], "modified": "2007-07-27T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:mozilla-firefox"], "id": "DEBIAN_DSA-1336.NASL", "href": "https://www.tenable.com/plugins/nessus/25779", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1336. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25779);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-6077\", \"CVE-2007-0008\", \"CVE-2007-0009\", \"CVE-2007-0045\", \"CVE-2007-0775\", \"CVE-2007-0778\", \"CVE-2007-0981\", \"CVE-2007-0994\", \"CVE-2007-0995\", \"CVE-2007-0996\", \"CVE-2007-1282\");\n script_xref(name:\"DSA\", value:\"1336\");\n\n script_name(english:\"Debian DSA-1336-1 : mozilla-firefox - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in Mozilla\nFirefox.\n\nThis will be the last security update of Mozilla-based products for\nthe oldstable (sarge) distribution of Debian. We recommend to upgrade\nto stable (etch) as soon as possible.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing vulnerabilities :\n\n - CVE-2007-1282\n It was discovered that an integer overflow in\n text/enhanced message parsing allows the execution of\n arbitrary code.\n\n - CVE-2007-0994\n It was discovered that a regression in the JavaScript\n engine allows the execution of JavaScript with elevated\n privileges.\n\n - CVE-2007-0995\n It was discovered that incorrect parsing of invalid HTML\n characters allows the bypass of content filters.\n\n - CVE-2007-0996\n It was discovered that insecure child frame handling\n allows cross-site scripting.\n\n - CVE-2007-0981\n It was discovered that Firefox handles URI with a null\n byte in the hostname insecurely.\n\n - CVE-2007-0008\n It was discovered that a buffer overflow in the NSS code\n allows the execution of arbitrary code.\n\n - CVE-2007-0009\n It was discovered that a buffer overflow in the NSS code\n allows the execution of arbitrary code.\n\n - CVE-2007-0775\n It was discovered that multiple programming errors in\n the layout engine allow the execution of arbitrary code.\n\n - CVE-2007-0778\n It was discovered that the page cache calculates hashes\n in an insecure manner.\n\n - CVE-2006-6077\n It was discovered that the password manager allows the\n disclosure of passwords.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0008\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-0778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-6077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2007/dsa-1336\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the oldstable distribution (sarge) these problems have been fixed\nin version 1.0.4-2sarge17. You should upgrade to etch as soon as\npossible.\n\nThe stable distribution (etch) isn't affected. These vulnerabilities\nhave been fixed prior to the release of Debian etch.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(79, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mozilla-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/27\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/08/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"mozilla-firefox\", reference:\"1.0.4-2sarge17\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mozilla-firefox-dom-inspector\", reference:\"1.0.4-2sarge17\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mozilla-firefox-gnome-support\", reference:\"1.0.4-2sarge17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management (malloc and free) and shared library linking. ", "modified": "2007-02-26T22:03:32", "published": "2007-02-26T22:03:32", "id": "FEDORA:L1QM3WDB007663", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 6 Update: nspr-4.6.5-0.6.0.fc6", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "modified": "2007-02-26T22:03:36", "published": "2007-02-26T22:03:36", "id": "FEDORA:L1QM3AHB007672", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 6 Update: nss-3.11.5-0.6.0.fc6", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management (malloc and free) and shared library linking. ", "modified": "2007-02-26T22:03:17", "published": "2007-02-26T22:03:17", "id": "FEDORA:L1QM3HUX007576", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 5 Update: nspr-4.6.5-0.5.0.fc5", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "modified": "2007-02-26T22:03:21", "published": "2007-02-26T22:03:21", "id": "FEDORA:L1QM3L4K007582", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 5 Update: nss-3.11.5-0.5.0.fc5", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:23", "bulletinFamily": "software", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "Buffer overflows and integer overflows in SSL2 client and server code implementation.", "edition": 1, "modified": "2007-02-27T00:00:00", "published": "2007-02-27T00:00:00", "id": "SECURITYVULNS:VULN:7303", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7303", "title": "Mozilla libnss multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:21", "bulletinFamily": "software", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "description": "\r\nMozilla Foundation Security Advisory 2007-06\r\nTitle: Mozilla Network Security Services &#40;NSS&#41; SSLv2 buffer overflows\r\nImpact: Critical &#40;Firefox 2.0 not affected in default configuration&#41;\r\nAnnounced: February 23, 2007\r\nReporter: iDefense\r\nProducts: Firefox, Thunderbird, SeaMonkey\r\n\r\nFixed in: Firefox 2.0.0.2\r\n Firefox 1.5.0.10\r\n SeaMonkey 1.0.8\r\n NSS 3.11.5\r\nDescription\r\niDefense has informed Mozilla about two potential buffer overflow vulnerabilities found by researcher regenrecht in the Network Security Services &#40;NSS&#41; code for processing the SSLv2 protocol.\r\n\r\nSSL clients such as Firefox and Thunderbird can suffer a buffer overflow if a malicious server presents a certificate with a public key that is too small to encrypt the entire &quot;Master Secret&quot;. Exploiting this overflow appears to be unreliable but possible if the SSLv2 protocol is enabled.\r\n\r\nServers that use NSS for the SSLv2 protocol can be exploited by a client that presents a &quot;Client Master Key&quot; with invalid length values in any of several fields that are used without adequate error checking. This can lead to a buffer overflow that presumably could be exploitable.\r\n\r\nSupport for SSLv2 is disabled in Firefox 2 due to other known weaknesses in the protocol; Firefox 2 is not vulnerable unless the user has modified hidden internal NSS settings to re-enable SSLv2 support.\r\nWorkaround\r\nDisable the SSLv2 protocol in any product that has not already done so.\r\n\r\n In Firefox 1.5:\r\n Click on the Advanced icon in the Options/Preferences dialog.\r\n On the Security tab uncheck the box next to &quot;Use SSL 2.0&quot;\r\n click the &quot;OK&quot; button.\r\n\r\n In Thunderbird 1.5:\r\n Click on the Advanced icon in the Options/Preferences dialog.\r\n Click the &quot;Config Editor...&quot; button.\r\n Type ssl2 in the Filter field\r\n Double-click security.enable_ssl2 to change the value to false and close the window. \r\n\r\nServer products making use of NSS should also disable the SSLv2 protocol.\r\n\r\nProducts using the NSS libraries should upgrade to version 3.11.5\r\nReferences\r\niDefense advisory: SSLv2 Client Integer Underflow Vulnerability\r\nCVE-2007-0008\r\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=364319\r\n\r\niDefense advisory: SSLv2 Server Stack Overflow Vulnerability\r\nCVE-2007-0009\r\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=364323\r\n\r\n * Site Map\r\n * Security Updates\r\n * Contact Us\r\n * Donate\r\n", "edition": 1, "modified": "2007-02-27T00:00:00", "published": "2007-02-27T00:00:00", "id": "SECURITYVULNS:DOC:16204", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16204", "title": "Mozilla Foundation Security Advisory 2007-06", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:21", "bulletinFamily": "software", "cvelist": ["CVE-2007-0009"], "description": "Apologies... The correct advisory text follows.\r\n\r\nMozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability\r\n\r\niDefense Security Advisory 02.23.07\r\nhttp://labs.idefense.com/intelligence/vulnerabilities/\r\nFeb 23, 2007\r\n\r\nI. BACKGROUND\r\n\r\nNetwork Security Services &#40;NSS&#41; is a set of libraries designed to support\r\ncross-platform development of security-enabled client and server\r\napplications, providing support for, among others, SSL &#40;Secure Socket\r\nLayer&#41; protocol version 2 and 3. For more information visit the following\r\nURL.\r\n\r\nhttp://www.mozilla.org/projects/security/pki/nss/tools/\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of an input validation error causing an integer\r\nunderflow in version 3.10 of the Mozilla Foundation&#39;s Network Security\r\nServices &#40;NSS&#41; may allow an attacker to cause a stack-based buffer\r\noverflow and execute arbitrary code on the affected application.\r\n\r\nThe vulnerability specifically exists in code responsible for handling the\r\nclient master key. While negotiating an SSLv2 session, a client can specify\r\ninvalid parameters which causes an integer underflow. The resulting value\r\nis used as the amount of memory to copy into a fixed size stack buffer. As\r\na result, a potentially exploitable stack-based buffer overflow condition\r\noccurs.\r\n\r\nIII. ANALYSIS\r\n\r\nSuccessful exploitation of this vulnerability would allow an attacker to\r\nexecute arbitrary code in the context of the affected server. No\r\nauthentication is required to reach the vulnerable code. No user\r\ninteraction is required.\r\n\r\nSince this vulnerability is in library code used by multiple applications,\r\nthe details of how an attacker would exploit it vary. In all cases, an\r\nattacker would need to specify invalid parameters as part of the SSLv2\r\nhandshake.\r\n\r\nCode execution has been demonstrated to be possible under Windows 2000\r\nwith a server utilizing the affected library. Depending on the precise\r\ndetails of the server, this vulnerability may also be exploitable on other\r\nplatforms.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed this vulnerability exists in versions 3.10 and\r\n3.11.3 of the Mozilla Network Security Services. These libraries are used\r\nin a variety of products from multiple vendors including Sun Microsystems,\r\nRed Hat and Mozilla. Previous versions are also likely to be affected. The\r\nnames &#39;libnss3.so&#39; on Linux based systems or &#39;nss3.dll&#39; on Windows based\r\nsystems may indicate the library is being used by an application.\r\n\r\nV. WORKAROUND\r\n\r\niDefense is not aware of any effective workaround for this vulnerability.\r\nWith some servers it may be possible to prevent exposure by disabling\r\nSSLv2 support and employing a different protocol. However, this workaround\r\nmay prevent some clients from being able to access the server.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nThe Mozilla Foundation has addressed this vulnerability in Mozilla\r\nFoundation Security Advisory 2007-06. For more information, view their\r\nadvisory at the following URL.\r\n\r\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-06.html\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures &#40;CVE&#41; project has assigned the\r\nname CVE-2007-0009 to this issue. This is a candidate for inclusion in\r\nthe CVE list &#40;http://cve.mitre.org/&#41;, which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n12/18/2006 Initial vendor notification\r\n12/19/2006 Initial vendor response\r\n02/23/2007 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThis vulnerability was reported to iDefense by regenrecht.\r\n\r\nGet paid for vulnerability research\r\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com/\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2007 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert electronically.