Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2017-1669-1.NASL
HistoryJun 27, 2017 - 12:00 a.m.

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2017:1669-1)

2017-06-2700:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
76
JSON

The Mozilla Firefox was updated to the new ESR 52.2 release, which fixes the following issues (bsc#1043960) :

  • MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder

  • MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading

  • MFSA 2017-16/CVE-2017-7751 Use-after-free with content viewer listeners

  • MFSA 2017-16/CVE-2017-5472 Use-after-free using destroyed node when regenerating trees

  • MFSA 2017-16/CVE-2017-5470 Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2

  • MFSA 2017-16/CVE-2017-7752 Use-after-free with IME input

  • MFSA 2017-16/CVE-2017-7750 Use-after-free with track elements

  • MFSA 2017-16/CVE-2017-7768 32 byte arbitrary file read through Mozilla Maintenance Service

  • MFSA 2017-16/CVE-2017-7778 Vulnerabilities in the Graphite 2 library

  • MFSA 2017-16/CVE-2017-7754 Out-of-bounds read in WebGL with ImageInfo object

  • MFSA 2017-16/CVE-2017-7755 Privilege escalation through Firefox Installer with same directory DLL files

  • MFSA 2017-16/CVE-2017-7756 Use-after-free and use-after-scope logging XHR header errors

  • MFSA 2017-16/CVE-2017-7757 Use-after-free in IndexedDB

  • MFSA 2017-16/CVE-2017-7761 File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application

  • MFSA 2017-16/CVE-2017-7763 Mac fonts render some unicode characters as spaces

  • MFSA 2017-16/CVE-2017-7765 Mark of the Web bypass when saving executable files

  • MFSA 2017-16/CVE-2017-7764 (bmo#1364283, bmo#http://www.unicode.org/reports/tr31/tr31-26 .html#Aspirational_Use_Scripts) Domain spoofing with combination of Canadian Syllabics and other unicode blocks

  • update to Firefox ESR 52.1 (bsc#1035082)

  • MFSA 2017-12/CVE-2016-10196 Vulnerabilities in Libevent library

  • MFSA 2017-12/CVE-2017-5443 Out-of-bounds write during BinHex decoding

  • MFSA 2017-12/CVE-2017-5429 Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1

  • MFSA 2017-12/CVE-2017-5464 Memory corruption with accessibility and DOM manipulation

  • MFSA 2017-12/CVE-2017-5465 Out-of-bounds read in ConvolvePixel

  • MFSA 2017-12/CVE-2017-5466 Origin confusion when reloading isolated data:text/html URL

  • MFSA 2017-12/CVE-2017-5467 Memory corruption when drawing Skia content

  • MFSA 2017-12/CVE-2017-5460 Use-after-free in frame selection

  • MFSA 2017-12/CVE-2017-5461 Out-of-bounds write in Base64 encoding in NSS

  • MFSA 2017-12/CVE-2017-5448 Out-of-bounds write in ClearKeyDecryptor

  • MFSA 2017-12/CVE-2017-5449 Crash during bidirectional unicode manipulation with animation

  • MFSA 2017-12/CVE-2017-5446 Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data

  • MFSA 2017-12/CVE-2017-5447 Out-of-bounds read during glyph processing

  • MFSA 2017-12/CVE-2017-5444 Buffer overflow while parsing application/http-index-format content

  • MFSA 2017-12/CVE-2017-5445 Uninitialized values used while parsing application/http- index-format content

  • MFSA 2017-12/CVE-2017-5442 Use-after-free during style changes

  • MFSA 2017-12/CVE-2017-5469 Potential Buffer overflow in flex-generated code

  • MFSA 2017-12/CVE-2017-5440 Use-after-free in txExecutionState destructor during XSLT processing

  • MFSA 2017-12/CVE-2017-5441 Use-after-free with selection during scroll events

  • MFSA 2017-12/CVE-2017-5439 Use-after-free in nsTArray Length() during XSLT processing

