{"id": "OPENVAS:67209", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 2025-1 (icedove)", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 2025-1.", "published": "2010-04-06T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=67209", "reporter": "Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-2408", "CVE-2009-3072", "CVE-2009-2463", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-2404"], "lastseen": "2017-07-24T12:49:09", "viewCount": 5, "enchantments": {"score": {"value": 1.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["SENDMAIL_ADVISORY.ASC"]}, {"type": "amazon", "idList": ["ALAS-2013-220", "ALAS-2013-224", "ALAS-2013-241"]}, {"type": "centos", "idList": ["CESA-2009:1162", "CESA-2009:1163", "CESA-2009:1185", "CESA-2009:1430", "CESA-2009:1431", "CESA-2009:1432", "CESA-2010:0153", "CESA-2010:0154", "CESA-2010:0499"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2009-129", "CPAI-2009-165", "CPAI-2010-420", "CPAI-2013-1805"]}, {"type": "cve", "idList": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2417", "CVE-2009-2463", "CVE-2009-2474", "CVE-2009-2510", "CVE-2009-2645", "CVE-2009-2666", "CVE-2009-2700", "CVE-2009-2702", "CVE-2009-2825", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3455", "CVE-2009-3456", "CVE-2009-3475", "CVE-2009-3477", "CVE-2009-3490", "CVE-2009-3639", "CVE-2009-3765", "CVE-2009-3767", "CVE-2009-3941", "CVE-2009-3942", "CVE-2009-4034", "CVE-2009-4565", "CVE-2010-0163", "CVE-2010-1192", "CVE-2010-2074", "CVE-2013-4073", "CVE-2013-4238", "CVE-2013-4248"]}, {"type": "debian", "idList": ["DEBIAN:56C805B941600C7D24189CA65B1A3471:E7DF7", "DEBIAN:779C372FA915304EFB66BDC406B3D840:AD41A", "DEBIAN:C3198C7038C741D18B1B552AA2E029E6:20DB3", "DEBIAN:C3198C7038C741D18B1B552AA2E029E6:E7DF7", "DEBIAN:DSA-1840-1:5A2AB", "DEBIAN:DSA-1874-1:56C30", "DEBIAN:DSA-1885-1:DC8B3", "DEBIAN:DSA-1931-1:3B1F6", "DEBIAN:DSA-2025-1:6CC79", "DEBIAN:F48D57A4E2376B98436012DB92F17BAF:AD41A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-2404", "DEBIANCVE:CVE-2009-2408", "DEBIANCVE:CVE-2009-2417", "DEBIANCVE:CVE-2009-2463", "DEBIANCVE:CVE-2009-2474", "DEBIANCVE:CVE-2009-2666", "DEBIANCVE:CVE-2009-2700", "DEBIANCVE:CVE-2009-2702", "DEBIANCVE:CVE-2009-3456", "DEBIANCVE:CVE-2009-3475", "DEBIANCVE:CVE-2009-3490", "DEBIANCVE:CVE-2009-3639", "DEBIANCVE:CVE-2009-3765", "DEBIANCVE:CVE-2009-3767", "DEBIANCVE:CVE-2009-3941", "DEBIANCVE:CVE-2009-3942", "DEBIANCVE:CVE-2009-4565", "DEBIANCVE:CVE-2010-1192", "DEBIANCVE:CVE-2010-2074", "DEBIANCVE:CVE-2013-4073", "DEBIANCVE:CVE-2013-4238"]}, {"type": "exploitdb", "idList": ["EDB-ID:33128"]}, {"type": "f5", "idList": ["F5:K15638", "F5:K15683", "SOL14909", "SOL15638", "SOL15683"]}, {"type": "fedora", "idList": ["FEDORA:048D210F8A0", "FEDORA:1D7C611126A", "FEDORA:3020E10F86A", "FEDORA:321D510F87A", "FEDORA:3A72D10F881", "FEDORA:42CF310F884", "FEDORA:49E3B10F88A", "FEDORA:4D0E210F890", "FEDORA:4FFB710F893", "FEDORA:52DB510F894", "FEDORA:55C1C10F895", "FEDORA:561C310F890", "FEDORA:58B0F10F896", "FEDORA:5BB9B10F898", "FEDORA:65FAD10F89A", "FEDORA:6883210F89B", "FEDORA:6969410F89C", "FEDORA:6A72A10F89D", "FEDORA:6D64910F89F", "FEDORA:6D79110F8A0", "FEDORA:7301010F8A1", "FEDORA:7CB1010F8A2", "FEDORA:803FD10F8A3", "FEDORA:8049610F8A4", "FEDORA:832B210F8A5", "FEDORA:8357810F8A6", "FEDORA:9C25610F85E", "FEDORA:A7C3410F89D", "FEDORA:A7CB410F8A9", "FEDORA:AAAA010F86F", "FEDORA:AD5CA10F8AB", "FEDORA:B48D110F8AC", "FEDORA:B931210F8AD", "FEDORA:BEEF710F8B0", "FEDORA:BF0A710F8B2", "FEDORA:C220010F8B3", "FEDORA:C235910F8B4", "FEDORA:C601110F8B5", "