\r\nIt may not be edited in any way without the express written consent of\r\niDefense. If you wish to reprint the whole or any part of this alert in\r\nany other medium other than electronically, please e-mail\r\ncustomerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate at\r\nthe time of publishing based on currently available information. Use of\r\nthe information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on, this\r\ninformation.", "edition": 1, "modified": "2007-02-25T00:00:00", "published": "2007-02-25T00:00:00", "id": "SECURITYVULNS:DOC:16173", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16173", "title": "iDefense Security Advisory 02.23.07: Mozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:21", "bulletinFamily": "software", "cvelist": ["CVE-2007-0008"], "description": "Mozilla Network Security Services SSLv2 Client Integer Underflow\r\nVulnerability\r\n\r\niDefense Security Advisory 02.23.07\r\nhttp://labs.idefense.com/intelligence/vulnerabilities/\r\nFeb 23, 2007\r\n\r\nI. BACKGROUND\r\n\r\nNetwork Security Services &#40;NSS&#41; is a set of libraries designed to support\r\ncross-platform development of security-enabled client and server\r\napplications, providing support for, among others, SSL &#40;Secure Socket\r\nLayer&#41; protocol version 2 and 3. For more information visit the following\r\nURL.\r\n\r\nhttp://www.mozilla.org/projects/security/pki/nss/tools/\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of an input validation error causing an integer\r\nunderflow in version 3.10 of the Mozilla Foundation&#39;s Network Security\r\nServices &#40;NSS&#41; may allow an attacker to execute arbitrary code in the\r\ncontext of the affected application.\r\n\r\nThe vulnerability specifically exists due to a design error in the\r\nprocessing of malformed SSLv2 server messages. By sending a certificate\r\nwith a public key too small to encrypt the &quot;Master Secret&quot;, heap\r\ncorruption can be triggered which may result in the execution of arbitrary\r\ncode.\r\n\r\nIII. ANALYSIS\r\n\r\nSuccessful exploitation of this vulnerability would allow an attacker to\r\nexecute arbitrary code in the context of the user running the affected\r\nclient.\r\n\r\nSince this vulnerability is in library code used by multiple applications,\r\nthe details of how an attacker would exploit it vary. In all cases, the\r\naffected client connects to a server which replies in the initial\r\nhandshake with a specially crafted certificate. This causes a heap based\r\noverflow with random data and eventually causes a fault writing past the\r\nend of the allocated space. Some applications may use values from the\r\noverwritten memory locations before the program exits. In this case, it\r\nmay be possible for an attacker to cause code to execute.\r\n\r\nAlthough the data which overruns the heap is random, code execution is\r\npossible on some platforms with some applications using the library.\r\nAlthough unreliable, iDefense has demonstrated that this vulnerability can\r\nresult in code execution with Firefox 1.5.0.9 on Windows XP.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed this vulnerability exists in versions 3.10 and\r\n3.11.3 of Mozilla Network Security Services. These libraries are used in a\r\nvariety of products from multiple vendors including Sun Microsystems, Red\r\nHat and Mozilla. Previous versions are also likely to be affected. The\r\nnames &#39;libnss3.so&#39; on Linux based systems or &#39;nss3.dll&#39; on Windows based\r\nsystems may indicate the library is being used by an application.\r\n\r\nV. WORKAROUND\r\n\r\niDefense is not aware of any effective workaround for this vulnerability.\r\nWith some clients, it may be possible to mitigate exposure by disabling\r\nSSLv2 support. However, this may cause problems connecting to servers\r\nusing only SSLv2.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nThe Mozilla Foundation has addressed this vulnerability in Mozilla\r\nFoundation Security Advisory 2007-06. For more information, view their\r\nadvisory at the following URL.\r\n\r\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-06.html\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures &#40;CVE&#41; project has assigned the\r\nname CVE-2007-0008 to this issue. This is a candidate for inclusion in\r\nthe CVE list &#40;http://cve.mitre.org/&#41;, which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n12/18/2006 Initial vendor notification\r\n12/19/2006 Initial vendor response\r\n02/23/2007 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThis vulnerability was reported to iDefense by regenrecht.\r\n\r\nGet paid for vulnerability research\r\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com/\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2007 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert electronically.\r\nIt may not be edited in any way without the express written consent of\r\niDefense. If you wish to reprint the whole or any part of this alert in\r\nany other medium other than electronically, please e-mail\r\ncustomerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate at\r\nthe time of publishing based on currently available information. Use of\r\nthe information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on, this\r\ninformation.", "edition": 1, "modified": "2007-02-25T00:00:00", "published": "2007-02-25T00:00:00", "id": "SECURITYVULNS:DOC:16174", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16174", "title": "iDefense Security Advisory 02.23.07: Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:21", "bulletinFamily": "software", "cvelist": ["CVE-2007-0008"], "description": "Mozilla Network Security Services SSLv2 Client Integer Underflow\r\nVulnerability\r\n\r\niDefense Security Advisory 02.23.07\r\nhttp://labs.idefense.com/intelligence/vulnerabilities/\r\nFeb 23, 2007\r\n\r\nI. BACKGROUND\r\n\r\nNetwork Security Services &#40;NSS&#41; is a set of libraries designed to support\r\ncross-platform development of security-enabled client and server\r\napplications, providing support for, among others, SSL &#40;Secure Socket\r\nLayer&#41; protocol version 2 and 3. For more information visit the following\r\nURL.\r\n\r\nhttp://www.mozilla.org/projects/security/pki/nss/tools/\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of an input validation error causing an integer\r\nunderflow in version 3.10 of the Mozilla Foundation&#39;s Network Security\r\nServices &#40;NSS&#41; may allow an attacker to execute arbitrary code in the\r\ncontext of the affected application.\r\n\r\nThe vulnerability specifically exists due to a design error in the\r\nprocessing of malformed SSLv2 server messages. By sending a certificate\r\nwith a public key too small to encrypt the &quot;Master Secret&quot;, heap\r\ncorruption can be triggered which may result in the execution of arbitrary\r\ncode.\r\n\r\nIII. ANALYSIS\r\n\r\nSuccessful exploitation of this vulnerability would allow an attacker to\r\nexecute arbitrary code in the context of the user running the affected\r\nclient.\r\n\r\nSince this vulnerability is in library code used by multiple applications,\r\nthe details of how an attacker would exploit it vary. In all cases, the\r\naffected client connects to a server which replies in the initial\r\nhandshake with a specially crafted certificate. This causes a heap based\r\noverflow with random data and eventually causes a fault writing past the\r\nend of the allocated space. Some applications may use values from the\r\noverwritten memory locations before the program exits. In this case, it\r\nmay be possible for an attacker to cause code to execute.\r\n\r\nAlthough the data which overruns the heap is random, code execution is\r\npossible on some platforms with some applications using the library.\r\nAlthough unreliable, iDefense has demonstrated that this vulnerability can\r\nresult in code execution with Firefox 1.5.0.9 on Windows XP.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed this vulnerability exists in versions 3.10 and\r\n3.11.3 of Mozilla Network Security Services. These libraries are used in a\r\nvariety of products from multiple vendors including Sun Microsystems, Red\r\nHat and Mozilla. Previous versions are also likely to be affected. The\r\nnames &#39;libnss3.so&#39; on Linux based systems or &#39;nss3.dll&#39; on Windows based\r\nsystems may indicate the library is being used by an application.\r\n\r\nV. WORKAROUND\r\n\r\niDefense is not aware of any effective workaround for this vulnerability.\r\nWith some clients, it may be possible to mitigate exposure by disabling\r\nSSLv2 support. However, this may cause problems connecting to servers\r\nusing only SSLv2.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nThe Mozilla Foundation has addressed this vulnerability in Mozilla\r\nFoundation Security Advisory 2007-06. For more information, view their\r\nadvisory at the following URL.\r\n\r\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-06.html\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures &#40;CVE&#41; project has assigned the\r\nname CVE-2007-0008 to this issue. This is a candidate for inclusion in\r\nthe CVE list &#40;http://cve.mitre.org/&#41;, which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n12/18/2006 Initial vendor notification\r\n12/19/2006 Initial vendor response\r\n02/23/2007 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThis vulnerability was reported to iDefense by regenrecht.\r\n\r\nGet paid for vulnerability research\r\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com/\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2007 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert electronically.\r\nIt may not be edited in any way without the express written consent of\r\niDefense. If you wish to reprint the whole or any part of this alert in\r\nany other medium other than electronically, please e-mail\r\ncustomerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate at\r\nthe time of publishing based on currently available information. Use of\r\nthe information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on, this\r\ninformation.", "edition": 1, "modified": "2007-02-25T00:00:00", "published": "2007-02-25T00:00:00", "id": "SECURITYVULNS:DOC:16172", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16172", "title": "iDefense Security Advisory 02.23.07: Mozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-0371", "CVE-2012-3544", "CVE-2014-0400", "CVE-2013-5879", "CVE-2013-5876", "CVE-2013-5889", "CVE-2013-5909", "CVE-2014-0392", "CVE-2013-5873", "CVE-2013-5858", "CVE-2014-0405", "CVE-2013-5860", "CVE-2014-0367", "CVE-2014-0385", "CVE-2013-5878", "CVE-2014-0410", "CVE-2014-0398", "CVE-2013-5897", "CVE-2013-2071", "CVE-2014-0404", "CVE-2014-0415", "CVE-2014-0434", "CVE-2013-5884", "CVE-2014-0435", "CVE-2014-0443", "CVE-2013-5870", "CVE-2014-0390", "CVE-2013-5905", "CVE-2013-5880", "CVE-2013-5904", "CVE-2014-0391", "CVE-2013-5888", "CVE-2013-5893", "CVE-2014-0387", "CVE-2014-0393", "CVE-2014-0399", "CVE-2012-4605", "CVE-2013-5821", "CVE-2014-0431", "CVE-2013-5898", "CVE-2014-0427", "CVE-2014-0441", "CVE-2013-5900", "CVE-2013-1654", "CVE-2014-0433", "CVE-2014-0375", "CVE-2013-5886", "CVE-2014-0401", "CVE-2014-0396", "CVE-2014-0406", "CVE-2013-5872", "CVE-2014-0440", "CVE-2014-0425", "CVE-2013-5883", "CVE-2013-1862", "CVE-2013-5834", "CVE-2014-0418", "CVE-2014-0373", "CVE-2013-5877", "CVE-2013-5874", "CVE-2014-0439", "CVE-2014-0394", "CVE-2013-5887", "CVE-2014-0408", "CVE-2014-0376", "CVE-2014-0422", "CVE-2014-0419", "CVE-2014-0411", "CVE-2014-0369", "CVE-2014-0366", "CVE-2013-5882", "CVE-2013-5895", "CVE-2003-1067", "CVE-2014-0437", "CVE-2013-5885", "CVE-2013-5901", "CVE-2013-5881", "CVE-2013-2067", "CVE-2014-0389", "CVE-2014-0388", "CVE-2013-5899", "CVE-2014-0412", "CVE-2013-5896", "CVE-2013-3830", "CVE-2014-0417", "CVE-2014-0372", "CVE-2014-0407", "CVE-2013-5910", "CVE-2013-5906", "CVE-2014-0428", "CVE-2013-5891", "CVE-2014-0382", "CVE-2014-0370", "CVE-2013-5808", "CVE-2013-5871", "CVE-2014-0402", "CVE-2013-2924", "CVE-2014-0368", "CVE-2014-0420", "CVE-2013-5853", "CVE-2014-0423", "CVE-2013-5868", "CVE-2014-0430", "CVE-2014-0374", "CVE-2013-5875", "CVE-2013-5869", "CVE-2013-5907", "CVE-2014-0377", "CVE-2012-3499", "CVE-2013-5902", "CVE-2013-5894", "CVE-2013-5795", "CVE-2007-0009", "CVE-2013-5892", "CVE-2014-0381", "CVE-2014-0383", "CVE-2014-0424", "CVE-2014-0395", "CVE-2013-4316", "CVE-2014-0379", "CVE-2014-0403", "CVE-2013-5908", "CVE-2014-0386", "CVE-2007-1858", "CVE-2013-5785", "CVE-2014-0445", "CVE-2013-5764", "CVE-2014-0444", "CVE-2014-0378", "CVE-2013-5833", "CVE-2013-1620", "CVE-2013-5890", "CVE-2014-0416", "CVE-2014-0380", "CVE-2014-0438"], "description": "Quarterly