Lucene search
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.SUSE_11_FIREFOX-201407-140729.NASLHistoryAug 04, 2014 - 12:00 a.m.
SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 9569)
2014-08-0400:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
12
Mozilla Firefox has been updated to the 24.7ESR security release.
Security issues fixed in this release :
-
https://www.mozilla.org/security/announce/2014/mfsa2014- 63.html. (CVE-2014-1544) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 56.html. (CVE-2014-1548) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 57.html. (CVE-2014-1549) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 58.html. (CVE-2014-1550) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 59.html. (CVE-2014-1551) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 66.html. (CVE-2014-1552) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 61.html. (CVE-2014-1555) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 62.html. (CVE-2014-1556) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 64.html. (CVE-2014-1557) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 65.html. (CVE-2014-1558 / CVE-2014-1559 / CVE-2014-1560) -
https://www.mozilla.org/security/announce/2014/mfsa2014- 60.html. (CVE-2014-1561)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(76989);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2014-1544", "CVE-2014-1547", "CVE-2014-1548", "CVE-2014-1549", "CVE-2014-1550", "CVE-2014-1551", "CVE-2014-1552", "CVE-2014-1555", "CVE-2014-1556", "CVE-2014-1557", "CVE-2014-1558", "CVE-2014-1559", "CVE-2014-1560", "CVE-2014-1561");
script_name(english:"SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 9569)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 11 host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Mozilla Firefox has been updated to the 24.7ESR security release.
Security issues fixed in this release :
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
63.html. (CVE-2014-1544)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
56.html. (CVE-2014-1548)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
57.html. (CVE-2014-1549)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
58.html. (CVE-2014-1550)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
59.html. (CVE-2014-1551)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
66.html. (CVE-2014-1552)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
61.html. (CVE-2014-1555)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
62.html. (CVE-2014-1556)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
64.html. (CVE-2014-1557)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
65.html. (CVE-2014-1558 / CVE-2014-1559 / CVE-2014-1560)
-
https://www.mozilla.org/security/announce/2014/mfsa2014-
60.html. (CVE-2014-1561)"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=887746"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1544.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1547.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1548.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1549.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1550.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1551.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1552.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1555.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1556.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1557.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1558.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1559.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1560.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2014-1561.html"
);
script_set_attribute(attribute:"solution", value:"Apply SAT patch number 9569.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libfreebl3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libsoftokn3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libsoftokn3-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"patch_publication_date", value:"2014/07/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/04");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3");
flag = 0;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"MozillaFirefox-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"MozillaFirefox-translations-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libfreebl3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libsoftokn3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mozilla-nss-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mozilla-nss-tools-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"MozillaFirefox-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"MozillaFirefox-translations-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libfreebl3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libfreebl3-32bit-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libsoftokn3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libsoftokn3-32bit-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mozilla-nss-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mozilla-nss-32bit-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mozilla-nss-tools-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"MozillaFirefox-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"MozillaFirefox-translations-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"libfreebl3