Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2008-0221.NASL
HistoryAug 24, 2009 - 12:00 a.m.

RHEL 3 / 4 / 5 : flash-plugin (RHSA-2008:0221)

2009-08-2400:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
JSON

An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

The flash-plugin package contains a Firefox-compatible Adobe Flash Player Web browser plug-in.

Several input validation flaws were found in the way Flash Player displayed certain content. These may have made it possible to execute arbitrary code on a victim’s machine, if the victim opened a malicious Adobe Flash file. (CVE-2007-0071, CVE-2007-6019)

A flaw was found in the way Flash Player established TCP sessions to remote hosts. A remote attacker could, consequently, use Flash Player to conduct a DNS rebinding attack. (CVE-2007-5275, CVE-2008-1655)

A flaw was found in the way Flash Player restricted the interpretation and usage of cross-domain policy files. A remote attacker could use Flash Player to conduct cross-domain and cross-site scripting attacks.
(CVE-2007-6243, CVE-2008-1654)

A flaw was found in the way Flash Player interacted with web browsers.
An attacker could use malicious content presented by Flash Player to conduct a cross-site scripting attack. (CVE-2007-6637)

All users of Adobe Flash Player should upgrade to this updated package, which contains Flash Player version 9.0.124.0 and resolves these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2008:0221. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(40719);
  script_version("1.42");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-0071", "CVE-2007-5275", "CVE-2007-6019", "CVE-2007-6243", "CVE-2007-6637", "CVE-2008-1654", "CVE-2008-1655", "CVE-2008-3872");
  script_bugtraq_id(26930, 26966, 27034, 28694, 28695, 28696, 28697);
  script_xref(name:"RHSA", value:"2008:0221");

  script_name(english:"RHEL 3 / 4 / 5 : flash-plugin (RHSA-2008:0221)");
  script_summary(english:"Checks the rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An updated Adobe Flash Player package that fixes several security
issues is now available for Red Hat Enterprise Linux 3 Extras, Red Hat
Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5
Supplementary.

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

The flash-plugin package contains a Firefox-compatible Adobe Flash
Player Web browser plug-in.

Several input validation flaws were found in the way Flash Player
displayed certain content. These may have made it possible to execute
arbitrary code on a victim's machine, if the victim opened a malicious
Adobe Flash file. (CVE-2007-0071, CVE-2007-6019)

A flaw was found in the way Flash Player established TCP sessions to
remote hosts. A remote attacker could, consequently, use Flash Player
to conduct a DNS rebinding attack. (CVE-2007-5275, CVE-2008-1655)

A flaw was found in the way Flash Player restricted the interpretation
and usage of cross-domain policy files. A remote attacker could use
Flash Player to conduct cross-domain and cross-site scripting attacks.
(CVE-2007-6243, CVE-2008-1654)

A flaw was found in the way Flash Player interacted with web browsers.
An attacker could use malicious content presented by Flash Player to
conduct a cross-site scripting attack. (CVE-2007-6637)

All users of Adobe Flash Player should upgrade to this updated
package, which contains Flash Player version 9.0.124.0 and resolves
these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-0071"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-5275"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-6019"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-6243"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2007-6637"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-1654"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-1655"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2008-3872"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2008:0221"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected flash-plugin package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');
  script_cwe_id(20, 79, 189, 264, 352);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:flash-plugin");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2007/10/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2008/04/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/24");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x / 5.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2008:0221";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"flash-plugin-9.0.124.0-1.el3.with.oss")) flag++;


  if (rpm_check(release:"RHEL4", reference:"flash-plugin-9.0.124.0-1.el4")) flag++;


  if (rpm_check(release:"RHEL5", reference:"flash-plugin-9.0.124.0-1.el5")) flag++;


  if (flag)
  {
    flash_plugin_caveat = '\n' +
      'NOTE: This vulnerability check only applies to RedHat released\n' +
      'versions of the flash-plugin package. This check does not apply to\n' +
      'Adobe released versions of the flash-plugin package, which are\n' +
      'versioned similarly and cause collisions in detection.\n\n' +