update fixes 144 different vulnerabilities.", "edition": 1, "modified": "2014-05-05T00:00:00", "published": "2014-05-05T00:00:00", "id": "SECURITYVULNS:VULN:13537", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13537", "title": "Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-0009"], "edition": 1, "description": "### Background\n\nThe Mozilla Network Security Service is a library implementing security features like SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates. \n\n### Description\n\niDefense has reported two potential buffer overflow vulnerabilities found by researcher \"regenrecht\" in the code implementing the SSLv2 protocol. \n\n### Impact\n\nA remote attacker could send a specially crafted SSL master key to a server using NSS for the SSLv2 protocol, or entice a user to connect to a malicious server with a client-side application using NSS like one of the Mozilla products. This could trigger the vulnerabilities and result in the possible execution of arbitrary code with the rights of the vulnerable application. \n\n### Workaround\n\nDisable the SSLv2 protocol in the applications using NSS. \n\n### Resolution\n\nAll NSS users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.11.5\"", "modified": "2007-03-20T00:00:00", "published": "2007-03-20T00:00:00", "id": "GLSA-200703-22", "href": "https://security.gentoo.org/glsa/200703-22", "type": "gentoo", "title": "Mozilla Network Security Service: Remote execution of arbitrary code", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:47:04", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "description": "### Background\n\nMozilla Thunderbird is a popular open-source email client from the Mozilla Project. \n\n### Description\n\nGeorgi Guninski reported a possible integer overflow in the code handling text/enhanced or text/richtext MIME emails. Additionally, various researchers reported errors in the JavaScript engine potentially leading to memory corruption. Additionally, the binary version of Mozilla Thunderbird includes a vulnerable NSS library which contains two possible buffer overflows involving the SSLv2 protocol. \n\n### Impact\n\nAn attacker could entice a user to read a specially crafted email that could trigger one of the vulnerabilities, some of them being related to Mozilla Thunderbird's handling of JavaScript, possibly leading to the execution of arbitrary code. \n\n### Workaround\n\nThere is no known workaround at this time for all of these issues, but some of them can be avoided by disabling JavaScript. Note that the execution of JavaScript is disabled by default and enabling it is strongly discouraged. \n\n### Resolution\n\nAll Mozilla Thunderbird users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/mozilla-thunderbird-1.5.0.10\"\n\nAll Mozilla Thunderbird binary users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/mozilla-thunderbird-bin-1.5.0.10\"", "edition": 1, "modified": "2007-03-18T00:00:00", "published": "2007-03-18T00:00:00", "id": "GLSA-200703-18", "href": "https://security.gentoo.org/glsa/200703-18", "type": "gentoo", "title": "Mozilla Thunderbird: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T01:42:28", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-0009"], "description": "The SSLv2 protocol support in the NSS library did not sufficiently \ncheck the validity of public keys presented with a SSL certificate. A \nmalicious SSL web site using SSLv2 could potentially exploit this to \nexecute arbitrary code with the user's privileges. (CVE-2007-0008)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently \nverify the validity of client master keys presented in an SSL client \ncertificate. A remote attacker could exploit this to execute arbitrary \ncode in a server application that uses the NSS library. (CVE-2007-0009)\n\nVarious flaws have been reported that could allow an attacker to execute \narbitrary code with user privileges by tricking the user into opening a \nmalicious web page. (CVE-2007-0775, CVE-2007-0776, CVE-2007-0777)", "edition": 6, "modified": "2007-03-07T00:00:00", "published": "2007-03-07T00:00:00", "id": "USN-431-1", "href": "https://ubuntu.com/security/notices/USN-431-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:30:23", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800"], "description": "USN-428-1 fixed vulnerabilities in Firefox 1.5. However, changes to \nlibrary paths caused applications depending on libnss3 to fail to start \nup. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nSeveral flaws have been found that could be used to perform Cross-site \nscripting attacks. A malicious web site could exploit these to modify \nthe contents or steal confidential data (such as passwords) from other \nopened web pages. (CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, \nCVE-2007-0981, CVE-2007-0995, CVE-2007-0996)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently \ncheck the validity of public keys presented with a SSL certificate. A \nmalicious SSL web site using SSLv2 could potentially exploit this to \nexecute arbitrary code with the user's privileges. (CVE-2007-0008)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently \nverify the validity of client master keys presented in an SSL client \ncertificate. A remote attacker could exploit this to execute arbitrary \ncode in a server application that uses the NSS library. \n(CVE-2007-0009)\n\nVarious flaws have been reported that could allow an attacker to \nexecute arbitrary code with user privileges by tricking the user into \nopening a malicious web page. (CVE-2007-0775, CVE-2007-0776, \nCVE-2007-0777, CVE-2007-1092)\n\nTwo web pages could collide in the disk cache with the result that \ndepending on order loaded the end of the longer document could be \nappended to the shorter when the shorter one was reloaded from the \ncache. It is possible a determined hacker could construct a targeted \nattack to steal some sensitive data from a particular web page. The \npotential victim would have to be already logged into the targeted \nservice (or be fooled into doing so) and then visit the malicious \nsite. (CVE-2007-0778)\n\nDavid Eckel reported that browser UI elements--such as the host name \nand security indicators--could be spoofed by using custom cursor \nimages and a specially crafted style sheet. (CVE-2007-0779)", "edition": 6, "modified": "2007-03-02T00:00:00", "published": "2007-03-02T00:00:00", "id": "USN-428-2", "href": "https://ubuntu.com/security/notices/USN-428-2", "title": "Firefox regression", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:27:57", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800"], "description": "Several flaws have been found that could be used to perform Cross-site \nscripting attacks. A malicious web site could exploit these to modify \nthe contents or steal confidential data (such as passwords) from other \nopened web pages. (CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, \nCVE-2007-0981, CVE-2007-0995, CVE-2007-0996)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently \ncheck the validity of public keys presented with a SSL certificate. A \nmalicious SSL web site using SSLv2 could potentially exploit this to \nexecute arbitrary code with the user's privileges. (CVE-2007-0008)\n\nThe SSLv2 protocol support in the NSS library did not sufficiently \nverify the validity of client master keys presented in an SSL client \ncertificate. A remote attacker could exploit this to execute arbitrary \ncode in a server application that uses the NSS library. \n(CVE-2007-0009)\n\nVarious flaws have been reported that could allow an attacker to \nexecute arbitrary code with user privileges by tricking the user into \nopening a malicious web page. (CVE-2007-0775, CVE-2007-0776, \nCVE-2007-0777, CVE-2007-1092)\n\nTwo web pages could collide in the disk cache with the result that \ndepending on order loaded the end of the longer document could be \nappended to the shorter when the shorter one was reloaded from the \ncache. It is possible a determined hacker could construct a targeted \nattack to steal some sensitive data from a particular web page. The \npotential victim would have to be already logged into the targeted \nservice (or be fooled into doing so) and then visit the malicious \nsite. (CVE-2007-0778)\n\nDavid Eckel reported that browser UI elements--such as the host name \nand security indicators--could be spoofed by using custom cursor \nimages and a specially crafted style sheet. (CVE-2007-0779)", "edition": 6, "modified": "2007-03-01T00:00:00", "published": "2007-03-01T00:00:00", "id": "USN-428-1", "href": "https://ubuntu.com/security/notices/USN-428-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cert": [{"lastseen": "2020-09-18T20:42:43", "bulletinFamily": "info", "cvelist": ["CVE-2007-0009"], "description": "### Overview \n\nA vulnerability in the way Mozilla Network Security Services (NSS) handles the client master key may lead to execution of arbitrary code.\n\n### Description \n\nThe [SSLv2](<http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html>) protocol uses a client master key to generate all subsequent session keys. The validity of the client master key is determined during phase one of the SSL handshake. Mozilla [NSS](<http://www.mozilla.org/projects/security/pki/nss/>) library contains a vulnerability in the way client master keys with invalid length values are handled that may result in a buffer overflow. According to the Mozilla Foundation Security Advisory (MFSA) [2007-06](<http://www.mozilla.org/security/announce/2006/mfsa2007-06.html>):\n\n_Servers that use NSS for the SSLv2 protocol can be exploited by a client that presents a \"Client Master Key\" with invalid length values in any of several fields that are used without adequate error checking. This can lead to a buffer overflow that presumably could be exploitable._ \n \nNote that this vulnerability may affect any application that uses the Mozilla NSS library. \n \n--- \n \n### Impact \n\nA remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user who is running the vulnerable application or cause a denial of service. \n \n--- \n \n### Solution \n\n**Apply an update** \nAccording to the Mozilla Foundation Security Advisory [2007-06](<http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>), this vulnerability is addressed in [Firefox 2.0.0.2](<http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/>), [Firefox 1.5.0.10](<http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html>), [SeaMonkey 1.0.8](<http://www.mozilla.org/projects/seamonkey/releases/>), and [NSS 3.11.5](<http://www.mozilla.org/projects/security/pki/nss/>). \n \n--- \n \n**Disable SSLv2**\n\n \nDisabling support for the SSLv2 protocol appears to prevent exploitation of this vulnerability. Instructions for disabling the SSLv2 protocol support in Firefox and Thunderbird can be found in the Mozilla Foundation Security Advisory [2007-06](<http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>). SSLv2 is disabled by default in Firefox 2. \n \n--- \n \n### Vendor Information\n\n592796\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Fedora Project __ Affected\n\nUpdated: March 07, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [FEDORA-2007-308](<http://fedoranews.org/cms/node/2747>) and [FEDORA-2007-309](<http://fedoranews.org/cms/node/2749>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### Gentoo Linux __ Affected\n\nUpdated: April 05, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [glsa-200703-18](<http://www.gentoo.org/security/en/glsa/glsa-200703-18.xml>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### Mandriva, Inc. __ Affected\n\nUpdated: March 07, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to Mandriva Linux Security Advisory [MDKSA-2007:052](<http://www.mandriva.com/security/advisories?name=MDKSA-2007:052>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23377812 Feedback>).\n\n### Mozilla __ Affected\n\nUpdated: February 27, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to Mozilla Foundation Security Advisory [2007-06](<http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### Red Hat, Inc. __ Affected\n\nUpdated: March 07, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [RHSA-2007-0079](<http://rhn.redhat.com/errata/RHSA-2007-0079.