Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_FLASH-PLAYER-121109.NASL
HistoryJan 25, 2013 - 12:00 a.m.

SuSE 11.2 Security Update : flash-player (SAT Patch Number 7038)

2013-01-2500:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.3%

JSON

This update of flash-player fixes multiple (unspecified) buffer overflows, memory corruptions and other security-related issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(64141);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-5274", "CVE-2012-5275", "CVE-2012-5276", "CVE-2012-5277", "CVE-2012-5278", "CVE-2012-5279", "CVE-2012-5280");

  script_name(english:"SuSE 11.2 Security Update : flash-player (SAT Patch Number 7038)");
  script_summary(english:"Checks rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of flash-player fixes multiple (unspecified) buffer
overflows, memory corruptions and other security-related issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=788450"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5274.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5275.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5276.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5277.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5278.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5279.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5280.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7038.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/11/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");


flag = 0;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"flash-player-11.2.202.251-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"flash-player-11.2.202.251-0.3.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:flash-player
novellsuse_linux11cpe:/o:novell:suse_linux:11

Related

nessus 11
suse 4
openvas 15
thn 1
freebsd 1
redhat 1
prion 7
cvelist 7
nvd 7
ubuntucve 7
cve 7
checkpoint_advisories 1
gentoo 1
nessus
nessus
FreeBSD : linux-flashplugin -- multiple vulnerabilities (4b8b748e-2a24-11e2-bb44-003067b2972c)
2012-11-09 00:00:00
Flash Player <= 10.3.183.29 / 11.4.402.287 Multiple Vulnerabilities (APSB12-24)
2012-12-11 00:00:00
Flash Player <= 10.3.183.29 / 11.4.402.287 Multiple Vulnerabilities (APSB12-24)
2012-11-07 00:00:00
suse
suse
flash-player: Update to 11.2.202.251 (important)
2013-02-28 18:27:42
Update to 11.2.202.251 (important)
2013-01-23 14:05:07
Security update for flash-player (important)
2012-11-15 23:08:42
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities (Nov 2012) - Linux
2012-11-08 00:00:00
FreeBSD Ports: linux-f10-flashplugin
2012-11-26 00:00:00
Adobe Flash Player Multiple Vulnerabilities - November12 (Windows)
2012-11-08 00:00:00
thn
thn
Patch released for 7 critical Adobe Flash Player Vulnerabilities
2012-11-06 18:32:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2012-10-08 00:00:00
redhat
redhat
(RHSA-2012:1431) Critical: flash-plugin security update
2012-11-07 00:00:00
prion
prion
Buffer overflow
2012-11-07 05:41:00
Buffer overflow
2012-11-07 05:41:00
Buffer overflow
2012-11-07 05:41:00
cvelist
cvelist
CVE-2012-5275
2012-11-07 02:00:00
CVE-2012-5274
2012-11-07 02:00:00
CVE-2012-5277
2012-11-07 02:00:00
nvd
nvd
CVE-2012-5274
2012-11-07 05:41:22
CVE-2012-5280
2012-11-07 05:41:22
CVE-2012-5275
2012-11-07 05:41:22
ubuntucve
ubuntucve
CVE-2012-5274
2012-11-07 00:00:00
CVE-2012-5277
2012-11-07 00:00:00
CVE-2012-5276
2012-11-07 00:00:00
cve
cve
CVE-2012-5275
2012-11-07 05:41:22
CVE-2012-5277
2012-11-07 05:41:22
CVE-2012-5280
2012-11-07 05:41:22
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player and AIR Security Bypass (APSB12-24; CVE-2012-5278)
2012-12-30 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2013-09-14 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.3%

JSON
Related for SUSE_11_FLASH-PLAYER-121109.NASL
nessus11suse4openvas15thn1freebsd1redhat1prion7cvelist7nvd7ubuntucve7cve7checkpoint_advisories1gentoo1