  • MFSA 2017-12/CVE-2017-5438 Use-after-free in nsAutoPtr during XSLT processing

  • MFSA 2017-12/CVE-2017-5436 Out-of-bounds write with malicious font in Graphite 2

  • MFSA 2017-12/CVE-2017-5435 Use-after-free during transaction processing in the editor

  • MFSA 2017-12/CVE-2017-5434 Use-after-free during focus handling

  • MFSA 2017-12/CVE-2017-5433 Use-after-free in SMIL animation functions

  • MFSA 2017-12/CVE-2017-5432 Use-after-free in text input selection

  • MFSA 2017-12/CVE-2017-5430 Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1

  • MFSA 2017-12/CVE-2017-5459 Buffer overflow in WebGL

  • MFSA 2017-12/CVE-2017-5462 DRBG flaw in NSS

  • MFSA 2017-12/CVE-2017-5455 Sandbox escape through internal feed reader APIs

  • MFSA 2017-12/CVE-2017-5454 Sandbox escape allowing file system read access through file picker

  • MFSA 2017-12/CVE-2017-5456 Sandbox escape allowing local file system access

  • MFSA 2017-12/CVE-2017-5451 Addressbar spoofing with onblur event

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:1669-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(101055);
  script_version("3.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2016-10196", "CVE-2017-5429", "CVE-2017-5430", "CVE-2017-5432", "CVE-2017-5433", "CVE-2017-5434", "CVE-2017-5435", "CVE-2017-5436", "CVE-2017-5438", "CVE-2017-5439", "CVE-2017-5440", "CVE-2017-5441", "CVE-2017-5442", "CVE-2017-5443", "CVE-2017-5444", "CVE-2017-5445", "CVE-2017-5446", "CVE-2017-5447", "CVE-2017-5448", "CVE-2017-5449", "CVE-2017-5451", "CVE-2017-5454", "CVE-2017-5455", "CVE-2017-5456", "CVE-2017-5459", "CVE-2017-5460", "CVE-2017-5461", "CVE-2017-5462", "CVE-2017-5464", "CVE-2017-5465", "CVE-2017-5466", "CVE-2017-5467", "CVE-2017-5469", "CVE-2017-5470", "CVE-2017-5472", "CVE-2017-7749", "CVE-2017-7750", "CVE-2017-7751", "CVE-2017-7752", "CVE-2017-7754", "CVE-2017-7755", "CVE-2017-7756", "CVE-2017-7757", "CVE-2017-7758", "CVE-2017-7761", "CVE-2017-7763", "CVE-2017-7764", "CVE-2017-7765", "CVE-2017-7768", "CVE-2017-7778");

  script_name(english:"SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2017:1669-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The Mozilla Firefox was updated to the new ESR 52.2 release, which
fixes the following issues (bsc#1043960) :

  - MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus
    encoder

  - MFSA 2017-16/CVE-2017-7749 Use-after-free during
    docshell reloading

  - MFSA 2017-16/CVE-2017-7751 Use-after-free with content
    viewer listeners

  - MFSA 2017-16/CVE-2017-5472 Use-after-free using
    destroyed node when regenerating trees

  - MFSA 2017-16/CVE-2017-5470 Memory safety bugs fixed in
    Firefox 54 and Firefox ESR 52.2

  - MFSA 2017-16/CVE-2017-7752 Use-after-free with IME input

  - MFSA 2017-16/CVE-2017-7750 Use-after-free with track
    elements

  - MFSA 2017-16/CVE-2017-7768 32 byte arbitrary file read
    through Mozilla Maintenance Service

  - MFSA 2017-16/CVE-2017-7778 Vulnerabilities in the
    Graphite 2 library

  - MFSA 2017-16/CVE-2017-7754 Out-of-bounds read in WebGL
    with ImageInfo object

  - MFSA 2017-16/CVE-2017-7755 Privilege escalation through
    Firefox Installer with same directory DLL files