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### SUSE Linux __ Affected\n\nUpdated: March 07, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [SUSE-SA:2007:019](<http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### Slackware Linux Inc. __ Affected\n\nUpdated: April 05, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [SSA:2007-066-04](<http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### Sun Microsystems, Inc. __ Affected\n\nUpdated: April 05, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to Sun Alert Notification [102856](<http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### Ubuntu __ Affected\n\nUpdated: March 07, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to Ubuntu Security Notice [USN-431-1](<http://www.ubuntu.com/usn/usn-431-1>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n### rPath __ Affected\n\nUpdated: March 07, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to rPath Security Advisory: [2007-0040-3](<https://issues.rpath.com/browse/RPL-1081>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23592796 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>\n * <http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=483>\n * <http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html>\n * <http://www.mozilla.org/projects/security/pki/nss/>\n * <http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html>\n * <http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/>\n * <http://www.mozilla.org/projects/seamonkey/releases/>\n * <http://secunia.com/advisories/24238/>\n * <http://secunia.com/advisories/24287/>\n * <http://secunia.com/advisories/24205/>\n * <http://secunia.com/advisories/24290/>\n * <http://secunia.com/advisories/24253/>\n * <http://secunia.com/advisories/24252/>\n * <http://secunia.com/advisories/24320/>\n * <http://secunia.com/advisories/24328/>\n * <http://secunia.com/advisories/24293/>\n * <http://secunia.com/advisories/24327/>\n * <http://secunia.com/advisories/24277/>\n * <http://secunia.com/advisories/24343/>\n * <http://secunia.com/advisories/24333/>\n * <http://www.ciac.org/ciac/bulletins/r-164.shtml>\n * <http://secunia.com/advisories/24406/>\n * <http://secunia.com/advisories/24384/>\n * <http://secunia.com/advisories/24410/>\n * <http://secunia.com/advisories/24389/>\n * <http://secunia.com/advisories/24455/>\n * <http://secunia.com/advisories/24456/>\n * <http://secunia.com/advisories/24457/>\n * <http://www.securityfocus.com/bid/22694>\n * <http://secunia.com/advisories/24703/>\n\n### Acknowledgements\n\nThis vulnerability was reported in Mozilla Foundation Security Advisory 2007-06. Mozilla credits iDefense with reporting this issue.\n\nThis document was written by Chris Taschner.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2007-0009](<http://web.nvd.nist.gov/vuln/detail/CVE-2007-0009>) \n---|--- \n**Severity Metric:** | 12.72 \n**Date Public:** | 2007-02-23 \n**Date First Published:** | 2007-03-07 \n**Date Last Updated: ** | 2007-04-05 18:59 UTC \n**Document Revision: ** | 58 \n", "modified": "2007-04-05T18:59:00", "published": "2007-03-07T00:00:00", "id": "VU:592796", "href": "https://www.kb.cert.org/vuls/id/592796", "type": "cert", "title": "Mozilla Network Security Services (NSS) fails to properly handle the client master key", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T20:42:52", "bulletinFamily": "info", "cvelist": ["CVE-2007-0008"], "description": "### Overview \n\nA vulnerability in the way Mozilla Network Security Services (NSS) handles malformed SSLv2 server messages may lead to execution of arbitrary code.\n\n### Description \n\nThe [SSLv2](<http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html>) protocol uses a client master key to generate all subsequent session keys. The client master key is created using a public key recieved from the server during phase one of the SSL handshake. Mozilla [NSS](<http://www.mozilla.org/projects/security/pki/nss/>) library contains a vulnerability in the way malformed SSLv2 server messages related to the public key are handled that may result in a buffer overflow. According to the Mozilla Foundation Security Advisory [2007-06](<http://www.mozilla.org/security/announce/2006/mfsa2007-06.html>):\n\n_SSL clients such as Firefox and Thunderbird can suffer a buffer overflow if a malicious server presents a certificate with a public key that is too small to encrypt the entire \"Master Secret\". Exploiting this overflow appears to be unreliable but possible if the SSLv2 protocol is enabled_. \n \nNote that this vulnerability may affect any application that uses the Mozilla NSS library. \n \n--- \n \n### Impact \n\nA remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user who is running the vulnerable application or cause a denial of service. \n \n--- \n \n### Solution \n\n**Apply an update** \nAccording to the Mozilla Foundation Security Advisory [2007-06](<http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>), this vulnerability is addressed in [Firefox 2.0.0.2](<http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/>), [Firefox 1.5.0.10](<http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html>), [SeaMonkey 1.0.8](<http://www.mozilla.org/projects/seamonkey/releases/>), and [NSS 3.11.5](<http://www.mozilla.org/projects/security/pki/nss/>). \n \n--- \n \n**Disable SSLv2**\n\n \nDisabling support for the SSLv2 protocol appears to prevent exploitation of this vulnerability. Instructions for disabling the SSLv2 protocol support in Firefox and Thunderbird can be found in the Mozilla Foundation Security Advisory [2007-06](<http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>). \n \n--- \n \n### Vendor Information\n\n377812\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Gentoo Linux __ Affected\n\nUpdated: April 05, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [glsa-200703-18](<http://www.gentoo.org/security/en/glsa/glsa-200703-18.xml>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23377812 Feedback>).\n\n### Mozilla __ Affected\n\nUpdated: February 27, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to Mozilla Foundation Security Advisory [2007-06](<http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23377812 Feedback>).\n\n### Slackware Linux Inc. __ Affected\n\nUpdated: April 05, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to [SSA:2007-066-04](<http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23377812 Feedback>).\n\n### Sun Microsystems, Inc. __ Affected\n\nUpdated: April 05, 2007 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nRefer to Sun Alert Notification [102856](<http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23377812 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://www.mozilla.org/security/announce/2007/mfsa2007-06.html>\n * <http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482>\n * <http://www.mozilla.org/projects/security/pki/nss/>\n * <http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html>\n * <http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html>\n * <http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/>\n * <http://www.mozilla.org/projects/seamonkey/releases/>\n * <http://secunia.com/advisories/24238/>\n * <http://secunia.com/advisories/24287/>\n * <http://secunia.com/advisories/24205/>\n * <http://secunia.com/advisories/24290/>\n * <http://secunia.com/advisories/24253/>\n * <http://secunia.com/advisories/24252/>\n * <http://secunia.com/advisories/24320/>\n * <http://secunia.com/advisories/24328/>\n * <http://secunia.com/advisories/24293/>\n * <http://secunia.com/advisories/24327/>\n * <http://secunia.com/advisories/24277/>\n * <http://secunia.com/advisories/24289/>\n * <http://secunia.com/advisories/24343/>\n * <http://secunia.com/advisories/24333/>\n * <http://www.ciac.org/ciac/bulletins/r-164.shtml>\n * <http://secunia.com/advisories/24406/>\n * <http://secunia.com/advisories/24384/>\n * <http://secunia.com/advisories/24410/>\n * <http://secunia.com/advisories/24389/>\n * <http://secunia.com/advisories/24455/>\n * <http://secunia.com/advisories/24456/>\n * <http://secunia.com/advisories/24457/>\n * <http://www.securityfocus.com/bid/22694>\n * <http://secunia.com/advisories/24703/>\n\n### Acknowledgements\n\nThis vulnerability was reported in Mozilla Foundation Security Advisory 2007-06. Mozilla credits iDefense with reporting this issue.\n\nThis document was written by Chris Taschner.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2007-0008](<http://web.nvd.nist.gov/vuln/detail/CVE-2007-0008>) \n---|--- \n**Severity Metric:** | 12.72 \n**Date Public:** | 2007-02-23 \n**Date First Published:** | 2007-03-07 \n**Date Last Updated: ** | 2007-04-05 18:39 UTC \n**Document Revision: ** | 60 \n", "modified": "2007-04-05T18:39:00", "published": "2007-03-07T00:00:00", "id": "VU:377812", "href": "https://www.kb.cert.org/vuls/id/377812", "type": "cert", "title": "Mozilla Network Security Services (NSS) fails to properly process malformed SSLv2 server messages", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:28", "bulletinFamily": "software", "cvelist": ["CVE-2007-0009"], "description": "## Vulnerability Description\nA remote overflow exists in Mozilla Foundation's Network Security Services (NSS) libraries. The vulnerability is due to inadequate error checking in the Network Security Services (NSS) code that is responsible for handling the Client Master Key. A remote attacker can exploit the vulnerability with a specially-crafted SSLv2 certificate containing a Client Master Key with invalid length values. This may result in a stack-based buffer overflow allowing the attacker to crash the affected server or to execute arbitrary code in the context of the affected server, resulting in a loss of availability and/or integrity.\n## Technical Description\nMozilla Network Security Services libraries are used in a variety of products. The names 'libnss3.so' on Linux-based systems or 'nss3.dll' on Windows-based systems may indicate the affected library is being used by an application.\n## Solution Description\nUpgrade to the following versions of the affected products as these versions have been reported to fix this vulnerability:\nMozilla Network Security Services (NSS): version 3.11.5 or higher\n\nIt is also possible to correct the flaw by implementing the following workaround(s): Disable the SSLv2 protocol in any product that has not already done so.\n## Short Description\nA remote overflow exists in Mozilla Foundation's Network Security Services (NSS) libraries. The vulnerability is due to inadequate error checking in the Network Security Services (NSS) code that is responsible for handling the Client Master Key. A remote attacker can exploit the vulnerability with a specially-crafted SSLv2 certificate containing a Client Master Key with invalid length values. This may result in a stack-based buffer overflow allowing the attacker to crash the affected server or to execute arbitrary code in the context of the affected server, resulting in a loss of availability and/or integrity.