Firefox Installed (Mac OS X)

2011-06-24T00:00:00
ID MACOSX_FIREFOX_INSTALLED.NASL
Type nessus
Reporter Tenable
Modified 2017-05-30T00:00:00

Description

Mozilla Firefox is installed on the remote Mac OS X host.

                                        
                                            #TRUSTED 4c517ccf36324c177027cd1a23ec4147ceeb92d6dccefb4595ae331a5f8cc33f753f5215aa596fb2851716fbea3cf788750d1d83e1623a6acccd900ae3471c2f5958f76fad4ebe3ab999525af7f65d75e3286421cada20ad0b6df7df59b8f0fb5910c1f482533c7dfb9632c2c83ae84523b322c6d894fbc029065bdf755a0389e3325f08ce41bf306aad2b9f3aabdf27b0b2c94f58f85e229c271499aabb4e56b999b548a1b2593b7d73ce650420b135e96f8d164ad2324430aac1c757fce6391af92200d485a6d722a08f0b437d7830af7995958bc9ba74310fe574df91ed03c9bf2b751808f8ca642606b64f913f7628005823a44728624883801676d2aea535a428286910204a50bc04f1ff00ad36559044f037f684793759d6d961d3b1f0957f4bf926407635ea144f85788ebceec132d95039322532388e7ba365f2ae472306ed3b6516d27bcf594936a6bca51cb935a3c83011ec7e59f8aa948e29f4aab584ff7e65ffe2e40b685a34e7afd24f5b12abc588333f6734cca1dd996ec81ab503733d01bf518352ab7805e33e31af7873eaf9f80fb0feaf4b243be11c9285b9d78c1896b6ba293eb6e7ad7cd61293fab308e2bd5f4a14cc709c7c26f6f50a52decdd7f3eb936acb38a170ab71af83ac004d680236342a91006c08157a80298e83d085db9dc35f466d9949790dd9b597673d379adb3f7831cf6edcc1744b39
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(55417);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2017/05/30");

  script_name(english:"Firefox Installed (Mac OS X)");
  script_summary(english:"Gets the Firefox version from Info.plist.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Mac OS X host contains a web browser.");
  script_set_attribute(attribute:"description", value:
"Mozilla Firefox is installed on the remote Mac OS X host.");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/firefox/new/");
  script_set_attribute(attribute:"solution", value:"n/a");
  script_set_attribute(attribute:"risk_factor", value:"None");

  script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");
include("install_func.inc");


if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS)
  enable_ssh_wrappers();
else disable_ssh_wrappers();

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

os = get_kb_item("Host/MacOSX/Version");
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");

kb_base = "MacOSX/Firefox";

esr_ui = '';

path = '/Applications/Firefox.app';
plist = path + '/Contents/Info.plist';
cmd =  'plutil -convert xml1 -o - \'' + plist + '\' | ' +
  'grep -A 1 CFBundleShortVersionString | ' +
  'tail -n 1 | ' +
  'sed \'s/.*string>\\(.*\\)<\\/string>.*/\\1/g\'';
version = exec_cmd(cmd:cmd);
if (!strlen(version)) audit(AUDIT_NOT_INST, "Firefox");

if (version !~ "^[0-9]") audit(AUDIT_VER_FAIL, "Firefox");

# Check for ESR *before* saving anything
esr_major_versions_pattern = "^(10\.|17\.|24\.|31\.|38\.|45\.|52\.)";
if (version =~ esr_major_versions_pattern)
{
  xul_file = path + '/Contents/MacOS/XUL';
  cmd = 'grep -caie "esr.releasechannel\\|/builds/slave/\\(rel-\\)\\?m-esr[0-9]\\+-" '+xul_file;

  is_esr = exec_cmd(cmd:cmd);

  # is_esr will be any of :
  # 0 - not ESR, no matching lines
  # > 0 - ESR, more than zero matching lines
  # not an integer - ERROR of some sort
  if (strlen(is_esr))
  {
    if (is_esr =~ "[^0-9]") audit(AUDIT_FN_FAIL, "'"+cmd+"'", "a non-numeric value");

    is_esr = int(is_esr);

    if (is_esr > 0)
    {
      set_kb_item(name:kb_base+"/is_esr", value:TRUE);
      esr_ui = ' ESR';
    }
  }
  else audit(AUDIT_FN_FAIL, "'"+cmd+"'", "zero-length output");
}

set_kb_item(name:kb_base+"/Installed", value:TRUE);
set_kb_item(name:kb_base+"/Version", value:version);
set_kb_item(name:kb_base+"/Path", value:path);

register_install(
  app_name:"Firefox" + esr_ui,
  path:path,
  version:version,
  cpe:"cpe:/a:mozilla:firefox");

if (report_verbosity > 0)
{
  report =
    '\n  Path    : ' + path +
    '\n  Version : ' + version + esr_ui + '\n';
  security_note(port:0, extra:report);
}
else security_note(0);