  - MFSA 2017-16/CVE-2017-7756 Use-after-free and
    use-after-scope logging XHR header errors

  - MFSA 2017-16/CVE-2017-7757 Use-after-free in IndexedDB

  - MFSA 2017-16/CVE-2017-7761 File deletion and privilege
    escalation through Mozilla Maintenance Service
    helper.exe application

  - MFSA 2017-16/CVE-2017-7763 Mac fonts render some unicode
    characters as spaces

  - MFSA 2017-16/CVE-2017-7765 Mark of the Web bypass when
    saving executable files

  - MFSA 2017-16/CVE-2017-7764 (bmo#1364283,
    bmo#http://www.unicode.org/reports/tr31/tr31-26
    .html#Aspirational_Use_Scripts) Domain spoofing with
    combination of Canadian Syllabics and other unicode
    blocks

  - update to Firefox ESR 52.1 (bsc#1035082)

  - MFSA 2017-12/CVE-2016-10196 Vulnerabilities in Libevent
    library

  - MFSA 2017-12/CVE-2017-5443 Out-of-bounds write during
    BinHex decoding

  - MFSA 2017-12/CVE-2017-5429 Memory safety bugs fixed in
    Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1

  - MFSA 2017-12/CVE-2017-5464 Memory corruption with
    accessibility and DOM manipulation

  - MFSA 2017-12/CVE-2017-5465 Out-of-bounds read in
    ConvolvePixel

  - MFSA 2017-12/CVE-2017-5466 Origin confusion when
    reloading isolated data:text/html URL

  - MFSA 2017-12/CVE-2017-5467 Memory corruption when
    drawing Skia content

  - MFSA 2017-12/CVE-2017-5460 Use-after-free in frame
    selection

  - MFSA 2017-12/CVE-2017-5461 Out-of-bounds write in Base64
    encoding in NSS

  - MFSA 2017-12/CVE-2017-5448 Out-of-bounds write in
    ClearKeyDecryptor

  - MFSA 2017-12/CVE-2017-5449 Crash during bidirectional
    unicode manipulation with animation

  - MFSA 2017-12/CVE-2017-5446 Out-of-bounds read when
    HTTP/2 DATA frames are sent with incorrect data

  - MFSA 2017-12/CVE-2017-5447 Out-of-bounds read during
    glyph processing

  - MFSA 2017-12/CVE-2017-5444 Buffer overflow while parsing
    application/http-index-format content

  - MFSA 2017-12/CVE-2017-5445 Uninitialized values used
    while parsing application/http- index-format content

  - MFSA 2017-12/CVE-2017-5442 Use-after-free during style
    changes

  - MFSA 2017-12/CVE-2017-5469 Potential Buffer overflow in
    flex-generated code

  - MFSA 2017-12/CVE-2017-5440 Use-after-free in
    txExecutionState destructor during XSLT processing

  - MFSA 2017-12/CVE-2017-5441 Use-after-free with selection
    during scroll events

  - MFSA 2017-12/CVE-2017-5439 Use-after-free in nsTArray
    Length() during XSLT processing

  - MFSA 2017-12/CVE-2017-5438 Use-after-free in nsAutoPtr
    during XSLT processing

  - MFSA 2017-12/CVE-2017-5436 Out-of-bounds write with
    malicious font in Graphite 2

  - MFSA 2017-12/CVE-2017-5435 Use-after-free during
    transaction processing in the editor

  - MFSA 2017-12/CVE-2017-5434 Use-after-free during focus
    handling

  - MFSA 2017-12/CVE-2017-5433 Use-after-free in SMIL
    animation functions

  - MFSA 2017-12/CVE-2017-5432 Use-after-free in text input
    selection

  - MFSA 2017-12/CVE-2017-5430 Memory safety bugs fixed in
    Firefox 53 and Firefox ESR 52.1

