Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2021 Tenable Network Security, Inc.SUSE_11_LIBWEBKIT-110725.NASL
HistoryJul 29, 2011 - 12:00 a.m.

SuSE 11.1 Security Update : libwebkit (SAT Patch Number 4917)

2011-07-2900:00:00
This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.
www.tenable.com
19
JSON

This update of libwebkit fixes :

  • XSLT file creation allowed webpages evaluating XSLT code to create files. (CVE-2011-1774)

  • ZDI-11-139 Webkit Anonymous Frame remote code exec

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(55728);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2011-1774");

  script_name(english:"SuSE 11.1 Security Update : libwebkit (SAT Patch Number 4917)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of libwebkit fixes :

  - XSLT file creation allowed webpages evaluating XSLT code
    to create files. (CVE-2011-1774)

  - ZDI-11-139 Webkit Anonymous Frame remote code exec"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=688691"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=692619"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-1774.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 4917.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Apple Safari Webkit libxslt Arbitrary File Creation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'White_Phosphorus');

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libwebkit-1_0-2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libwebkit-lang");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/07/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/07/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1");


flag = 0;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"libwebkit-1_0-2-1.2.7-0.13.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"libwebkit-lang-1.2.7-0.13.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"libwebkit-1_0-2-1.2.7-0.13.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"libwebkit-lang-1.2.7-0.13.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:libwebkit-1_0-2
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:libwebkit-lang
novellsuse_linux11cpe:/o:novell:suse_linux:11

Related

metasploit 1
saint 4
suse 1
checkpoint_advisories 1
packetstorm 1
prion 1
cve 1
ubuntucve 1
freebsd 1
nessus 6
openvas 6
securityvulns 6
seebug 1
metasploit
metasploit
Cross Platform Webkit File Dropper
2011-10-18 16:30:28
saint
saint
Apple Safari libxslt File Create
2011-10-24 00:00:00
Apple Safari libxslt File Create
2011-10-24 00:00:00
Apple Safari libxslt File Create
2011-10-24 00:00:00
suse
suse
Security update for libwebkit (important)
2011-08-02 01:08:15
checkpoint_advisories
checkpoint_advisories
Apple Safari Webkit libxslt Arbitrary File Creation (CVE-2011-1774)
2011-12-27 00:00:00
packetstorm
packetstorm
Apple Safari Webkit libxslt Arbitrary File Creation
2011-10-18 00:00:00
prion
prion
Design/Logic Flaw
2011-07-21 23:55:00
cve
cve
CVE-2011-1774
2011-07-21 23:55:00
ubuntucve
ubuntucve
CVE-2011-1774
2011-07-21 00:00:00
freebsd
freebsd
databases/postgresql*-server -- multiple vulnerabilities
2012-08-17 00:00:00
nessus
nessus
FreeBSD : databases/postgresql*-server -- multiple vulnerabilities (07234e78-e899-11e1-b38d-0023ae8e59f0)
2012-08-20 00:00:00
Mac OS X : Apple Safari < 5.1 / 5.0.6
2011-07-21 00:00:00
Safari < 5.1 Multiple Vulnerabilities
2011-07-21 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities - July 2011 (Mac OS X)
2011-08-12 00:00:00
Apple Safari Multiple Vulnerabilities - July 2011
2011-07-27 00:00:00
Apple Safari Multiple Vulnerabilities - July 2011 (Mac OS X)
2011-08-12 00:00:00
securityvulns
securityvulns
WebKit / Apple Safari / Google Chrome multiple security vulnerabilities
2011-08-01 00:00:00
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
2011-07-22 00:00:00
Apple iTunes multiple security vulnerabilities
2011-10-16 00:00:00
seebug
seebug
Apple iTunes多个安全漏洞
2011-10-13 00:00:00
JSON
Related for SUSE_11_LIBWEBKIT-110725.NASL
metasploit1saint4suse1checkpoint_advisories1packetstorm1prion1cve1ubuntucve1freebsd1nessus6openvas6securityvulns6seebug1