FEDORA:C712A10F8B6", "FEDORA:D10B610F87A", "FEDORA:D141110F881", "FEDORA:D3A1E10F8B7", "FEDORA:D3C0610F8B8", "FEDORA:D3E9E10F884", "FEDORA:D6BA010F8B9", "FEDORA:D6CEE10F8BA", "FEDORA:DAB6410F88A", "FEDORA:DAC6D10F890", "FEDORA:E088310F8BD", "FEDORA:E159810F893", "FEDORA:E1DB210F894", "FEDORA:E86B510F895", "FEDORA:E872410F896", "FEDORA:EAFCD10F898", "FEDORA:EB09210F89A", "FEDORA:EE0D910F89B", "FEDORA:EE20210F89C", "FEDORA:EFD8F10F89D", "FEDORA:F1D3D10F89F"]}, {"type": "freebsd", "idList": ["49E8F2EE-8147-11DE-A994-0030843D3802", "56CFE192-329F-11DF-ABB2-000F20797EDE", "922D2398-9E2D-11DE-A998-0030843D3802", "E7BC5600-EAA0-11DE-BD9C-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}, {"type": "mozilla", "idList": ["MFSA2009-34", "MFSA2009-42", "MFSA2009-43", "MFSA2009-47", "MFSA2010-07"]}, {"type": "nessus", "idList": ["5101.PRM", "5113.PRM", "5152.PRM", "5161.PRM", "5227.PRM", "5353.PRM", "5479.PRM", "5480.PRM", "800767.PRM", "800771.PRM", "800795.PRM", "801235.PRM", "801349.PRM", "AIX_IZ70637.NASL", "AIX_IZ72510.NASL", "AIX_IZ72515.NASL", "AIX_IZ72528.NASL", "AIX_IZ72834.NASL", "AIX_IZ72835.NASL", "AIX_IZ72836.NASL", "AIX_IZ72837.NASL", "ALA_ALAS-2013-220.NASL", "ALA_ALAS-2013-224.NASL", "ALA_ALAS-2013-241.NASL", "CENTOS_RHSA-2009-1162.NASL", "CENTOS_RHSA-2009-1163.NASL", "CENTOS_RHSA-2009-1185.NASL", "CENTOS_RHSA-2009-1430.NASL", "CENTOS_RHSA-2009-1431.NASL", "CENTOS_RHSA-2009-1432.NASL", "CENTOS_RHSA-2010-0153.NASL", "CENTOS_RHSA-2010-0154.NASL", "CENTOS_RHSA-2010-0499.NASL", "DEBIAN_DSA-1840.NASL", "DEBIAN_DSA-1874.NASL", "DEBIAN_DSA-1885.NASL", "DEBIAN_DSA-1931.NASL", "DEBIAN_DSA-2025.NASL", "FEDORA_2009-7961.NASL", "FEDORA_2009-9494.NASL", "FEDORA_2009-9505.NASL", "FEDORA_2010-7100.NASL", "FREEBSD_PKG_49E8F2EE814711DEA9940030843D3802.NASL", "FREEBSD_PKG_56CFE192329F11DFABB2000F20797EDE.NASL", "FREEBSD_PKG_922D23989E2D11DEA9980030843D3802.NASL", "FREEBSD_PKG_E7BC5600EAA011DEBD9C00215C6A37BB.NASL", "GENTOO_GLSA-201301-01.NASL", "MACOSX_10_6_2.NASL", "MACOSX_SECUPD2009-006.NASL", "MANDRIVA_MDVSA-2009-182.NASL", "MANDRIVA_MDVSA-2009-197.NASL", "MANDRIVA_MDVSA-2009-198.NASL", "MANDRIVA_MDVSA-2009-201.NASL", "MANDRIVA_MDVSA-2009-203.NASL", "MANDRIVA_MDVSA-2009-206.NASL", "MANDRIVA_MDVSA-2009-217.NASL", "MANDRIVA_MDVSA-2009-221.NASL", "MANDRIVA_MDVSA-2009-225.NASL", "MANDRIVA_MDVSA-2009-236.NASL", "MANDRIVA_MDVSA-2009-288.NASL", "MANDRIVA_MDVSA-2009-315.NASL", "MANDRIVA_MDVSA-2010-003.NASL", "MANDRIVA_MDVSA-2010-026.NASL", "MANDRIVA_MDVSA-2010-027.NASL", "MANDRIVA_MDVSA-2010-028.NASL", "MANDRIVA_MDVSA-2010-071.NASL", "MANDRIVA_MDVSA-2010-195.NASL", "MANDRIVA_MDVSA-2011-162.NASL", "MANDRIVA_MDVSA-2013-221.NASL", "MANDRIVA_MDVSA-2014-014.NASL", "MOZILLA_FIREFOX_3012.NASL", "MOZILLA_FIREFOX_3013.NASL", "MOZILLA_FIREFOX_3014.NASL", "MOZILLA_FIREFOX_352.NASL", "MOZILLA_FIREFOX_353.NASL", "MOZILLA_THUNDERBIRD_20023.NASL", "MOZILLA_THUNDERBIRD_20024.NASL", "NEWSTART_CGSL_NS-SA-2019-0008_PYTHON.NASL", "ORACLELINUX_ELSA-2009-1162.NASL", "ORACLELINUX_ELSA-2009-1163.NASL", "ORACLELINUX_ELSA-2009-1184.NASL", "ORACLELINUX_ELSA-2009-1185.NASL", "ORACLELINUX_ELSA-2009-1430.NASL", "ORACLELINUX_ELSA-2009-1431.NASL", "ORACLELINUX_ELSA-2009-1432.NASL", "ORACLELINUX_ELSA-2010-0154.NASL", "ORACLELINUX_ELSA-2010-0499.NASL", "REDHAT-RHSA-2009-1162.NASL", "REDHAT-RHSA-2009-1163.NASL", "REDHAT-RHSA-2009-1184.NASL", "REDHAT-RHSA-2009-1185.NASL", "REDHAT-RHSA-2009-1186.NASL", "REDHAT-RHSA-2009-1190.NASL", "REDHAT-RHSA-2009-1207.NASL", "REDHAT-RHSA-2009-1430.NASL", "REDHAT-RHSA-2009-1431.NASL", "REDHAT-RHSA-2009-1432.NASL", "REDHAT-RHSA-2010-0153.NASL", "REDHAT-RHSA-2010-0154.NASL", "REDHAT-RHSA-2010-0499.NASL", "SEAMONKEY_1118.NASL", "SEAMONKEY_1119.NASL", "SL_20090722_FIREFOX_ON_SL4_X.NASL", "SL_20090722_SEAMONKEY_ON_SL4_X.NASL", "SL_20090723_FIREFOX_ON_SL4_X.NASL", "SL_20090723_FIREFOX_ON_SL5_X.NASL", "SL_20090723_SEAMONKEY_ON_SL4_X.NASL", "SL_20090728_SEAMONKEY_ON_SL3_0.NASL", "SL_20090730_SEAMONKEY_ON_SL3_X.NASL", "SL_20090731_NSPR_AND_NSS_FOR_SL_4_X.NASL", "SL_20090731_NSPR_AND_NSS_FOR_SL_5_X.NASL", "SL_20090909_FIREFOX_ON_SL4_X.NASL", "SL_20090909_SEAMONKEY_ON_SL3_X.NASL", "SL_20100317_THUNDERBIRD_ON_SL4_X.NASL", "SL_20100622_SEAMONKEY_ON_SL3_X.NASL", "SOLARIS11_PHP_20140401.NASL", "SOLARIS11_PHP_20140522.NASL", "SOLARIS11_RUBY_20130924.NASL", "SUSE9_12505.NASL", "SUSE9_12506.NASL", "SUSE9_12521.NASL", "SUSE9_12616.NASL", "SUSE_11_0_LIBFREEBL3-090812.NASL", "SUSE_11_0_LIBLDAP-2_4-2-090909.NASL", "SUSE_11_0_LIBNEON-DEVEL-091012.NASL", "SUSE_11_0_MOZILLAFIREFOX-090724.NASL", "SUSE_11_0_MOZILLAFIREFOX-090916.NASL", "SUSE_11_0_MOZILLATHUNDERBIRD-090914.NASL", "SUSE_11_0_MOZILLATHUNDERBIRD-100324.NASL", "SUSE_11_0_MUTT-090909.NASL", "SUSE_11_0_SEAMONKEY-091007.NASL", "SUSE_11_0_SEAMONKEY-100430.NASL", "SUSE_11_1_LIBFREEBL3-090812.NASL", "SUSE_11_1_LIBLDAP-2_4-2-090909.NASL", "SUSE_11_1_LIBNEON-DEVEL-091012.NASL", "SUSE_11_1_MOZILLAFIREFOX-090724.NASL", "SUSE_11_1_MOZILLAFIREFOX-090916.NASL", "SUSE_11_1_MOZILLATHUNDERBIRD-090914.NASL", "SUSE_11_1_MOZILLATHUNDERBIRD-100324.NASL", "SUSE_11_1_MUTT-090909.NASL", "SUSE_11_1_SEAMONKEY-091007.NASL", "SUSE_11_1_SEAMONKEY-100430.NASL", "SUSE_11_LIBFREEBL3-090812.NASL", "SUSE_11_LIBLDAP-2_4-2-090915.NASL", "SUSE_11_LIBNEON-DEVEL-091012.NASL", "SUSE_11_MOZILLA-XULRUNNER190-090917.NASL", "SUSE_11_MOZILLA-XULRUNNER190-090922.NASL", "SUSE_11_MOZILLAFIREFOX-090724.NASL", "SUSE_11_MOZILLAFIREFOX-090924.NASL", "SUSE_11_MOZILLATHUNDERBIRD-090915.NASL", "SUSE_11_MUTT-090909.NASL", "SUSE_FIREFOX35UPGRADE-6562.NASL", "SUSE_FIREFOX35UPGRADE-6563.NASL", "SUSE_LIBFREEBL3-6494.NASL", "SUSE_LIBLDAP-2_4-2-6488.NASL", "SUSE_LIBNEON-DEVEL-6550.NASL", "SUSE_MOZILLA-NSPR-6541.NASL", "SUSE_MOZILLAFIREFOX-6379.NASL", "SUSE_MOZILLAFIREFOX-6495.NASL", "SUSE_MOZILLAFIREFOX-6562.NASL", "SUSE_MOZILLATHUNDERBIRD-6493.NASL", "SUSE_MUTT-6484.NASL", "SUSE_MUTT-6487.NASL", "SUSE_NEON-6548.NASL", "SUSE_NEON-6549.NASL", "SUSE_OPENLDAP2-6485.NASL", "SUSE_OPENLDAP2-6598.NASL", "SUSE_SEAMONKEY-6538.NASL", "UBUNTU_USN-798-1.NASL", "UBUNTU_USN-810-1.NASL", "UBUNTU_USN-810-2.NASL", "UBUNTU_USN-810-3.NASL", "UBUNTU_USN-821-1.NASL", "UBUNTU_USN-915-1.NASL", "VMWARE_VMSA-2010-0001.NASL", "VMWARE_VMSA-2010-0001_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:102038", "OPENVAS:1361412562310102038", "OPENVAS:1361412562310120120", "OPENVAS:1361412562310120376", "OPENVAS:1361412562310120380", "OPENVAS:1361412562310121000", "OPENVAS:1361412562310122439", "OPENVAS:1361412562310122461", "OPENVAS:1361412562310122464", "OPENVAS:1361412562310122465", "OPENVAS:136141256231064450", "OPENVAS:136141256231064451", "OPENVAS:136141256231064468", "OPENVAS:136141256231064479", "OPENVAS:136141256231064484", "OPENVAS:136141256231064492", "OPENVAS:136141256231064494", "OPENVAS:136141256231064508", "OPENVAS:136141256231064509", "OPENVAS:136141256231064510", "OPENVAS:136141256231064513", "OPENVAS:136141256231064525", "OPENVAS:136141256231064528", "OPENVAS:136141256231064577", "OPENVAS:136141256231064587", "OPENVAS:136141256231064597", "OPENVAS:136141256231064604", "OPENVAS:136141256231064607", "OPENVAS:136141256231064609", "OPENVAS:136141256