\n## References:\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=364323\nVendor Specific News/Changelog Entry: http://www.mozilla.org/projects/seamonkey/releases/\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2007/mfsa2007-06.html)\n[Vendor Specific Advisory URL](http://lists.rpath.com/pipermail/security-announce/2007-February/000153.html)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc)\n[Secunia Advisory ID:24562](https://secuniaresearch.flexerasoftware.com/advisories/24562/)\n[Secunia Advisory ID:24333](https://secuniaresearch.flexerasoftware.com/advisories/24333/)\n[Secunia Advisory ID:24569](https://secuniaresearch.flexerasoftware.com/advisories/24569/)\n[Secunia Advisory ID:25588](https://secuniaresearch.flexerasoftware.com/advisories/25588/)\n[Secunia Advisory ID:24205](https://secuniaresearch.flexerasoftware.com/advisories/24205/)\n[Secunia Advisory ID:24343](https://secuniaresearch.flexerasoftware.com/advisories/24343/)\n[Secunia Advisory ID:24342](https://secuniaresearch.flexerasoftware.com/advisories/24342/)\n[Secunia Advisory ID:25597](https://secuniaresearch.flexerasoftware.com/advisories/25597/)\n[Secunia Advisory ID:24703](https://secuniaresearch.flexerasoftware.com/advisories/24703/)\n[Secunia Advisory ID:24650](https://secuniaresearch.flexerasoftware.com/advisories/24650/)\n[Secunia Advisory ID:24253](https://secuniaresearch.flexerasoftware.com/advisories/24253/)\n[Secunia Advisory ID:24384](https://secuniaresearch.flexerasoftware.com/advisories/24384/)\n[Secunia Advisory ID:24522](https://secuniaresearch.flexerasoftware.com/advisories/24522/)\n[Secunia Advisory ID:24410](https://secuniaresearch.flexerasoftware.com/advisories/24410/)\n[Secunia Advisory ID:24389](https://secuniaresearch.flexerasoftware.com/advisories/24389/)\n[Secunia Advisory ID:24395](https://secuniaresearch.flexerasoftware.com/advisories/24395/)\n[Related OSVDB ID: 32105](https://vulners.com/osvdb/OSVDB:32105)\nRedHat RHSA: RHSA-2007:0079\nRedHat RHSA: RHSA-2007:0108-4\nRedHat RHSA: RHSA-2007:0078\nRedHat RHSA: RHSA-2007:0077\nRedHat RHSA: RHSA-2007:0097-5\nRedHat RHSA: RHSA-2007:0078-2\nOther Advisory URL: http://www.ubuntu.com/usn/usn-431-1\nOther Advisory URL: http://www.ubuntu.com/usn/usn-428-2\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html\nOther Advisory URL: http://www.us.debian.org/security/2007/dsa-1336\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:050\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200703-18.xml\nOther Advisory URL: http://www.ubuntu.com/usn/usn-428-1\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc\nOther Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=483\nOther Advisory URL: http://fedoranews.org/cms/node/2709\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0006.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:052\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0547.html\nGeneric Informational URL: http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html\nGeneric Informational URL: http://www.mozilla.org/projects/security/known-vulnerabilities.html\nFrSIRT Advisory: ADV-2007-0719\nFrSIRT Advisory: ADV-2007-0718\n[CVE-2007-0009](https://vulners.com/cve/CVE-2007-0009)\nCIAC Advisory: R-164\nCERT VU: 592796\n", "edition": 1, "modified": "2007-02-23T12:03:50", "published": "2007-02-23T12:03:50", "href": "https://vulners.com/osvdb/OSVDB:32106", "id": "OSVDB:32106", "title": "Mozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:28", "bulletinFamily": "software", "cvelist": ["CVE-2007-0008"], "description": "## Vulnerability Description\nA remote overflow exists in multiple versions of Mozilla Firefox, Mozilla Network Security Services (NSS), Mozilla SeaMonkey, and Mozilla Thunderbird. The vulnerability is due to an error in the Network Security Services (NSS) code that can occur when processing certain SSLv2 server messages. The products fail to properly process SSL server certificates which possess an RSA public key that is too small to encrypt the entire SSLv2 \"Master Secret\". This may result in a heap-based overflow and may allow an attacker execution of arbitrary code, resulting in a loss of integrity and/or availability.\n## Technical Description\nSupport for SSLv2 is disabled in Firefox 2 due to other known weaknesses in the protocol; Firefox 2 is not vulnerable unless the user has modified hidden internal NSS settings to re-enable SSLv2 support.\n\nBelow is the NSS CVS change that fixes the vulnerability:\n===================================================================\nIndex: sslcon.c\n===================================================================\nRCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslcon.c,v\nretrieving revision 1.34\ndiff -p -u -9 -r1.34 sslcon.c\n--- sslcon.c\t14 Nov 2006 01:09:54 -0000\t1.34\n+++ sslcon.c\t19 Dec 2006 08:08:39 -0000\n@@ -1975,19 +1975,22 @@ ssl2_ClientHandleServerCert(sslSocket *s\n unsigned char *\n ssl_FormatSSL2Block(unsigned modulusLen, SECItem *data)\n {\n unsigned char *block;\n unsigned char *bp;\n int padLen;\n SECStatus rv;\n int i;\n- PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));\n+ if (modulusLen < data->len + (3 + RSA_BLOCK_MIN_PAD_LEN)) {\n+\tPORT_SetError(SEC_ERROR_BAD_KEY);\n+ \treturn NULL;\n+ }\n block = (unsigned char *) PORT_Alloc(modulusLen);\n if (block == NULL)\n \treturn NULL;\n bp = block;\n## Solution Description\nUpgrade to the following versions of the affected products as these versions have been reported to fix this vulnerability:\nMozilla Network Security Services (NSS): version 3.11.5 or higher\nMozilla Firefox: version 2.0.2 or higher\nMozilla Thunderbird: version 1.5.0.10 or higher\nMozilla SeaMonkey: version 1.0.8 or higher \n\nIt is also possible to correct the flaw by implementing the following workaround(s): Disable the SSLv2 protocol in any product that has not already done so.\nIn Mozilla Firefox 1.5:\n1) Click on the Advanced icon in the Options/Preferences dialog.\n2) On the Security tab uncheck the box next to \"Use SSL 2.0\"\n3) Click the \"OK\" button.\n\nIn Mozilla Thunderbird 1.5:\n1) Click on the Advanced icon in the Options/Preferences dialog.\n2) Click the \"Config Editor...\" button.\n3) Type ssl2 in the Filter field\n4) Double-click security.enable_ssl2 to change the value to false and close the window. \n\nMozilla Network Security Services (NSS):\nDisable the SSLv2 protocol.\n## Short Description\nA remote overflow exists in multiple versions of Mozilla Firefox, Mozilla Network Security Services (NSS), Mozilla SeaMonkey, and Mozilla Thunderbird. The vulnerability is due to an error in the Network Security Services (NSS) code that can occur when processing certain SSLv2 server messages. The products fail to properly process SSL server certificates which possess an RSA public key that is too small to encrypt the entire SSLv2 \"Master Secret\". This may result in a heap-based overflow and may allow an attacker execution of arbitrary code, resulting in a loss of integrity and/or availability.\n## References:\nVendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=364319\n[Vendor Specific Advisory URL](http://www.mozilla.org/security/announce/2007/mfsa2007-06.html)\n[Vendor Specific Advisory URL](http://lists.rpath.com/pipermail/security-announce/2007-February/000153.html)\n[Vendor Specific Advisory URL](http://fedoranews.org/cms/node/2713)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc)\nSecurity Tracker: 1017720\nSecurity Tracker: 1017696\nSecurity Tracker: 1017776\n[Secunia Advisory ID:24562](https://secuniaresearch.flexerasoftware.com/advisories/24562/)\n[Secunia Advisory ID:24333](https://secuniaresearch.flexerasoftware.com/advisories/24333/)\n[Secunia Advisory ID:24455](https://secuniaresearch.flexerasoftware.com/advisories/24455/)\n[Secunia Advisory ID:24569](https://secuniaresearch.flexerasoftware.com/advisories/24569/)\n[Secunia Advisory ID:25588](https://secuniaresearch.flexerasoftware.com/advisories/25588/)\n[Secunia Advisory ID:24205](https://secuniaresearch.flexerasoftware.com/advisories/24205/)\n[Secunia Advisory ID:24343](https://secuniaresearch.flexerasoftware.com/advisories/24343/)\n[Secunia Advisory ID:24342](https://secuniaresearch.flexerasoftware.com/advisories/24342/)\n[Secunia Advisory ID:24406](https://secuniaresearch.flexerasoftware.com/advisories/24406/)\n[Secunia Advisory ID:25597](https://secuniaresearch.flexerasoftware.com/advisories/25597/)\n[Secunia Advisory ID:24457](https://secuniaresearch.flexerasoftware.com/advisories/24457/)\n[Secunia Advisory ID:24703](https://secuniaresearch.flexerasoftware.com/advisories/24703/)\n[Secunia Advisory ID:24650](https://secuniaresearch.flexerasoftware.com/advisories/24650/)\n[Secunia Advisory ID:24253](https://secuniaresearch.flexerasoftware.com/advisories/24253/)\n[Secunia Advisory ID:24384](https://secuniaresearch.flexerasoftware.com/advisories/24384/)\n[Secunia Advisory ID:24456](https://secuniaresearch.flexerasoftware.com/advisories/24456/)\n[Secunia Advisory ID:24522](https://secuniaresearch.flexerasoftware.com/advisories/24522/)\n[Secunia Advisory ID:24410](https://secuniaresearch.flexerasoftware.com/advisories/24410/)\n[Secunia Advisory ID:24389](https://secuniaresearch.flexerasoftware.com/advisories/24389/)\n[Secunia Advisory ID:24395](https://secuniaresearch.flexerasoftware.com/advisories/24395/)\n[Related OSVDB ID: 32106](https://vulners.com/osvdb/OSVDB:32106)\nRedHat RHSA: RHSA-2007:0079\nRedHat RHSA: RHSA-2007:0108-4\nRedHat RHSA: RHSA-2007:0078\nRedHat RHSA: RHSA-2007:0077\nRedHat RHSA: RHSA-2007:0097-5\nRedHat RHSA: RHSA-2007:0078-2\nOther Advisory URL: http://www.ubuntu.com/usn/usn-428-2\nOther Advisory URL: http://www.ubuntu.com/usn/usn-431-1\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200703-22.xml\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851\nOther Advisory URL: http://www.us.debian.org/security/2007/dsa-1336\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1\nOther Advisory URL: http://fedoranews.org/cms/node/2728\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:050\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200703-18.xml\nOther Advisory URL: http://fedoranews.org/cms/node/2721\nOther Advisory URL: http://www.ubuntu.com/usn/usn-428-1\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc\nOther Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482\nOther Advisory URL: http://fedoranews.org/cms/node/2709\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Mar/0006.html\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:052\nOther Advisory URL: http://fedoranews.org/cms/node/2747\nISS X-Force ID: 32666\nGeneric Informational URL: http://www.mozilla.org/projects/security/known-vulnerabilities.html\nFrSIRT Advisory: ADV-2007-0719\nFrSIRT Advisory: ADV-2007-0718\n[CVE-2007-0008](https://vulners.com/cve/CVE-2007-0008)\nCIAC Advisory: R-164\nCERT VU: 377812\nBugtraq ID: 22694\n", "edition": 1, "modified": "2007-02-23T12:03:50", "published": "2007-02-23T12:03:50", "href": "https://vulners.com/osvdb/OSVDB:32105", "id": "OSVDB:32105", "title": "Mozilla Multiple Product NSS SSLv2 Client Overflow", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:21:29", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0045", "CVE-2007-0981", "CVE-2007-0778", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0994"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1336-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJuly 22nd, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla-firefox\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-1282 CVE-2007-0994 CVE-2007-0995 CVE-2007-0996 CVE-2007-0981 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0778 CVE-2007-0045 CVE-2006-6077\n\nSeveral remote vulnerabilities have been discovered in Mozilla Firefox.\n\nThis will be the last security update of Mozilla-based products for\nthe oldstable (sarge) distribution of Debian. We recommend to upgrade\nto stable (etch) as soon as possible.\n\nThe Common Vulnerabilities and Exposures project identifies the following\nvulnerabilities:\n\nCVE-2007-1282\n\n It was discovered that an integer overflow in text/enhanced message\n parsing allows the execution of arbitrary code.\n\nCVE-2007-0994\n\n It was discovered that a regression in the Javascript engine allows\n the execution of Javascript with elevated privileges.\n\nCVE-2007-0995\n\n It was discovered that incorrect parsing of invalid HTML characters\n allows the bypass of content filters.\n\nCVE-2007-0996\n\n It was discovered that insecure child frame handling allows cross-site\n scripting.\n\nCVE-2007-0981\n\n It was discovered that Firefox handles URI withs a null byte in the\n hostname insecurely.\n\nCVE-2007-0008\n\n It was discovered that a buffer overflow in the NSS code allows the\n execution of arbitrary code.\n\nCVE-2007-0009\n\n It was discovered that a buffer overflow in the NSS code allows the\n execution of arbitrary code.\n\nCVE-2007-0775\n\n It was discovered that multiple programming errors in the layout engine\n allow the execution of arbitrary code.\n\nCVE-2007-0778\n\n It was discovered that the page cache calculates hashes in an insecure\n manner.\n\nCVE-2006-6077\n\n It was discovered that the password manager allows the disclosure of\n passwords.\n\nFor the oldstable distribution (sarge) these problems have been fixed in\nversion 1.0.4-2sarge17. You should upgrade to etch as soon as possible.