  - MFSA 2017-12/CVE-2017-5459 Buffer overflow in WebGL

  - MFSA 2017-12/CVE-2017-5462 DRBG flaw in NSS

  - MFSA 2017-12/CVE-2017-5455 Sandbox escape through
    internal feed reader APIs

  - MFSA 2017-12/CVE-2017-5454 Sandbox escape allowing file
    system read access through file picker

  - MFSA 2017-12/CVE-2017-5456 Sandbox escape allowing local
    file system access

  - MFSA 2017-12/CVE-2017-5451 Addressbar spoofing with
    onblur event

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.unicode.org/reports/tr31/tr31-26"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1035082"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1043960"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2016-10196/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5429/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5430/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5432/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5433/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5434/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5435/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5436/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5438/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5439/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5440/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5441/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5442/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5443/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5444/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5445/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5446/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5447/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5448/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5449/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5451/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5454/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5455/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5456/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5459/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5460/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5461/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5462/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5464/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5465/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5466/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5467/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5469/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5470/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-5472/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7749/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7750/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7751/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7752/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7754/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7755/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7756/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7757/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7758/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7761/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7763/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7764/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7765/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7768/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7778/"
  );
  # https://www.suse.com/support/update/announcement/2017/suse-su-20171669-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?6c4e839e"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE OpenStack Cloud 6:zypper in -t patch
SUSE-OpenStack-Cloud-6-2017-1035=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t
patch SUSE-SLE-SDK-12-SP2-2017-1035=1

SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch
SUSE-SLE-SAP-12-SP1-2017-1035=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch
SUSE-SLE-SAP-12-2017-1035=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
patch SUSE-SLE-RPI-12-SP2-2017-1035=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2017-1035=1

SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-SP1-2017-1035=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-2017-1035=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP2-2017-1035=1

To bring your system up-to-date, use 'zypper patch'."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-branding-SLE");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/03/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/06/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/06/27");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(0|1|2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0/1/2", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-branding-SLE-52-31.1")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-debuginfo-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-debugsource-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-devel-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-translations-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-branding-SLE-52-31.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-debuginfo-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-debugsource-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-devel-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-translations-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-branding-SLE-52-31.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debugsource-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-translations-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-branding-SLE-52-31.1")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debugsource-52.2.0esr-108.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-translations-52.2.0esr-108.3")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-SLE");
}
VendorProductVersionCPE
novellsuse_linuxmozillafirefoxp-cpe:/a:novell:suse_linux:mozillafirefox
novellsuse_linuxmozillafirefox-branding-slep-cpe:/a:novell:suse_linux:mozillafirefox-branding-sle
novellsuse_linuxmozillafirefox-debuginfop-cpe:/a:novell:suse_linux:mozillafirefox-debuginfo
novellsuse_linuxmozillafirefox-debugsourcep-cpe:/a:novell:suse_linux:mozillafirefox-debugsource
novellsuse_linuxmozillafirefox-develp-cpe:/a:novell:suse_linux:mozillafirefox-devel
novellsuse_linuxmozillafirefox-translationsp-cpe:/a:novell:suse_linux:mozillafirefox-translations
novellsuse_linux12cpe:/o:novell:suse_linux:12