231064657", "OPENVAS:136141256231064675", "OPENVAS:136141256231064678", "OPENVAS:136141256231064688", "OPENVAS:136141256231064689", "OPENVAS:136141256231064693", "OPENVAS:136141256231064758", "OPENVAS:136141256231064832", "OPENVAS:136141256231064833", "OPENVAS:136141256231064834", "OPENVAS:136141256231064836", "OPENVAS:136141256231064841", "OPENVAS:136141256231064842", "OPENVAS:136141256231064854", "OPENVAS:136141256231064855", "OPENVAS:136141256231064870", "OPENVAS:136141256231064897", "OPENVAS:136141256231064902", "OPENVAS:136141256231064903", "OPENVAS:136141256231064904", "OPENVAS:136141256231064910", "OPENVAS:136141256231065253", "OPENVAS:136141256231065505", "OPENVAS:136141256231065696", "OPENVAS:136141256231065705", "OPENVAS:136141256231065720", "OPENVAS:136141256231065721", "OPENVAS:136141256231065726", "OPENVAS:136141256231065727", "OPENVAS:136141256231065736", "OPENVAS:136141256231065737", "OPENVAS:136141256231065858", "OPENVAS:136141256231065900", "OPENVAS:136141256231066059", "OPENVAS:136141256231066072", "OPENVAS:136141256231066076", "OPENVAS:136141256231066077", "OPENVAS:136141256231066091", "OPENVAS:136141256231066104", "OPENVAS:136141256231066211", "OPENVAS:136141256231066215", "OPENVAS:136141256231066225", "OPENVAS:136141256231066235", "OPENVAS:136141256231066361", "OPENVAS:136141256231066362", "OPENVAS:136141256231066376", "OPENVAS:136141256231066384", "OPENVAS:136141256231066388", "OPENVAS:136141256231066396", "OPENVAS:136141256231066492", "OPENVAS:136141256231066611", "OPENVAS:136141256231067138", "OPENVAS:136141256231067209", "OPENVAS:1361412562310800915", "OPENVAS:1361412562310800920", "OPENVAS:1361412562310830820", "OPENVAS:1361412562310830846", "OPENVAS:1361412562310830852", "OPENVAS:1361412562310830855", "OPENVAS:1361412562310831195", "OPENVAS:1361412562310831482", "OPENVAS:1361412562310840402", "OPENVAS:1361412562310861922", "OPENVAS:1361412562310870234", "OPENVAS:1361412562310870283", "OPENVAS:1361412562310880375", "OPENVAS:1361412562310880404", "OPENVAS:1361412562310880629", "OPENVAS:1361412562310880703", "OPENVAS:1361412562310880726", "OPENVAS:1361412562310880728", "OPENVAS:1361412562310880740", "OPENVAS:1361412562310880821", "OPENVAS:1361412562310880896", "OPENVAS:1361412562310880901", "OPENVAS:1361412562310900396", "OPENVAS:1361412562310900397", "OPENVAS:1361412562310900801", "OPENVAS:1361412562310900802", "OPENVAS:1361412562310900843", "OPENVAS:1361412562310900845", "OPENVAS:1361412562310900847", "OPENVAS:1361412562310900849", "OPENVAS:1361412562310902142", "OPENVAS:1361412562310902143", "OPENVAS:1361412562311220191428", "OPENVAS:1361412562311220191434", "OPENVAS:1361412562311220191544", "OPENVAS:64450", "OPENVAS:64451", "OPENVAS:64468", "OPENVAS:64479", "OPENVAS:64484", "OPENVAS:64486", "OPENVAS:64487", "OPENVAS:64492", "OPENVAS:64494", "OPENVAS:64508", "OPENVAS:64509", "OPENVAS:64510", "OPENVAS:64513", "OPENVAS:64525", "OPENVAS:64528", "OPENVAS:64573", "OPENVAS:64574", "OPENVAS:64577", "OPENVAS:64587", "OPENVAS:64597", "OPENVAS:64604", "OPENVAS:64607", "OPENVAS:64609", "OPENVAS:64657", "OPENVAS:64675", "OPENVAS:64678", "OPENVAS:64688", "OPENVAS:64689", "OPENVAS:64693", "OPENVAS:64758", "OPENVAS:64832", "OPENVAS:64833", "OPENVAS:64834", "OPENVAS:64836", "OPENVAS:64841", "OPENVAS:64842", "OPENVAS:64854", "OPENVAS:64855", "OPENVAS:64870", "OPENVAS:64889", "OPENVAS:64897", "OPENVAS:64902", "OPENVAS:64903", "OPENVAS:64904", "OPENVAS:64910", "OPENVAS:65253", "OPENVAS:65505", "OPENVAS:65696", "OPENVAS:65705", "OPENVAS:65720", "OPENVAS:65721", "OPENVAS:65726", "OPENVAS:65727