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"libsoftokn3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"mozilla-nss-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"mozilla-nss-tools-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"MozillaFirefox-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"MozillaFirefox-translations-24.7.0esr-0.8.2")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"libfreebl3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"libfreebl3-32bit-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"libsoftokn3-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"libsoftokn3-32bit-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"mozilla-nss-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"mozilla-nss-32bit-3.16.2-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"mozilla-nss-tools-3.16.2-0.8.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozillafirefox |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozillafirefox-translations |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:libfreebl3 |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:libsoftokn3 |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:libsoftokn3-32bit |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nss |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools |
| novell | suse_linux | 11 | cpe:/o:novell:suse_linux:11 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1549
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1550
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1551
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1552
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1558
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1560
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1561
support.novell.com/security/cve/CVE-2014-1544.html
support.novell.com/security/cve/CVE-2014-1547.html
support.novell.com/security/cve/CVE-2014-1548.html
support.novell.com/security/cve/CVE-2014-1549.html
support.novell.com/security/cve/CVE-2014-1550.html
support.novell.com/security/cve/CVE-2014-1551.html
support.novell.com/security/cve/CVE-2014-1552.html
support.novell.com/security/cve/CVE-2014-1555.html
support.novell.com/security/cve/CVE-2014-1556.html
support.novell.com/security/cve/CVE-2014-1557.html
support.novell.com/security/cve/CVE-2014-1558.html
support.novell.com/security/cve/CVE-2014-1559.html
support.novell.com/security/cve/CVE-2014-1560.html
support.novell.com/security/cve/CVE-2014-1561.html
bugzilla.novell.com/show_bug.cgi?id=887746
Related
openvas
openvas
SUSE: Security Advisory for Mozilla (SUSE-SU-2014:0960-1)
2015-10-13 00:00:00
Ubuntu: Security Advisory (USN-2295-1)
2014-07-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0960-1)
2021-06-09 00:00:00
nessus
nessus
openSUSE Security Update : MozillaFirefox (openSUSE-2014-476)
2014-08-01 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (978b0f76-122d-11e4-afe3-bc5ff4fb5e7b)
2014-07-24 00:00:00
Firefox < 31.0 Multiple Vulnerabilities
2014-07-24 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2014-07-22 00:00:00
Thunderbird vulnerabilities
2014-07-22 00:00:00
NSS vulnerability
2014-09-09 00:00:00
suse
suse
Security update for Mozilla Firefox (important)
2014-08-02 01:04:22
MozillaFirefox: Update to Mozilla Firefox 31 (important)
2014-07-30 20:43:23
MozillaThunderbird: Update to 24.7.0 (important)
2014-08-11 10:05:21
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-07-22 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-07-28 00:00:00
kaspersky
kaspersky
KLA10119 Multiple vulnerabilities in Mozilla
2014-07-22 00:00:00
debian
debian
[SECURITY] [DSA 2996-1] icedove security update
2014-08-03 08:53:00
[SECURITY] [DSA 2986-1] iceweasel security update
2014-07-23 19:51:09
[SECURITY] [DSA 3071-1] nss security update
2014-11-11 21:01:50
osv
osv
icedove - security update
2014-08-03 00:00:00
nss - security update
2014-11-11 00:00:00
mageia
mageia
Updated nss, firefox and thunderbird packages fix security vulnerabilities
2014-07-26 15:32:13
Updated iceape package fixes security vulnerabilities
2014-10-23 17:27:57
oraclelinux
oraclelinux
firefox security update
2014-07-22 00:00:00
thunderbird security update
2014-07-22 00:00:00
nss and nspr security update
2014-07-22 00:00:00
redhat
redhat
(RHSA-2014:0919) Critical: firefox security update
2014-07-22 00:00:00
(RHSA-2014:0918) Important: thunderbird security update
2014-07-22 00:00:00
(RHSA-2014:1165) Critical: nss security update
2014-09-08 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:03:38
Arbitrary Code Execution
2019-05-02 05:03:37
Arbitrary Code Execution
2019-05-02 05:03:38
centos
centos
thunderbird security update
2014-07-23 01:35:12
firefox, xulrunner security update
2014-07-23 00:54:07
nspr, nss security update
2014-07-23 00:41:58
ibm
ibm
mozilla
mozilla
Certificate parsing broken by non-standard character encoding — Mozilla
2014-07-22 00:00:00
Miscellaneous memory safety hazards (rv:31.0 / rv:24.7) — Mozilla
2014-07-22 00:00:00
Exploitable WebGL crash with Cesium JavaScript library — Mozilla
2014-07-22 00:00:00
cve
cve
cvelist
cvelist
prion
prion
ubuntucve
ubuntucve
amazon
amazon
Critical: nss
2014-07-23 14:08:00
debiancve
debiancve
CVE-2014-1544
2014-07-23 11:12:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox SharedWorker MessagePort Use After Free (CVE-2014-1548)
2014-09-11 00:00:00
Related for SUSE_11_FIREFOX-201407-140729.NASL