References

Related

suse 6
oraclelinux 5
nessus 72
openvas 48
altlinux 5
mageia 5
redhat 5
debian 8
ibm 4
mozilla 7
centos 5
osv 8
kaspersky 4
ubuntu 5
freebsd 3
archlinux 3
gentoo 2
threatpost 1
ubuntucve 1
prion 2
suse
suse
Security update for MozillaFirefox, MozillaFirefox-branding-SLE (important)
2017-06-26 12:10:28
Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (important)
2017-08-22 21:08:17
Security update for Mozilla Firefox (important)
2017-04-25 00:08:46
oraclelinux
oraclelinux
firefox security update
2017-04-20 00:00:00
firefox security update
2017-04-20 00:00:00
thunderbird security update
2017-05-08 00:00:00
nessus
nessus
SUSE SLES11 Security Update : MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (SUSE-SU-2017:2235-1)
2017-08-23 00:00:00
Scientific Linux Security Update : firefox on SL7.x x86_64 (20170420)
2017-04-24 00:00:00
Virtuozzo 7 : firefox (VZLSA-2017-1106)
2017-07-13 00:00:00
openvas
openvas
Mozilla Firefox ESR Security Updates(mfsa_2017-10_2017-12)-MAC OS X
2017-04-20 00:00:00
CentOS Update for firefox CESA-2017:1106 centos7
2017-04-21 00:00:00
RedHat Update for firefox RHSA-2017:1106-01
2017-04-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 52.1.0-alt1
2017-05-02 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 45.9.0-alt1
2017-04-20 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 52.2.0-alt1
2017-06-22 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerability
2017-05-10 23:47:44
Updated firefox packages fix security vulnerability
2017-04-28 01:21:29
Updated thunderbird packages fix security vulnerability and bugs
2017-06-19 10:44:03
redhat
redhat
(RHSA-2017:1106) Critical: firefox security update
2017-04-20 08:50:13
(RHSA-2017:1201) Important: thunderbird security update
2017-05-08 05:16:37
(RHSA-2017:1104) Critical: firefox security update
2017-04-20 06:59:53
debian
debian
[SECURITY] [DLA 906-1] firefox-esr security update
2017-04-21 17:26:13
[SECURITY] [DSA 3831-1] firefox-esr security update
2017-04-19 22:40:29
[SECURITY] [DSA 3881-1] firefox-esr security update
2017-06-14 20:52:21
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified
2018-06-18 00:35:38
Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM SONAS.
2018-06-18 00:35:15
Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified
2018-06-18 00:35:38
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 52.1 — Mozilla
2017-04-19 00:00:00
Security vulnerabilities fixed in Thunderbird 52.1 — Mozilla
2017-04-30 00:00:00
Security vulnerabilities fixed in Firefox ESR 45.9 — Mozilla
2017-04-19 00:00:00
centos
centos
thunderbird security update
2017-05-09 17:01:33
firefox security update
2017-04-20 23:21:25
firefox security update
2017-04-20 22:44:21
osv
osv
firefox-esr - security update
2017-04-20 00:00:00
firefox-esr - security update
2017-04-21 00:00:00
firefox-esr - security update
2017-06-18 00:00:00
kaspersky
kaspersky
KLA11007 Multiple vulnerabilities in Mozilla Thunderbird
2017-04-30 00:00:00
KLA11004 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2017-04-19 00:00:00
KLA11050 Multiple vulnerabilities in Mozilla Thunderbird
2017-06-14 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2017-05-16 00:00:00
Firefox regression
2017-05-11 00:00:00
Firefox vulnerabilities
2017-04-21 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-04-19 00:00:00
mozilla -- multiple vulnerabilities
2017-06-13 00:00:00
NSS -- multiple vulnerabilities
2017-03-17 00:00:00
archlinux
archlinux
[ASA-201704-6] firefox: multiple issues
2017-04-21 00:00:00
[ASA-201706-20] thunderbird: multiple issues
2017-06-16 00:00:00
[ASA-201706-19] firefox: multiple issues
2017-06-16 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2018-02-20 00:00:00
Mozilla Network Security Service (NSS): Multiple vulnerabilities
2017-05-07 00:00:00
threatpost
threatpost
Mozilla Fixes 32 Vulnerabilities in Firefox 54
2017-06-14 15:31:08
ubuntucve
ubuntucve
CVE-2017-7768
2018-06-11 00:00:00
prion
prion
Design/Logic Flaw
2018-06-11 21:29:00
Code injection
2018-06-11 21:29:00
JSON
Related for SUSE_SU-2017-1669-1.NASL
suse6oraclelinux5nessus72openvas48altlinux5mageia5redhat5debian8ibm4mozilla7centos5osv8kaspersky4ubuntu5freebsd3archlinux3gentoo2threatpost1ubuntucve1prion2