", "OPENVAS:65736", "OPENVAS:65737", "OPENVAS:65858", "OPENVAS:65900", "OPENVAS:66059", "OPENVAS:66072", "OPENVAS:66076", "OPENVAS:66077", "OPENVAS:66091", "OPENVAS:66104", "OPENVAS:66211", "OPENVAS:66215", "OPENVAS:66225", "OPENVAS:66235", "OPENVAS:66361", "OPENVAS:66362", "OPENVAS:66376", "OPENVAS:66384", "OPENVAS:66388", "OPENVAS:66396", "OPENVAS:66492", "OPENVAS:66611", "OPENVAS:67138", "OPENVAS:800915", "OPENVAS:800920", "OPENVAS:830820", "OPENVAS:830846", "OPENVAS:830852", "OPENVAS:830855", "OPENVAS:831195", "OPENVAS:831482", "OPENVAS:840402", "OPENVAS:861922", "OPENVAS:870234", "OPENVAS:870283", "OPENVAS:880375", "OPENVAS:880404", "OPENVAS:880629", "OPENVAS:880703", "OPENVAS:880726", "OPENVAS:880728", "OPENVAS:880740", "OPENVAS:880821", "OPENVAS:880896", "OPENVAS:880901", "OPENVAS:900396", "OPENVAS:900397", "OPENVAS:900801", "OPENVAS:900802", "OPENVAS:900843", "OPENVAS:900845", "OPENVAS:900847", "OPENVAS:900849", "OPENVAS:902142", "OPENVAS:902143"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2010-099504"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1162", "ELSA-2009-1163", "ELSA-2009-1184", "ELSA-2009-1186", "ELSA-2009-1430", "ELSA-2009-1431", "ELSA-2010-0154", "ELSA-2010-0499"]}, {"type": "osv", "idList": ["OSV:DSA-1840-1", "OSV:DSA-1874-1", "OSV:DSA-1885-1", "OSV:DSA-1931-1", "OSV:DSA-2025-1"]}, {"type": "redhat", "idList": ["RHSA-2009:1162", "RHSA-2009:1163", "RHSA-2009:1184", "RHSA-2009:1185", "RHSA-2009:1186", "RHSA-2009:1190", "RHSA-2009:1207", "RHSA-2009:1430", "RHSA-2009:1431", "RHSA-2009:1432", "RHSA-2010:0153", "RHSA-2010:0154", "RHSA-2010:0499"]}, {"type": "rubygems", "idList": ["RUBY:RUBY-2013-4073-94628"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22197", "SECURITYVULNS:DOC:22253", "SECURITYVULNS:DOC:22254", "SECURITYVULNS:DOC:22276", "SECURITYVULNS:DOC:22330", "SECURITYVULNS:DOC:22379", "SECURITYVULNS:DOC:22430", "SECURITYVULNS:DOC:22452", "SECURITYVULNS:DOC:23050", "SECURITYVULNS:DOC:23546", "SECURITYVULNS:DOC:24857", "SECURITYVULNS:DOC:29719", "SECURITYVULNS:DOC:30264", "SECURITYVULNS:VULN:10089", "SECURITYVULNS:VULN:10121", "SECURITYVULNS:VULN:10154", "SECURITYVULNS:VULN:10231", "SECURITYVULNS:VULN:10745", "SECURITYVULNS:VULN:10767", "SECURITYVULNS:VULN:13257"]}, {"type": "seebug", "idList": ["SSV:11869", "SSV:11949", "SSV:11950", "SSV:12447", "SSV:19295", "SSV:19323", "SSV:96525"]}, {"type": "suse", "idList": ["SUSE-SA:2009:039", "SUSE-SA:2009:042", "SUSE-SA:2009:048"]}, {"type": "talos", "idList": ["TALOS-2017-0294"]}, {"type": "threatpost", "idList": ["THREATPOST:E8934170DFDD56E0C8B8F5EA86038B74"]}, {"type": "ubuntu", "idList": ["USN-798-1", "USN-810-1", "USN-810-2", "USN-810-3", "USN-821-1", "USN-915-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-2404", "UB:CVE-2009-2408", "UB:CVE-2009-2417", "UB:CVE-2009-2463", "UB:CVE-2009-2474", "UB:CVE-2009-2666", "UB:CVE-2009-2700", "UB:CVE-2009-2702", "UB:CVE-2009-3072", "UB:CVE-2009-3075", "UB:CVE-2009-3475", "UB:CVE-2009-3490", "UB:CVE-2009-3639", "UB:CVE-2009-3765", "UB:CVE-2009-3767", "UB:CVE-2009-3941", "UB:CVE-2009-3942", "UB:CVE-2009-4034", "UB:CVE-2009-4565", "UB:CVE-2010-0163", "UB:CVE-2010-1192", "UB:CVE-2010-2074", "UB:CVE-2013-4073", "UB:CVE-2013-4238", "UB:CVE-2013-4248"]}, {"type": "veracode", "idList": ["VERACODE:23693", "VERACODE:23694", "VERACODE:23796", "VERACODE:23850", "VERACODE:23852", "VERACODE:23996"]}, {"type": "vmware", "idList": ["VMSA-2010-0001", "VMSA-2010-0001.1"]}]}, "backreferences": {"references": [{"type": "aix", "idList": ["SENDMAIL_ADVISORY.ASC"]}, {"type": "amazon", "idList": ["ALAS-2013-224"]}, {"type": "centos", "idList": ["CESA-2009:1162", "CESA-2009:1163", "CESA-2009:1185", "CESA-2009:1430", "CESA-2009:1431", "CESA-2009:1432", "CESA-2010:0153", "CESA-2010:0154", "CESA-2010:0499"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2009-129"]}, {"type": "cve", "idList": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2010-0163"]}, {"type": "debian", "idList": ["DEBIAN:56C805B941600C7D24189CA65B1A3471:E7DF7", "DEBIAN:DSA-1885-1:DC8B3", "DEBIAN:DSA-1931-1:3B1F6", "DEBIAN:DSA-2025-1:6CC79"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-2404"]}, {"type": "exploitdb", "idList": ["EDB-ID:33128"]}, {"type": "f5", "idList": ["SOL14909", "SOL15638", "SOL15683"]}, {"type": "fedora", "idList": ["FEDORA:1D7C611126A", "FEDORA:52DB510F894", "FEDORA:803FD10F8A3", "FEDORA:D3E9E10F884"]}, {"type": "freebsd", "idList": ["49E8F2EE-8147-11DE-A994-0030843D3802", "56CFE192-329F-11DF-ABB2-000F20797EDE", "922D2398-9E2D-11DE-A998-0030843D3802", "E7BC5600-EAA0-11DE-BD9C-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/FREEBSD-VID-5179D85C-8683-11DE-91B9-0022157515B2/"]}, {"type": "mozilla", "idList": ["MFSA2009-47"]}, {"type": "nessus", "idList": ["800767.PRM", "CENTOS_RHSA-2009-1162.NASL", "MANDRIVA_MDVSA-2009-197.NASL", "MANDRIVA_MDVSA-2009-198.NASL", "MOZILLA_FIREFOX_3014.NASL", "MOZILLA_THUNDERBIRD_20023.NASL", "REDHAT-RHSA-2009-1184.NASL", "REDHAT-RHSA-2009-1185.NASL", "REDHAT-RHSA-2010-0153.NASL", "REDHAT-RHSA-2010-0154.NASL", "SL_20090722_SEAMONKEY_ON_SL4_X.NASL", "SL_20090723_FIREFOX_ON_SL4_X.NASL", "SL_20090731_NSPR_AND_NSS_FOR_SL_4_X.NASL", "SL_20100317_THUNDERBIRD_ON_SL4_X.NASL", "SUSE_11_1_MOZILLAFIREFOX-090916.NASL", "SUSE_11_1_SEAMONKEY-100430.NASL", "SUSE_11_LIBNEON-DEVEL-091012.NASL", "SUSE_FIREFOX35UPGRADE-6563.NASL", "SUSE_MUTT-6484.NASL", "UBUNTU_USN-810-2.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121000", "OPENVAS:136141256231064451", "OPENVAS:136141256231064528", "OPENVAS:136141256231064657", "OPENVAS:136141256231064675", "OPENVAS:136141256231064693", "OPENVAS:136141256231064904", "OPENVAS:136141256231066396", "OPENVAS:1361412562310800915", "OPENVAS:1361412562310800920", "OPENVAS:1361412562310830855", "OPENVAS:1361412562310900843", "OPENVAS:1361412562310900847", "OPENVAS:1361412562311220191428", "OPENVAS:64587", "OPENVAS:64855", "OPENVAS:66104", "OPENVAS:800915", "OPENVAS:861922", "OPENVAS:880703", "OPENVAS:900843", "OPENVAS:900849"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2010-099504"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1163", "ELSA-2009-1430"]}, {"type": "redhat", "idList": ["RHSA-2009:1163", "RHSA-2009:1185", "RHSA-2009:1430", "RHSA-2010:0499"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10231"]}, {"type": "seebug", "idList": ["SSV:12447"]}, {"type": "suse", "idList": ["SUSE-SA:2009:039"]}, {"type": "talos", "idList": ["TALOS-2017-0294"]}, {"type": "threatpost", "idList": ["THREATPOST:E8934170DFDD56E0C8B8F5EA86038B74"]}, {"type": "ubuntu", "idList": ["USN-810-1", "USN-810-2", "USN-810-3"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-2404"]}, {"type": "vmware", "idList": ["VMSA-2010-0001"]}]}, "exploitation": null, "vulnersScore": 1.4}, "pluginID": "67209", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2025_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2025-1 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Icedove\nmail client, an unbranded version of the Thunderbird mail client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2009-2408\n\nDan Kaminsky and Moxie Marlinspike discovered that icedove does not\nproperly handle a '\\0' character in a domain name in the subject's\nCommon Name (CN) field of an X.509 certificate (MFSA 2009-42).