Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2022 Tenable Network Security, Inc.SUSE_11_FLASH-PLAYER-110415.NASL
HistoryApr 19, 2011 - 12:00 a.m.

SuSE 11.1 Security Update : flash-player (SAT Patch Number 4400)

2011-04-1900:00:00
This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.
www.tenable.com
18
JSON

Specially crafted Flash files could be exploited to execute arbitrary code. (CVE-2011-0611)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(53485);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/08");

  script_cve_id("CVE-2011-0611");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/03/24");

  script_name(english:"SuSE 11.1 Security Update : flash-player (SAT Patch Number 4400)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SuSE 11 host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"Specially crafted Flash files could be exploited to execute arbitrary
code. (CVE-2011-0611)");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=686818");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2011-0611.html");
  script_set_attribute(attribute:"solution", value:
"Apply SAT patch number 4400.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/04/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1");


flag = 0;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"flash-player-10.2.159.1-0.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:flash-player
novellsuse_linux11cpe:/o:novell:suse_linux:11

Related

redhat 1
openvas 9
cert 1
threatpost 5
attackerkb 1
prion 1
cve 1
nessus 14
freebsd 1
checkpoint_advisories 1
seebug 3
exploitpack 1
ubuntucve 1
metasploit 1
saint 4
suse 1
thn 1
cisa_kev 1
packetstorm 1
exploitdb 2
securelist 1
myhack58 1
gentoo 1
redhat
redhat
(RHSA-2011:0451) Critical: flash-plugin security update
2011-04-18 00:00:00
openvas
openvas
SUSE: Security Advisory for flash-player (SUSE-SA:2011:018)
2011-04-22 00:00:00
Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
2011-04-22 00:00:00
FreeBSD Ports: linux-flashplugin
2011-05-12 00:00:00
cert
cert
Adobe Flash Player contains unspecified code execution vulnerability
2011-04-12 00:00:00
threatpost
threatpost
Analysis of the New Adobe Flash Attacks
2011-04-13 16:13:42
Adobe Releases Patch for Flash Zero Day Hole in Reader, Acrobat
2011-04-21 20:11:41
Adobe Flash Bug Being Used in Attacks Via Word Documents
2011-04-12 11:51:03
attackerkb
attackerkb
CVE-2011-0611
2011-04-13 00:00:00
prion
prion
Type confusion
2011-04-13 14:55:00
cve
cve
CVE-2011-0611
2011-04-13 14:55:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2011:0373-1)
2014-06-13 00:00:00
SuSE 10 Security Update : flash-player (ZYPP Patch Number 7477)
2011-12-13 00:00:00
Google Chrome < 10.0.648.205 Multiple Vulnerabilities
2011-04-14 00:00:00
freebsd
freebsd
linux-flashplugin -- remote code execution vulnerability
2011-01-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player ActionScript callMethod Code Execution (APSA11-02; CVE-2011-0611)
2011-04-21 00:00:00
seebug
seebug
Adobe Reader X Atom Type Confusion Vulnerability Exploit
2014-07-01 00:00:00
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
2011-04-24 00:00:00
Adobe Flash Player 'SWF'ζ–‡δ»ΆθΏœη¨‹ε†…ε­˜η ΄εζΌζ΄ž
2011-04-13 00:00:00
exploitpack
exploitpack
Adobe Reader X 10.0.0 10.0.1 - Atom Type Confusion
2011-07-03 00:00:00
ubuntucve
ubuntucve
CVE-2011-0611
2011-04-13 00:00:00
metasploit
metasploit
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
2011-04-16 02:09:33
saint
saint
Adobe Flash Player callMethod Bytecode Memory Corruption
2011-04-21 00:00:00
Adobe Flash Player callMethod Bytecode Memory Corruption
2011-04-21 00:00:00
Adobe Flash Player callMethod Bytecode Memory Corruption
2011-04-21 00:00:00
suse
suse
remote code execution in flash-player
2011-04-18 16:33:38
thn
thn
Emergency Adobe Flash Player patch coming today !
2011-04-16 07:59:00
cisa_kev
cisa_kev
Adobe Flash Player Remote Code Execution Vulnerability
2022-03-03 00:00:00
packetstorm
packetstorm
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
2011-04-17 00:00:00
exploitdb
exploitdb
Adobe Flash Player 10.2.153.1 - SWF Memory Corruption (Metasploit)
2011-04-16 00:00:00
Adobe Reader X 10.0.0 &lt; 10.0.1 - Atom Type Confusion
2011-07-03 00:00:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
myhack58
myhack58
The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
2019-06-13 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-10-13 00:00:00
JSON
Related for SUSE_11_FLASH-PLAYER-110415.NASL
redhat1openvas9cert1threatpost5attackerkb1prion1cve1nessus14freebsd1checkpoint_advisories1seebug3exploitpack1ubuntucve1metasploit1saint4suse1thn1cisa_kev1packetstorm1exploitdb2securelist1myhack581gentoo1