\n\nThe stable distribution (etch) isn&#x27;t affected. These vulnerabilities have\nbeen fixed prior to the release of Debian etch.\n\nThe unstable distribution (sid) no longer contains mozilla-firefox. Iceweasel\nis already fixed.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.dsc\n Size/MD5 checksum: 1641 36715bb647cb3b7cd117edee90a34bfd\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17.diff.gz\n Size/MD5 checksum: 553311 4ba992e60e5c6b156054c5105b1134ae\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz\n Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_alpha.deb\n Size/MD5 checksum: 11221890 5d8d1de73d162edf8ddbaa40844bb454\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_alpha.deb\n Size/MD5 checksum: 172696 42d5c31ec7a2e3163846c347f04773df\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_alpha.deb\n Size/MD5 checksum: 63574 238529b9d4ae396dc01d786d4fb843b4\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_amd64.deb\n Size/MD5 checksum: 9429140 8394fcd85a7218db784160702efc5249\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_amd64.deb\n Size/MD5 checksum: 166496 795a8ec3e1aa1b0a718ad6f4439670ef\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_amd64.deb\n Size/MD5 checksum: 62022 ef315cc90c3780ff151cd2271e913859\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_arm.deb\n Size/MD5 checksum: 8244544 71eaf9cb5418a77410ff12c7f36eb32b\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_arm.deb\n Size/MD5 checksum: 157966 5e2e22d04a33ccbc0e6b19b4c4d43492\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_arm.deb\n Size/MD5 checksum: 57358 6f34a7a02114e48cadc6860b86f75130\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_hppa.deb\n Size/MD5 checksum: 10301620 3700a0b7dcb0ab061b3521e2a3f232f9\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_hppa.deb\n Size/MD5 checksum: 169432 387b8fa52d406dfdd26c3adc3ccac615\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_hppa.deb\n Size/MD5 checksum: 62500 80addaf2d87b6952fdc9104c5fc9dfde\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_i386.deb\n Size/MD5 checksum: 8919924 8fc67257357687c8611b3e4e5389aee4\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_i386.deb\n Size/MD5 checksum: 161684 6c989c4276e34c6031b6185418a8ddb1\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_i386.deb\n Size/MD5 checksum: 58896 7e48aa697c8c17f7d22de860a17e7dfd\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_ia64.deb\n Size/MD5 checksum: 11664142 aa008699700ba3c8b45d3a8961e99192\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_ia64.deb\n Size/MD5 checksum: 172030 e79af50f04490de310cda7f6ce652d44\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_ia64.deb\n Size/MD5 checksum: 66718 8cabdbf0919ac447c5d492ef6227d9af\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_m68k.deb\n Size/MD5 checksum: 8196148 e3544446b371fd7ed4b79e53f69b556a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_m68k.deb\n Size/MD5 checksum: 160556 0164d4c0f675a020643ccedf94a55eb8\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_m68k.deb\n Size/MD5 checksum: 58168 b429907e69e8daa7d51e45552659da27\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mips.deb\n Size/MD5 checksum: 9954006 0eb0513fc950e7cd8abcae9666b24a7b\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mips.deb\n Size/MD5 checksum: 159496 ca0585a663a5470d3a62ae0786864beb\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mips.deb\n Size/MD5 checksum: 59170 22ea96156de56d046a7afd73d4857419\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_mipsel.deb\n Size/MD5 checksum: 9831728 dda6865c7290fce658847f0909617c73\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mipsel.deb\n Size/MD5 checksum: 159060 e7a7c4db0f5df82f84ceef6827df2bea\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_mipsel.deb\n Size/MD5 checksum: 58984 b0b02ac1c62041db8d377a7ff40c013c\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge15_powerpc.deb\n Size/MD5 checksum: 8587718 8d219ce9e684b86babfe31db9d7d9658\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge15_powerpc.deb\n Size/MD5 checksum: 159762 41f3707945d5edae6ee1ac90bdef5cab\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge15_powerpc.deb\n Size/MD5 checksum: 60936 1a79408acd12828a3710393e05d99914\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_s390.deb\n Size/MD5 checksum: 9667078 5838d957637b4d4c2c19afea0dd68db5\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_s390.deb\n Size/MD5 checksum: 167092 4dd6de7299014d5e0c13da8e480a7f3c\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_s390.deb\n Size/MD5 checksum: 61472 64d10c667ed4c6c12947c49f5cca8ff6\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge17_sparc.deb\n Size/MD5 checksum: 8680322 241cddabdf91eb14b0a6529ffc84a51d\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge17_sparc.deb\n Size/MD5 checksum: 160304 7887081b85d3ead3994a997608bbe22a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge17_sparc.deb\n Size/MD5 checksum: 57718 4a4eeeb0815cb03d51f74965403911ad\n\n These files will probably be moved into the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2007-07-22T00:00:00", "published": "2007-07-22T00:00:00", "id": "DEBIAN:DSA-1336-1:293E6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00097.html", "title": "[SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several\tvulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:37", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800"], "description": "\nThe Mozilla Foundation reports of multiple security issues\n\t in Firefox, Seamonkey, and Thunderbird. Several of these\n\t issues can probably be used to run arbitrary code with the\n\t privilege of the user running the program.\n\n\nMFSA 2007-08 onUnload + document.write() memory corruption\nMFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks\nMFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow\nMFSA 2007-05 XSS and local file access by opening blocked popups\nMFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot\nMFSA 2007-03 Information disclosure through cache collisions\nMFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks\nMFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)\n\n\n", "edition": 4, "modified": "2007-04-19T00:00:00", "published": "2007-02-23T00:00:00", "id": "12BD6ECF-C430-11DB-95C5-000C6EC775D9", "href": "https://vuxml.freebsd.org/freebsd/12bd6ecf-c430-11db-95c5-000c6ec775d9.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:57", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6077", "CVE-2007-0008", "CVE-2007-0009", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0778", "CVE-2007-0779", "CVE-2007-0780", "CVE-2007-0800", "CVE-2007-0981", "CVE-2007-0995", "CVE-2007-0996", "CVE-2007-1282"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain malformed\r\nJavaScript code. A malicious HTML mail message could execute JavaScript\r\ncode in such a way that may result in Thunderbird crashing or executing\r\narbitrary code as the user running Thunderbird. JavaScript support is\r\ndisabled by default in Thunderbird; these issues are not exploitable unless\r\nthe user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way Thunderbird\r\nprocessed certain malformed HTML mail messages. A malicious HTML mail\r\nmessage could display misleading information which may result in a user\r\nunknowingly divulging sensitive information such as a password.\r\n(CVE-2006-6077, CVE-2007-0995, CVE-2007-0996)\r\n\r\nA flaw was found in the way Thunderbird processed text/enhanced and\r\ntext/richtext formatted mail message. A specially crafted mail message\r\ncould execute arbitrary code with the privileges of the user running\r\nThunderbird. (CVE-2007-1282)\r\n\r\nA flaw was found in the way Thunderbird cached web content on the local\r\ndisk. A malicious HTML mail message may be able to inject arbitrary HTML\r\ninto a browsing session if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way Thunderbird displayed certain web content. A\r\nmalicious HTML mail message could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way Thunderbird displayed blocked popup\r\nwindows. If a user can be convinced to open a blocked popup, it is possible\r\nto read arbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nThunderbird. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way Thunderbird handled the \"location.hostname\"\r\nvalue during certain browser domain checks. This flaw could allow a\r\nmalicious HTML mail message to set domain cookies for an arbitrary site, or\r\npossibly perform an XSS attack. (CVE-2007-0981)\r\n\r\nUsers of Thunderbird are advised to apply this update, which contains\r\nThunderbird version 1.5.0.10 that corrects these issues.", "modified": "2017-09-08T11:50:29", "published": "2007-03-13T04:00:00", "id": "RHSA-2007:0108", "href": "https://access.redhat.com/errata/RHSA-2007:0108", "type": "redhat", "title": "(RHSA-2007:0108) Critical: thunderbird security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:22", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6077", "CVE-2007-0008", "CVE-2007-0009", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0778", "CVE-2007-0779", "CVE-2007-0780", "CVE-2007-0800", "CVE-2007-0981", "CVE-2007-0994", "CVE-2007-0995", "CVE-2007-0996"], "description": "Mozilla Firefox is an open source Web browser.\r\n\r\nFlaws were found in the way Firefox executed malformed JavaScript code. A\r\nmalicious web page could cause Firefox to crash or allow arbitrary code \r\nto be executed as the user running Firefox. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nCross-site scripting (XSS) flaws were found in Firefox. A malicious web\r\npage could display misleading information, allowing a user to unknowingly\r\ndivulge sensitive information, such as a password. (CVE-2006-6077, \r\nCVE-2007-0995, CVE-2007-0996)\r\n\r\nA flaw was found in the way Firefox processed JavaScript contained in\r\ncertain tags. A malicious web page could cause Firefox to execute\r\nJavaScript code with the privileges of the user running Firefox.\r\n(CVE-2007-0994)\r\n\r\nA flaw was found in the way Firefox cached web pages on the local disk. A\r\nmalicious web page may have been able to inject arbitrary HTML into a\r\nbrowsing session if the user reloaded a targeted site. (CVE-2007-0778)\r\n\r\nCertain web content could overlay Firefox user interface elements such as\r\nthe hostname and security indicators. A malicious web page could trick a\r\nuser into thinking they were visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in Firefox's displaying of blocked popup windows. If a\r\nuser could be convinced to open a blocked popup, it was possible to read\r\narbitrary local files, or conduct a cross-site scripting attack against the\r\nuser.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nFirefox. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way Firefox handled the \"location.hostname\" value.\r\n A malicious web page could set domain cookies for an arbitrary site, or\r\npossibly perform a cross-site scripting attack. (CVE-2007-0981)\r\n\t\r\nUsers of Firefox are advised to upgrade to this erratum package, containing\r\nFirefox version 1.5.0.10 which is not vulnerable to these issues.", "modified": "2017-09-08T11:54:12", "published": "2007-03-14T04:00:00", "id": "RHSA-2007:0097", "href": "https://access.redhat.com/errata/RHSA-2007:0097", "type": "redhat", "title": "(RHSA-2007:0097) Critical: firefox security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:36", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6077", "CVE-2007-0008", "CVE-2007-0009", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0778", "CVE-2007-0779", "CVE-2007-0780", "CVE-2007-0800", "CVE-2007-0981", "CVE-2007-0995", "CVE-2007-0996", "CVE-2007-1092", "CVE-2007-1282"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain malformed\r\nJavaScript code. A malicious HTML mail message could execute JavaScript\r\ncode in such a way that may result in Thunderbird crashing or executing\r\narbitrary code as the user running Thunderbird. JavaScript support is\r\ndisabled by default in Thunderbird; these issues are not exploitable unless\r\nthe user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092)\r\n\r\nA flaw was found in the way Thunderbird processed text/enhanced and\r\ntext/richtext formatted mail message. A specially crafted mail message\r\ncould execute arbitrary code with the privileges of the user running\r\nThunderbird. (CVE-2007-1282)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way Thunderbird\r\nprocessed certain malformed HTML mail messages. A malicious HTML mail\r\nmessage could display misleading information which may result in a user\r\nunknowingly divulging sensitive information such as a password.