Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 Tenable Network Security, Inc.SUSE_11_FLASH-PLAYER-140910.NASL
HistorySep 14, 2014 - 12:00 a.m.

SuSE 11.3 Security Update : flash-player (SAT Patch Number 9704)

2014-09-1400:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
17
JSON

Adobe Flash Player has been updated to 11.2.202.406 which fixes various security issues.

These updates :

  • resolve a memory leakage vulnerability that could have been used to bypass memory address randomization.
    (CVE-2014-0557)

  • resolve a security bypass vulnerability. (CVE-2014-0554)

  • resolve a use-after-free vulnerability that could have lead to code execution. (CVE-2014-0553)

  • resolve memory corruption vulnerabilities that could have lead to code execution. (CVE-2014-0547 / CVE-2014-0549 / CVE-2014-0550 / CVE-2014-0551 / CVE-2014-0552 / CVE-2014-0555)

  • resolve a vulnerability that could have been used to bypass the same origin policy. (CVE-2014-0548)

  • resolve a heap buffer overflow vulnerability that could have lead to code execution (CVE-2014-0556 / CVE-2014-0559). More information can be found on http://helpx.adobe.com/security/products/flash-player/ap sb14-21.html

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(77672);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2014-0547", "CVE-2014-0548", "CVE-2014-0549", "CVE-2014-0550", "CVE-2014-0551", "CVE-2014-0552", "CVE-2014-0553", "CVE-2014-0554", "CVE-2014-0555", "CVE-2014-0556", "CVE-2014-0557", "CVE-2014-0559");

  script_name(english:"SuSE 11.3 Security Update : flash-player (SAT Patch Number 9704)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Adobe Flash Player has been updated to 11.2.202.406 which fixes
various security issues.

These updates :

  - resolve a memory leakage vulnerability that could have
    been used to bypass memory address randomization.
    (CVE-2014-0557)

  - resolve a security bypass vulnerability. (CVE-2014-0554)

  - resolve a use-after-free vulnerability that could have
    lead to code execution. (CVE-2014-0553)

  - resolve memory corruption vulnerabilities that could
    have lead to code execution. (CVE-2014-0547 /
    CVE-2014-0549 / CVE-2014-0550 / CVE-2014-0551 /
    CVE-2014-0552 / CVE-2014-0555)

  - resolve a vulnerability that could have been used to
    bypass the same origin policy. (CVE-2014-0548)

  - resolve a heap buffer overflow vulnerability that could
    have lead to code execution (CVE-2014-0556 /
    CVE-2014-0559). More information can be found on
    http://helpx.adobe.com/security/products/flash-player/ap
    sb14-21.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=895856"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0547.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0548.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0549.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0550.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0551.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0552.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0553.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0554.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0555.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0556.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0557.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-0559.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 9704.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player copyPixelsToByteArray Method Integer Overflow');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player-gnome");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:flash-player-kde4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/09/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/14");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3");


flag = 0;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"flash-player-11.2.202.406-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"flash-player-gnome-11.2.202.406-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"flash-player-kde4-11.2.202.406-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"flash-player-11.2.202.406-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"flash-player-gnome-11.2.202.406-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"flash-player-kde4-11.2.202.406-0.3.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:flash-player
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:flash-player-gnome
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:flash-player-kde4
novellsuse_linux11cpe:/o:novell:suse_linux:11

References

Related

nessus 14
openvas 9
suse 3
redhat 1
mageia 1
gentoo 1
freebsd 1
prion 12
cvelist 12
ubuntucve 12
cve 12
checkpoint_advisories 12
packetstorm 2
zdt 2
canvas 1
metasploit 1
hackerone 3
googleprojectzero 6
exploitdb 1
threatpost 1
nessus
nessus
GLSA-201409-05 : Adobe Flash Player: Multiple vulnerabilities
2014-09-22 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2014:1110-1)
2014-09-11 00:00:00
Flash Player <= 14.0.0.179 Multiple Vulnerabilities (APSB14-21)
2014-09-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201409-05
2015-09-29 00:00:00
Adobe Flash Player Multiple Vulnerabilities-01 (Sep 2014) - Mac OS X
2014-09-12 00:00:00
Adobe Flash Player Multiple Vulnerabilities-01 (Sep 2014) - Linux
2014-09-12 00:00:00
suse
suse
flash-player to 11.2.202.40 (important)
2014-09-10 17:04:13
update flash-player to 11.2.202.40 (important)
2014-09-16 01:04:20
Security update for flash-player (important)
2014-09-13 01:04:17
redhat
redhat
(RHSA-2014:1173) Critical: flash-plugin security update
2014-09-10 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix multiple security vulnerabilities
2014-09-22 12:31:24
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2014-09-19 00:00:00
freebsd
freebsd
Flash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11
2014-09-09 00:00:00
prion
prion
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
Memory corruption
2014-09-10 01:55:00
cvelist
cvelist
CVE-2014-0555
2014-09-10 01:00:00
CVE-2014-0552
2014-09-10 01:00:00
CVE-2014-0550
2014-09-10 01:00:00
ubuntucve
ubuntucve
CVE-2014-0551
2014-09-10 00:00:00
CVE-2014-0555
2014-09-10 00:00:00
CVE-2014-0552
2014-09-10 00:00:00
cve
cve
CVE-2014-0551
2014-09-10 01:55:00
CVE-2014-0550
2014-09-10 01:55:00
CVE-2014-0552
2014-09-10 01:55:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player and AIR String Concatenation Integer Overflow (CVE-2014-0550)
2014-10-14 00:00:00
Adobe Flash Player Memory Corruption (APSB14-21: CVE-2014-0552)
2014-09-21 00:00:00
Adobe Flash Player and AIR Heap Overflow (APSB14-21; CVE-2014-0559)
2014-09-21 00:00:00
packetstorm
packetstorm
Adobe Flash Player copyPixelsToByteArray Integer Overflow
2015-04-19 00:00:00
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-09-30 00:00:00
zdt
zdt
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
2014-10-01 00:00:00
Adobe Flash Player copyPixelsToByteArray Integer Overflow Exploit
2015-04-19 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_COPYPIXELSTOBYTEARRAY
2014-09-10 01:55:00
metasploit
metasploit
Adobe Flash Player copyPixelsToByteArray Method Integer Overflow
2015-04-15 19:08:16
hackerone
hackerone
Internet Bug Bounty: Flash Local Sandbox Bypass
2014-09-09 20:51:19
Internet Bug Bounty: Adobe Flash Player MP4 Use-After-Free Vulnerability
2014-10-08 02:03:48
Internet Bug Bounty: Adobe Flash Player Out-of-Bound Access Vulnerability
2015-02-07 14:50:18
googleprojectzero
googleprojectzero
Exploiting CVE-2014-0556 in Flash
2014-09-23 00:00:00
The poisoned NUL byte, 2014 edition
2014-08-25 00:00:00
Significant Flash exploit mitigations are live in v18.0.0.209
2015-07-16 00:00:00
exploitdb
exploitdb
Adobe Flash Player - copyPixelsToByteArray Integer Overflow (Metasploit)
2015-04-21 00:00:00
threatpost
threatpost
Microsoft Warns of Crowti Ransomware
2014-10-29 14:20:49
JSON
Related for SUSE_11_FLASH-PLAYER-140910.NASL
nessus14openvas9suse3redhat1mageia1gentoo1freebsd1prion12cvelist12ubuntucve12cve12checkpoint_advisories12packetstorm2zdt2canvas1metasploit1hackerone3googleprojectzero6exploitdb1threatpost1