\n\nCVE-2009-2404\n\nMoxie Marlinspike reported a heap overflow vulnerability in the code\nthat handles regular expressions in certificate names (MFSA 2009-43).\n\nCVE-2009-2463\n\nmonarch2020 discovered an integer overflow n a base64 decoding function\n(MFSA 2010-07).\n\nCVE-2009-3072\n\nJosh Soref discovered a crash in the BinHex decoder (MFSA 2010-07).\n\nCVE-2009-3075\n\nCarsten Book reported a crash in the JavaScript engine (MFSA 2010-07).\n\nCVE-2010-0163\n\nLudovic Hirlimann reported a crash indexing some messages with\nattachments, which could lead to the execution of arbitrary code\n(MFSA 2010-07).\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.0.0.24-0lenny1.\n\nDue to a problem with the archive system it is not possible to release\nall architectures. The missing architectures will be installed into the\narchive once they become available.\n\nFor the testing distribution squeeze and the unstable distribution (sid),\nthese problems will be fixed soon.\n\n\nWe recommend that you upgrade your icedove packages.\";\ntag_summary = \"The remote host is missing an update to icedove\nannounced via advisory DSA 2025-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202025-1\";\n\n\nif(description)\n{\n script_id(67209);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-06 21:31:38 +0200 (Tue, 06 Apr 2010)\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2404\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2010-0163\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2025-1 (icedove)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1660004461, "score": 1659837467}, "_internal": {"score_hash": "50e1ed27fbb34ddb684193ee71ea4833"}}
{"nessus": [{"lastseen": "2023-01-11T15:04:17", "description": "Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate (MFSA 2009-42).\n\n - CVE-2009-2404 Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names (MFSA 2009-43).\n\n - CVE-2009-2463 monarch2020 discovered an integer overflow in a base64 decoding function (MFSA 2010-07).\n\n - CVE-2009-3072 Josh Soref discovered a crash in the BinHex decoder (MFSA 2010-07).\n\n - CVE-2009-3075 Carsten Book reported a crash in the JavaScript engine (MFSA 2010-07).\n\n - CVE-2010-0163 Ludovic Hirlimann reported a crash indexing some messages with attachments, which could lead to the execution of arbitrary code (MFSA 2010-07).", "cvss3": {}, "published": "2010-04-01T00:00:00", "type": "nessus", "title": "Debian DSA-2025-1 : icedove - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2010-0163"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:icedove", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2025.NASL", "href": "https://www.tenable.com/plugins/nessus/45397", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2025. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(45397);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2010-0163\");\n script_bugtraq_id(35769, 35888, 35891, 36343, 38831);\n script_xref(name:\"DSA\", value:\"2025\");\n\n script_name(english:\"Debian DSA-2025-1 : icedove - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the Icedove\nmail client, an unbranded version of the Thunderbird mail client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2009-2408\n Dan Kaminsky and Moxie Marlinspike discovered that\n icedove does not properly handle a '\\0' character in a\n domain name in the subject's Common Name (CN) field of\n an X.509 certificate (MFSA 2009-42).