\r\n(CVE-2006-6077, CVE-2007-0995, CVE-2007-0996)\r\n\r\nA flaw was found in the way Thunderbird cached web content on the local\r\ndisk. A malicious HTML mail message may be able to inject arbitrary HTML\r\ninto a browsing session if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way Thunderbird displayed certain web content. A\r\nmalicious HTML mail message could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way Thunderbird displayed blocked popup\r\nwindows. If a user can be convinced to open a blocked popup, it is possible\r\nto read arbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nThunderbird. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way Thunderbird handled the \"location.hostname\"\r\nvalue during certain browser domain checks. This flaw could allow a\r\nmalicious HTML mail message to set domain cookies for an arbitrary site, or\r\npossibly perform an XSS attack. (CVE-2007-0981)\r\n\r\nUsers of Thunderbird are advised to apply this update, which contains\r\nThunderbird version 1.5.0.10 that corrects these issues.", "modified": "2017-09-08T12:07:03", "published": "2007-03-02T05:00:00", "id": "RHSA-2007:0078", "href": "https://access.redhat.com/errata/RHSA-2007:0078", "type": "redhat", "title": "(RHSA-2007:0078) Critical: thunderbird security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:33:25", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6077", "CVE-2007-0008", "CVE-2007-0009", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0778", "CVE-2007-0779", "CVE-2007-0780", "CVE-2007-0800", "CVE-2007-0981", "CVE-2007-0994", "CVE-2007-0995", "CVE-2007-0996", "CVE-2007-1092"], "description": "Mozilla Firefox is an open source Web browser.\r\n\r\nSeveral flaws were found in the way Firefox processed certain malformed\r\nJavaScript code. A malicious web page could execute JavaScript code in such\r\na way that may result in Firefox crashing or executing arbitrary code as\r\nthe user running Firefox. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way Firefox\r\nprocessed certain malformed web pages. A malicious web page could display\r\nmisleading information which may result in a user unknowingly divulging\r\nsensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,\r\nCVE-2007-0996)\r\n\r\nA flaw was found in the way Firefox cached web pages on the local disk. A\r\nmalicious web page may be able to inject arbitrary HTML into a browsing\r\nsession if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way Firefox displayed certain web content. A\r\nmalicious web page could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way Firefox displayed blocked popup windows. If\r\na user can be convinced to open a blocked popup, it is possible to read\r\narbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nFirefox. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way Firefox handled the \"location.hostname\" value\r\nduring certain browser domain checks. This flaw could allow a malicious web\r\nsite to set domain cookies for an arbitrary site, or possibly perform an\r\nXSS attack. (CVE-2007-0981)\r\n\r\nUsers of Firefox are advised to upgrade to these erratum packages, which\r\ncontain Firefox version 1.5.0.10 that corrects these issues.", "modified": "2017-09-08T12:06:26", "published": "2007-02-23T05:00:00", "id": "RHSA-2007:0079", "href": "https://access.redhat.com/errata/RHSA-2007:0079", "type": "redhat", "title": "(RHSA-2007:0079) Critical: Firefox security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:32:30", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6077", "CVE-2007-0008", "CVE-2007-0009", "CVE-2007-0775", "CVE-2007-0777", "CVE-2007-0778", "CVE-2007-0779", "CVE-2007-0780", "CVE-2007-0800", "CVE-2007-0981", "CVE-2007-0994", "CVE-2007-0995", "CVE-2007-0996", "CVE-2007-1092", "CVE-2007-1282"], "description": "SeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain malformed\r\nJavaScript code. A malicious web page could execute JavaScript code in such\r\na way that may result in SeaMonkey crashing or executing arbitrary code as\r\nthe user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way SeaMonkey\r\nprocessed certain malformed web pages. A malicious web page could display\r\nmisleading information which may result in a user unknowingly divulging\r\nsensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,\r\nCVE-2007-0996)\r\n\r\nA flaw was found in the way SeaMonkey cached web pages on the local disk. A\r\nmalicious web page may be able to inject arbitrary HTML into a browsing\r\nsession if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way SeaMonkey displayed certain web content. A\r\nmalicious web page could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way SeaMonkey displayed blocked popup windows.\r\nIf a user can be convinced to open a blocked popup, it is possible to read\r\narbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nSeaMonkey. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way SeaMonkey handled the \"location.hostname\" value\r\nduring certain browser domain checks. This flaw could allow a malicious web\r\nsite to set domain cookies for an arbitrary site, or possibly perform an\r\nXSS attack. (CVE-2007-0981)\r\n\r\nUsers of SeaMonkey are advised to upgrade to these erratum packages, which\r\ncontain SeaMonkey version 1.0.8 that corrects these issues.", "modified": "2019-03-22T23:42:33", "published": "2007-02-23T05:00:00", "id": "RHSA-2007:0077", "href": "https://access.redhat.com/errata/RHSA-2007:0077", "type": "redhat", "title": "(RHSA-2007:0077) Critical: seamonkey security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:14", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0078\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\r\n\r\nSeveral flaws were found in the way Thunderbird processed certain malformed\r\nJavaScript code. A malicious HTML mail message could execute JavaScript\r\ncode in such a way that may result in Thunderbird crashing or executing\r\narbitrary code as the user running Thunderbird. JavaScript support is\r\ndisabled by default in Thunderbird; these issues are not exploitable unless\r\nthe user has enabled JavaScript. (CVE-2007-0775, CVE-2007-0777, CVE-2007-1092)\r\n\r\nA flaw was found in the way Thunderbird processed text/enhanced and\r\ntext/richtext formatted mail message. A specially crafted mail message\r\ncould execute arbitrary code with the privileges of the user running\r\nThunderbird. (CVE-2007-1282)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way Thunderbird\r\nprocessed certain malformed HTML mail messages. A malicious HTML mail\r\nmessage could display misleading information which may result in a user\r\nunknowingly divulging sensitive information such as a password.\r\n(CVE-2006-6077, CVE-2007-0995, CVE-2007-0996)\r\n\r\nA flaw was found in the way Thunderbird cached web content on the local\r\ndisk. A malicious HTML mail message may be able to inject arbitrary HTML\r\ninto a browsing session if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way Thunderbird displayed certain web content. A\r\nmalicious HTML mail message could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way Thunderbird displayed blocked popup\r\nwindows. If a user can be convinced to open a blocked popup, it is possible\r\nto read arbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nThunderbird. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way Thunderbird handled the \"location.hostname\"\r\nvalue during certain browser domain checks. This flaw could allow a\r\nmalicious HTML mail message to set domain cookies for an arbitrary site, or\r\npossibly perform an XSS attack. (CVE-2007-0981)\r\n\r\nUsers of Thunderbird are advised to apply this update, which contains\r\nThunderbird version 1.5.0.10 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-March/025626.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-March/025627.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-March/025628.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-March/025629.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0078.html", "edition": 3, "modified": "2007-03-04T20:38:18", "published": "2007-03-04T11:06:21", "href": "http://lists.centos.org/pipermail/centos-announce/2007-March/025626.html", "id": "CESA-2007:0078", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-17T03:30:53", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0079\n\n\nMozilla Firefox is an open source Web browser.\r\n\r\nSeveral flaws were found in the way Firefox processed certain malformed\r\nJavaScript code. A malicious web page could execute JavaScript code in such\r\na way that may result in Firefox crashing or executing arbitrary code as\r\nthe user running Firefox. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way Firefox\r\nprocessed certain malformed web pages. A malicious web page could display\r\nmisleading information which may result in a user unknowingly divulging\r\nsensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,\r\nCVE-2007-0996)\r\n\r\nA flaw was found in the way Firefox cached web pages on the local disk. A\r\nmalicious web page may be able to inject arbitrary HTML into a browsing\r\nsession if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way Firefox displayed certain web content. A\r\nmalicious web page could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way Firefox displayed blocked popup windows. If\r\na user can be convinced to open a blocked popup, it is possible to read\r\narbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nFirefox. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way Firefox handled the \"location.hostname\" value\r\nduring certain browser domain checks. This flaw could allow a malicious web\r\nsite to set domain cookies for an arbitrary site, or possibly perform an\r\nXSS attack. (CVE-2007-0981)\r\n\r\nUsers of Firefox are advised to upgrade to these erratum packages, which\r\ncontain Firefox version 1.5.0.10 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025602.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025604.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025605.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025606.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025611.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025612.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0079.html", "edition": 7, "modified": "2007-02-24T21:52:48", "published": "2007-02-24T13:53:25", "href": "http://lists.centos.org/pipermail/centos-announce/2007-February/025602.html", "id": "CESA-2007:0079", "title": "firefox security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:24", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0077-06\n\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain malformed\r\nJavaScript code. A malicious web page could execute JavaScript code in such\r\na way that may result in SeaMonkey crashing or executing arbitrary code as\r\nthe user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way SeaMonkey\r\nprocessed certain malformed web pages. A malicious web page could display\r\nmisleading information which may result in a user unknowingly divulging\r\nsensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,\r\nCVE-2007-0996)\r\n\r\nA flaw was found in the way SeaMonkey cached web pages on the local disk. A\r\nmalicious web page may be able to inject arbitrary HTML into a browsing\r\nsession if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way SeaMonkey displayed certain web content. A\r\nmalicious web page could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way SeaMonkey displayed blocked popup windows.\r\nIf a user can be convinced to open a blocked popup, it is possible to read\r\narbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nSeaMonkey. