Lucene search

nessusThis script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.MACOS_THUNDERBIRD_91_4_1.NASL
HistoryDec 20, 2021 - 12:00 a.m.

Mozilla Thunderbird < 91.4.1

This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-55 advisory.

  • When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. (CVE-2021-4126)

  • Thunderbird users who use the Matrix chat protocol were vulnerable to a buffer overflow in libolm, that an attacker may trigger by a crafted sequence of messages. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. (CVE-2021-44538)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

# (C) Tenable Network Security, Inc.
# The descriptive text and package checks in this plugin were
# extracted from Mozilla Foundation Security Advisory mfsa2021-55.
# The text itself is copyright (C) Mozilla Foundation.


if (description)
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/01/13");

  script_cve_id("CVE-2021-4126", "CVE-2021-44538");
  script_xref(name:"IAVA", value:"2021-A-0603-S");

  script_name(english:"Mozilla Thunderbird < 91.4.1");

  script_set_attribute(attribute:"synopsis", value:
"A mail client installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.4.1. It is, therefore, affected
by multiple vulnerabilities as referenced in the mfsa2021-55 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
  script_set_attribute(attribute:"see_also", value:"");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Mozilla Thunderbird version 91.4.1 or later.");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-44538");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/12/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/12/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/12/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:thunderbird");
  script_set_attribute(attribute:"stig_severity", value:"I");

  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");




var kb_base = 'MacOSX/Thunderbird';

var version = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);
var path = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);

var is_esr = get_kb_item(kb_base+'/is_esr');
if (is_esr) exit(0, 'The Mozilla Thunderbird installation is in the ESR branch.');

mozilla_check_version(version:version, path:path, product:'thunderbird', esr:FALSE, fix:'91.4.1', severity:SECURITY_HOLE);