      'If you are certain you are running the Adobe released package of\n' +
      'flash-plugin and are running a version of it equal or higher to the\n' +
      'RedHat version listed above then you can consider this a false\n' +
      'positive.\n';
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-plugin");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxflash-pluginp-cpe:/a:redhat:enterprise_linux:flash-plugin
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3
redhatenterprise_linux4cpe:/o:redhat:enterprise_linux:4
redhatenterprise_linux4.6cpe:/o:redhat:enterprise_linux:4.6
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linux5.1cpe:/o:redhat:enterprise_linux:5.1

References

Related

redhat 4
nessus 23
seebug 2
openvas 21
gentoo 2
suse 2
securityvulns 4
prion 9
ubuntucve 8
cve 9
zdi 3
cert 2
jvn 1
canvas 1
freebsd 3
checkpoint_advisories 1
thn 1
redhat
redhat
(RHSA-2008:0221) Critical: flash-plugin security update
2008-04-08 00:00:00
(RHSA-2007:1126) Critical: flash-plugin security update
2007-12-18 00:00:00
(RHSA-2008:0945) Critical: flash-plugin security update
2008-10-28 00:00:00
nessus
nessus
GLSA-200804-21 : Adobe Flash Player: Multiple vulnerabilities
2008-04-22 00:00:00
SuSE 10 Security Update : flash-player (ZYPP Patch Number 5159)
2008-04-17 00:00:00
openSUSE 10 Security Update : flash-player (flash-player-5161)
2008-04-17 00:00:00
seebug
seebug
Adobe Flash Player 9.0.124.0版本修改多个安全漏洞
2008-04-11 00:00:00
Adobe Flash Player SWF文件DeclareFunction2 ActionScript标签堆溢出漏洞
2008-04-11 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200804-21 (netscape-flash)
2008-09-24 00:00:00
SuSE Update for flash-player SUSE-SA:2008:022
2009-01-23 00:00:00
Gentoo Security Advisory GLSA 200804-21 (netscape-flash)
2008-09-24 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2008-04-18 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2008-01-20 00:00:00
suse
suse
remote code execution in flash-player
2008-04-11 13:28:58
remote code execution in flash-player
2007-12-21 16:24:32
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2008-04-14 00:00:00
Secunia Research: Adobe Flash Player &quot;Declare Function &#40;V7&#41;&quot; Heap Overflow
2008-04-14 00:00:00
ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
2008-04-10 00:00:00
prion
prion
Code injection
2008-04-09 21:05:00
Cross site scripting
2007-12-20 01:46:00
Design/Logic Flaw
2008-04-09 21:05:00
ubuntucve
ubuntucve
CVE-2007-6019
2008-04-09 00:00:00
CVE-2007-6243
2007-12-20 00:00:00
CVE-2008-1654
2008-04-02 00:00:00
cve
cve
CVE-2007-6243
2007-12-20 01:46:00
CVE-2007-6019
2008-04-09 21:05:00
CVE-2008-1654
2008-04-02 18:44:00
zdi
zdi
Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
2008-04-08 00:00:00
Adobe Flash Script Injection Cross Domain Scripting Vulnerability
2008-04-08 00:00:00
Adobe Flash DefineSceneAndFrameLabelData Parsing Memory Corruption Vulnerability
2008-05-22 00:00:00
cert
cert
Adobe Flash Player may load arbitrary, malformed cross-domain policy files
2008-03-25 00:00:00
Adobe Flash Player integer overflow vulnerability
2008-04-25 00:00:00
jvn
jvn
JVN#45675516 Flash Player vulnerable in handling cross-domain policy files
2007-12-20 00:00:00
canvas
canvas
Immunity Canvas: FLASH_DUKE
2008-04-09 21:05:00
freebsd
freebsd
linux-flashplugin -- unspecified remote code execution vulnerability
2008-05-27 00:00:00
linux-flashplugin -- multiple vulnerabilities
2007-12-18 00:00:00
linux-flashplugin -- multiple vulnerabilities
2008-10-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Multimedia File Code Execution (CVE-2007-0071)
2008-11-18 00:00:00
thn
thn
Phoenix Exploit's Kit 2.8 mini version
2011-10-12 17:41:00
JSON
Related for REDHAT-RHSA-2008-0221.NASL
redhat4nessus23seebug2openvas21gentoo2suse2securityvulns4prion9ubuntucve8cve9zdi3cert2jvn1canvas1freebsd3checkpoint_advisories1thn1