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way SeaMonkey handled the \"location.hostname\" value\r\nduring certain browser domain checks. This flaw could allow a malicious web\r\nsite to set domain cookies for an arbitrary site, or possibly perform an\r\nXSS attack. (CVE-2007-0981)\r\n\r\nUsers of SeaMonkey are advised to upgrade to these erratum packages, which\r\ncontain SeaMonkey version 1.0.8 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-March/025663.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2007-03-16T07:21:16", "published": "2007-03-16T07:21:16", "href": "http://lists.centos.org/pipermail/centos-announce/2007-March/025663.html", "id": "CESA-2007:0077-06", "title": "seamonkey security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:28:04", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0077-01\n\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain malformed\r\nJavaScript code. A malicious web page could execute JavaScript code in such\r\na way that may result in SeaMonkey crashing or executing arbitrary code as\r\nthe user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way SeaMonkey\r\nprocessed certain malformed web pages. A malicious web page could display\r\nmisleading information which may result in a user unknowingly divulging\r\nsensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,\r\nCVE-2007-0996)\r\n\r\nA flaw was found in the way SeaMonkey cached web pages on the local disk. A\r\nmalicious web page may be able to inject arbitrary HTML into a browsing\r\nsession if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way SeaMonkey displayed certain web content. A\r\nmalicious web page could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way SeaMonkey displayed blocked popup windows.\r\nIf a user can be convinced to open a blocked popup, it is possible to read\r\narbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nSeaMonkey. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way SeaMonkey handled the \"location.hostname\" value\r\nduring certain browser domain checks. This flaw could allow a malicious web\r\nsite to set domain cookies for an arbitrary site, or possibly perform an\r\nXSS attack. (CVE-2007-0981)\r\n\r\nUsers of SeaMonkey are advised to upgrade to these erratum packages, which\r\ncontain SeaMonkey version 1.0.8 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025615.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2007-02-25T05:59:36", "published": "2007-02-25T05:59:36", "href": "http://lists.centos.org/pipermail/centos-announce/2007-February/025615.html", "id": "CESA-2007:0077-01", "title": "seamonkey security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-08T03:33:31", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0077\n\n\nSeaMonkey is an open source Web browser, advanced email and newsgroup\r\nclient, IRC chat client, and HTML editor.\r\n\r\nSeveral flaws were found in the way SeaMonkey processed certain malformed\r\nJavaScript code. A malicious web page could execute JavaScript code in such\r\na way that may result in SeaMonkey crashing or executing arbitrary code as\r\nthe user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777)\r\n\r\nSeveral cross-site scripting (XSS) flaws were found in the way SeaMonkey\r\nprocessed certain malformed web pages. A malicious web page could display\r\nmisleading information which may result in a user unknowingly divulging\r\nsensitive information such as a password. (CVE-2006-6077, CVE-2007-0995,\r\nCVE-2007-0996)\r\n\r\nA flaw was found in the way SeaMonkey cached web pages on the local disk. A\r\nmalicious web page may be able to inject arbitrary HTML into a browsing\r\nsession if the user reloads a targeted site. (CVE-2007-0778)\r\n\r\nA flaw was found in the way SeaMonkey displayed certain web content. A\r\nmalicious web page could generate content which could overlay user\r\ninterface elements such as the hostname and security indicators, tricking a\r\nuser into thinking they are visiting a different site. (CVE-2007-0779)\r\n\r\nTwo flaws were found in the way SeaMonkey displayed blocked popup windows.\r\nIf a user can be convinced to open a blocked popup, it is possible to read\r\narbitrary local files, or conduct an XSS attack against the user.\r\n(CVE-2007-0780, CVE-2007-0800)\r\n\r\nTwo buffer overflow flaws were found in the Network Security Services (NSS)\r\ncode for processing the SSLv2 protocol. Connecting to a malicious secure\r\nweb server could cause the execution of arbitrary code as the user running\r\nSeaMonkey. (CVE-2007-0008, CVE-2007-0009)\r\n\r\nA flaw was found in the way SeaMonkey handled the \"location.hostname\" value\r\nduring certain browser domain checks. This flaw could allow a malicious web\r\nsite to set domain cookies for an arbitrary site, or possibly perform an\r\nXSS attack. (CVE-2007-0981)\r\n\r\nUsers of SeaMonkey are advised to upgrade to these erratum packages, which\r\ncontain SeaMonkey version 1.0.8 that corrects these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025603.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025607.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025608.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025609.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025610.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025613.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025614.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/025617.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/037951.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/037952.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/037953.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-February/037954.html\n\n**Affected packages:**\ndevhelp\ndevhelp-devel\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2007-0077.html", "edition": 8, "modified": "2007-02-27T19:01:08", "published": "2007-02-24T14:49:37", "href": "http://lists.centos.org/pipermail/centos-announce/2007-February/025603.html", "id": "CESA-2007:0077", "title": "devhelp, seamonkey security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:13", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": " [1.5.0.10-0.1.el4.0.1]\n - Replace default bookmarks and prefs\n \n [1.5.0.10-0.1.el4]\n - Update to 1.5.0.10 (RC)\n \n [1.5.0.9-0.2.el4]\n - Fix langpack support to start in the user's locale where possible ", "edition": 4, "modified": "2007-02-24T00:00:00", "published": "2007-02-24T00:00:00", "id": "ELSA-2007-0079", "href": "http://linux.oracle.com/errata/ELSA-2007-0079.html", "title": "Critical: Firefox security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:41", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800"], "description": " [1.5.0.10-0.1.el4.0.1]\n - defaults changed to oracle.\n \n [1.5.0.10-0.1.el4]\n - Update to 1.5.0.10\n \n [1.5.0.9-0.2.el4]\n - Fix langpack support to start in the user's locale where possible\n - Allow OpenOffice to send files as Thunderbird attachments ", "edition": 4, "modified": "2007-03-02T00:00:00", "published": "2007-03-02T00:00:00", "id": "ELSA-2007-0078", "href": "http://linux.oracle.com/errata/ELSA-2007-0078.html", "title": "Critical: thunderbird security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2007-1282", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": " seamonkey-1.0.8-0.1.el4.0.1:\n \n [1.0.8-0.1.el4.0.1]\n - Replace default bookmarks and prefs\n \n [1.0.8-0.1.el4]\n - Update to 1.0.8 (RC)\n \n [1.0.7-0.2.el4]\n - added fix for #204589: mozilla-config points to the wrong places\n \n \n devhelp-0.10-0.7.el4:\n \n [0.10-0.7.el4]\n - Rebuild against newer gecko ", "edition": 4, "modified": "2007-02-24T00:00:00", "published": "2007-02-24T00:00:00", "id": "ELSA-2007-0077", "href": "http://linux.oracle.com/errata/ELSA-2007-0077.html", "title": "Critical: seamonkey security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:57:54", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": "The mozilla browsers in old products and Mozilla Seamonkey in SUSE Linux 10.1 were brought to Mozilla Seamonkey to version 1.0.8 and Mozilla Thunderbird was brought to version 1.5.0.10 to fix various security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2007-03-20T12:18:53", "published": "2007-03-20T12:18:53", "id": "SUSE-SA:2007:022", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-03/msg00007.html", "title": "remote code execution in mozilla,MozillaThunderbird,seamonkey", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:07:59", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0008", "CVE-2006-6077", "CVE-2007-0779", "CVE-2007-0996", "CVE-2007-0775", "CVE-2007-0981", "CVE-2007-0780", "CVE-2007-0778", "CVE-2007-0777", "CVE-2007-0776", "CVE-2007-1092", "CVE-2007-0995", "CVE-2007-0009", "CVE-2007-0800", "CVE-2007-0994"], "description": "The Mozilla Firefox web browser was updated to security update version 1.5.0.10 on older products and Mozilla Firefox to version 2.0.0.2 on openSUSE 10.2 to fix various security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2007-03-06T19:04:00", "published": "2007-03-06T19:04:00", "id": "SUSE-SA:2007:019", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-03/msg00002.html", "type": "suse", "title": "remote code execution in MozillaFirefox,seamonkey", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oracle": [{"lastseen": "2019-05-29T18:21:09", "bulletinFamily": "software", "cvelist": ["CVE-2014-0371", "CVE-2012-3544", "CVE-2014-0400", "CVE-2013-5879", "CVE-2013-5876", "CVE-2013-5889", "CVE-2013-2248", "CVE-2013-5909", "CVE-2007-0008", "CVE-2014-0392", "CVE-2013-5873", "CVE-2013-5858", "CVE-2014-0405", "CVE-2013-5860", "CVE-2014-0367", "CVE-2014-0385", "CVE-2013-5878", "CVE-2006-0999", "CVE-2014-0410", "CVE-2012-4558", "CVE-2014-0398", "CVE-2013-5897", "CVE-2013-2071", "CVE-2014-0404", "CVE-2014-0415", "CVE-2014-0434", "CVE-2013-5884", "CVE-2014-0435", "CVE-2014-0443", "CVE-2013-5870", "CVE-2014-0390", "CVE-2013-5905", "CVE-2013-5880", "CVE-2013-5904", "CVE-2014-0391", "CVE-2013-5888", "CVE-2013-5893", "CVE-2014-0387", "CVE-2013-2251", "CVE-2014-0393", "CVE-2014-0399", "CVE-2012-4605", "CVE-2013-5821", "CVE-2014-0431", "CVE-2013-5898", "CVE-2014-0427", "CVE-2014-0441", "CVE-2013-5900", "CVE-2013-1654", "CVE-2014-0433", "CVE-2014-0375", "CVE-2013-5886", "CVE-2014-0401", "CVE-2014-0396", "CVE-2014-0406", "CVE-2013-5872", "CVE-2014-0440", "CVE-2014-0425", "CVE-2013-5883", "CVE-2013-1862", "CVE-2013-5834", "CVE-2014-0418", "CVE-2014-0373", "CVE-2013-5877", "CVE-2013-5874", "CVE-2014-0439", "CVE-2014-0394", "CVE-2013-5887", "CVE-2014-0408", "CVE-2014-0376", "CVE-2014-0422", "CVE-2014-0419", "CVE-2014-0411", "CVE-2014-0369", "CVE-2014-0366", "CVE-2013-5882", "CVE-2013-5895", "CVE-2003-1067", "CVE-2014-0437", "CVE-2013-5885", "CVE-2013-5901", "CVE-2013-5881", "CVE-2013-2067", "CVE-2014-0389", "CVE-2014-0388", "CVE-2013-5899", "CVE-2014-0412", "CVE-2013-5896", "CVE-2013-3830", "CVE-2014-0417", "CVE-2014-0372", "CVE-2014-0407", "CVE-2013-5910", "CVE-2013-5906", "CVE-2014-0428", "CVE-2013-5891", "CVE-2014-0382", "CVE-2014-0370", "CVE-2013-5808", "CVE-2006-0998", "CVE-2013-2134", "CVE-2013-5871", "CVE-2014-0402", "CVE-2013-2924", "CVE-2013-4310", "CVE-2014-0368", "CVE-2014-0420", "CVE-2013-5853", "CVE-2014-0423", "CVE-2013-2135", "CVE-2013-5868", "CVE-2014-0430", "CVE-2014-0374", "CVE-2013-5875", "CVE-2013-5869", "CVE-2013-5907", "CVE-2014-0377", "CVE-2012-3499", "CVE-2013-5902", "CVE-2013-5894", "CVE-2013-5795", "CVE-2007-0009", "CVE-2013-5892", "CVE-2014-0381", "CVE-2014-0383", "CVE-2014-0424", "CVE-2014-0395", "CVE-2013-4316", "CVE-2014-0379", "CVE-2014-0403", "CVE-2013-5908", "CVE-2014-0386", "CVE-2007-1858", "CVE-2013-5785", "CVE-2014-0445", "CVE-2013-5764", "CVE-2014-0444", "CVE-2014-0378", "CVE-2013-5833", "CVE-2013-1620", "CVE-2013-5890", "CVE-2014-0416", "CVE-2014-0380", "CVE-2014-0438"], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 144 new security fixes across the product families listed below.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n", "modified": "2014-01-14T00:00:00", "published": "2014-01-14T00:00:00", "id": "ORACLE:CPUJAN2014-1972949", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - January 2014", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}