Lucene search

HistoryFeb 15, 2011 - 12:00 a.m.

SuSE 11.1 Security Update : flash-player (SAT Patch Number 3926)

2011-02-1500:00:00

www.tenable.com

The Adobe Flash Player was updated to the 10.2.152.26 release, fixing lots of bugs and security issues. The update is rated critical by Adobe, although details have not been published.

CVEs addressed: CVE-2011-0558 / CVE-2011-0559 / CVE-2011-0560 / CVE-2011-0561 / CVE-2011-0571 / CVE-2011-0572 / CVE-2011-0573 / CVE-2011-0574 / CVE-2011-0575 / CVE-2011-0577 / CVE-2011-0578 / CVE-2011-0607 / CVE-2011-0608

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(51983);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2011-0558", "CVE-2011-0559", "CVE-2011-0560", "CVE-2011-0561", "CVE-2011-0571", "CVE-2011-0572", "CVE-2011-0573", "CVE-2011-0574", "CVE-2011-0575", "CVE-2011-0577", "CVE-2011-0578", "CVE-2011-0607", "CVE-2011-0608");

  script_name(english:"SuSE 11.1 Security Update : flash-player (SAT Patch Number 3926)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The Adobe Flash Player was updated to the 10.2.152.26 release, fixing
lots of bugs and security issues. The update is rated critical by
Adobe, although details have not been published.

CVEs addressed: CVE-2011-0558 / CVE-2011-0559 / CVE-2011-0560 /
CVE-2011-0561 / CVE-2011-0571 / CVE-2011-0572 / CVE-2011-0573 /
CVE-2011-0574 / CVE-2011-0575 / CVE-2011-0577 / CVE-2011-0578 /
CVE-2011-0607 / CVE-2011-0608"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=670531"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0558.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0559.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0560.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0561.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0571.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0572.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0573.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0574.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0575.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0577.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0578.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0607.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-0608.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 3926.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/02/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/02/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1");


flag = 0;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"flash-player-10.2.152.26-0.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:flash-player
novellsuse_linux11cpe:/o:novell:suse_linux:11

Vendor	Product	Version	CPE
novell	suse_linux	11	p-cpe:/a:novell:suse_linux:11:flash-player
novell	suse_linux	11	cpe:/o:novell:suse_linux:11

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0558

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0559

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0560

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0561

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0571

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0572

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0573

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0574

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0575

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0577

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0578

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0607

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0608

support.novell.com/security/cve/CVE-2011-0558.html

support.novell.com/security/cve/CVE-2011-0559.html

support.novell.com/security/cve/CVE-2011-0560.html

support.novell.com/security/cve/CVE-2011-0561.html

support.novell.com/security/cve/CVE-2011-0571.html

support.novell.com/security/cve/CVE-2011-0572.html

support.novell.com/security/cve/CVE-2011-0573.html

support.novell.com/security/cve/CVE-2011-0574.html

support.novell.com/security/cve/CVE-2011-0575.html

support.novell.com/security/cve/CVE-2011-0577.html

support.novell.com/security/cve/CVE-2011-0578.html

support.novell.com/security/cve/CVE-2011-0607.html

support.novell.com/security/cve/CVE-2011-0608.html

bugzilla.novell.com/show_bug.cgi?id=670531

JSON

Related for SUSE_11_FLASH-PLAYER-110209.NASL