This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.SUSE_SU-2013-0044-1.NASLSUSE SLED10 Security Update : Acrobat Reader (SUSE-SU-2013:0044-1)
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.24 Low
EPSS
Percentile
96.6%
Acrobat Reader was updated to 9.5.3 to fix various bugs and security issues.
More information can be found at http://www.adobe.com/support/security/bulletins/apsb13-02.html
The resolved security issues are CVE-2012-1530 , CVE-2013-0601 , CVE-2013-0602 , CVE-2013-0603 , CVE-2013-0604 , CVE-2013-0605 , CVE-2013-0606 , CVE-2013-0607 , CVE-2013-0608 , CVE-2013-0609 , CVE-2013-0610 , CVE-2013-0611 , CVE-2013-0612 , CVE-2013-0613 , CVE-2013-0614 , CVE-2013-0615 , CVE-2013-0616 , CVE-2013-0617 , CVE-2013-0618 , CVE-2013-0619 , CVE-2013-0620 , CVE-2013-0621 , CVE-2013-0622 , CVE-2013-0623 , CVE-2013-0624 , CVE-2013-0626 and CVE-2013-0627 .
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2013:0044-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(83572);
script_version("2.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2012-1530", "CVE-2013-0601", "CVE-2013-0602", "CVE-2013-0603", "CVE-2013-0604", "CVE-2013-0605", "CVE-2013-0606", "CVE-2013-0607", "CVE-2013-0608", "CVE-2013-0609", "CVE-2013-0610", "CVE-2013-0611", "CVE-2013-0612", "CVE-2013-0613", "CVE-2013-0614", "CVE-2013-0615", "CVE-2013-0616", "CVE-2013-0617", "CVE-2013-0618", "CVE-2013-0619", "CVE-2013-0620", "CVE-2013-0621", "CVE-2013-0622", "CVE-2013-0623", "CVE-2013-0624", "CVE-2013-0626", "CVE-2013-0627");
script_bugtraq_id(57155, 57263, 57264, 57265, 57268, 57269, 57270, 57272, 57273, 57274, 57275, 57276, 57277, 57282, 57283, 57284, 57285, 57286, 57287, 57289, 57290, 57291, 57292, 57293, 57294, 57295, 57296, 57297);
script_name(english:"SUSE SLED10 Security Update : Acrobat Reader (SUSE-SU-2013:0044-1)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Acrobat Reader was updated to 9.5.3 to fix various bugs and security
issues.
More information can be found at
http://www.adobe.com/support/security/bulletins/apsb13-02.html
The resolved security issues are CVE-2012-1530 , CVE-2013-0601 ,
CVE-2013-0602 , CVE-2013-0603 , CVE-2013-0604 , CVE-2013-0605 ,
CVE-2013-0606 , CVE-2013-0607 , CVE-2013-0608 , CVE-2013-0609 ,
CVE-2013-0610 , CVE-2013-0611 , CVE-2013-0612 , CVE-2013-0613 ,
CVE-2013-0614 , CVE-2013-0615 , CVE-2013-0616 , CVE-2013-0617 ,
CVE-2013-0618 , CVE-2013-0619 , CVE-2013-0620 , CVE-2013-0621 ,
CVE-2013-0622 , CVE-2013-0623 , CVE-2013-0624 , CVE-2013-0626 and
CVE-2013-0627 .
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1530"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0601"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0602"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0603"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0604"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0605"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0606"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0607"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0608"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0609"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0610"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0611"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0612"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0613"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0614"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0615"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0616"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0617"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0618"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0619"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0620"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0621"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0622"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0623"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0624"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0626"
);
script_set_attribute(
attribute:"see_also",
value:"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0627"
);
# http://download.suse.com/patch/finder/?keywords=439f017a53eac3afd9cf07feecd10c66
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?98b55da7"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2012-1530.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0601.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0602.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0603.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0604.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0605.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0606.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0607.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0608.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0609.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0610.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0611.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0612.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0613.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0614.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0615.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0616.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0617.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0618.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0619.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0620.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0621.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0622.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0623.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0624.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0626.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-0627.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.adobe.com/support/security/bulletins/apsb13-02.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/797529"
);
# https://www.suse.com/support/update/announcement/2013/suse-su-20130044-1.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?fd281609"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected Acrobat Reader package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:acroread");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:10");
script_set_attribute(attribute:"patch_publication_date", value:"2013/01/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/20");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = eregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! ereg(pattern:"^(SLED10)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED10", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "i386|i486|i586|i686|x86_64") audit(AUDIT_ARCH_NOT, "i386 / i486 / i586 / i686 / x86_64", cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLED10" && (! ereg(pattern:"^4$", string:sp))) audit(AUDIT_OS_NOT, "SLED10 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLED10", sp:"4", cpu:"x86_64", reference:"acroread-9.5.3-0.6.2")) flag++;
if (rpm_check(release:"SLED10", sp:"4", cpu:"i586", reference:"acroread-9.5.3-0.6.2")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Acrobat Reader");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | acroread | p-cpe:/a:novell:suse_linux:acroread |
| novell | suse_linux | 10 | cpe:/o:novell:suse_linux:10 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0601
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0602
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0603
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0604
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0605
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0606
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0607
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0609
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0610
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0611
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0613
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0616
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0617
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0618
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0620
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0621
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0627
support.novell.com/security/cve/CVE-2012-1530.html
support.novell.com/security/cve/CVE-2013-0601.html
support.novell.com/security/cve/CVE-2013-0602.html
support.novell.com/security/cve/CVE-2013-0603.html
support.novell.com/security/cve/CVE-2013-0604.html
support.novell.com/security/cve/CVE-2013-0605.html
support.novell.com/security/cve/CVE-2013-0606.html
support.novell.com/security/cve/CVE-2013-0607.html
support.novell.com/security/cve/CVE-2013-0608.html
support.novell.com/security/cve/CVE-2013-0609.html
support.novell.com/security/cve/CVE-2013-0610.html
support.novell.com/security/cve/CVE-2013-0611.html
support.novell.com/security/cve/CVE-2013-0612.html
support.novell.com/security/cve/CVE-2013-0613.html
support.novell.com/security/cve/CVE-2013-0614.html
support.novell.com/security/cve/CVE-2013-0615.html
support.novell.com/security/cve/CVE-2013-0616.html
support.novell.com/security/cve/CVE-2013-0617.html
support.novell.com/security/cve/CVE-2013-0618.html
support.novell.com/security/cve/CVE-2013-0619.html
support.novell.com/security/cve/CVE-2013-0620.html
support.novell.com/security/cve/CVE-2013-0621.html
support.novell.com/security/cve/CVE-2013-0622.html
support.novell.com/security/cve/CVE-2013-0623.html
support.novell.com/security/cve/CVE-2013-0624.html
support.novell.com/security/cve/CVE-2013-0626.html
support.novell.com/security/cve/CVE-2013-0627.html
www.adobe.com/support/security/bulletins/apsb13-02.html
www.nessus.org/u?98b55da7
www.nessus.org/u?fd281609
bugzilla.novell.com/797529
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.24 Low
EPSS
Percentile
96.6%