\n\n - CVE-2009-2404\n Moxie Marlinspike reported a heap overflow vulnerability\n in the code that handles regular expressions in\n certificate names (MFSA 2009-43).\n\n - CVE-2009-2463\n monarch2020 discovered an integer overflow in a base64\n decoding function (MFSA 2010-07).\n\n - CVE-2009-3072\n Josh Soref discovered a crash in the BinHex decoder\n (MFSA 2010-07).\n\n - CVE-2009-3075\n Carsten Book reported a crash in the JavaScript engine\n (MFSA 2010-07).\n\n - CVE-2010-0163\n Ludovic Hirlimann reported a crash indexing some\n messages with attachments, which could lead to the\n execution of arbitrary code (MFSA 2010-07).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-0163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2025\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the icedove packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.0.0.24-0lenny1.\n\nDue to a problem with the archive system it is not possible to release\nall architectures. The missing architectures will be installed into\nthe archive once they become available.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"icedove\", reference:\"2.0.0.24-0lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"icedove-dbg\", reference:\"2.0.0.24-0lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"icedove-dev\", reference:\"2.0.0.24-0lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"icedove-gnome-support\", reference:\"2.0.0.24-0lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:11:06", "description": "The installed version of SeaMonkey is earlier than 1.1.18. Such versions are potentially affected by the following security issues :\n\n - The browser can be fooled into trusting a malicious SSL server certificate with a null character in the host name.\n (MFSA 2009-42)\n\n - A heap overflow in the code that handles regular expressions in certificate names can lead to arbitrary code execution. (MFSA 2009-43)", "cvss3": {}, "published": "2009-09-04T00:00:00", "type": "nessus", "title": "SeaMonkey < 1.1.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2018-07-27T00:00:00", "cpe": ["cpe:/a:mozilla:seamonkey"], "id": "SEAMONKEY_1118.NASL", "href": "https://www.tenable.com/plugins/nessus/40874", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(40874);\n script_version(\"1.15\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n script_bugtraq_id(35888, 35891);\n script_xref(name:\"Secunia\", value:\"36125\");\n\n script_name(english:\"SeaMonkey < 1.1.18 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of SeaMonkey\");\n\n script_set_attribute( attribute:\"synopsis\", value:\n\"A web browser on the remote host is affected by multiple\nvulnerabilities.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The installed version of SeaMonkey is earlier than 1.1.18. Such\nversions are potentially affected by the following security issues :\n\n - The browser can be fooled into trusting a malicious SSL\n server certificate with a null character in the host name.\n (MFSA 2009-42)\n\n - A heap overflow in the code that handles regular\n expressions in certificate names can lead to\n arbitrary code execution. (MFSA 2009-43)\" );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-42/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-43/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to SeaMonkey 1.1.18 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 310);\n script_set_attribute(\n attribute:\"vuln_publication_date\",\n value:\"2009/07/30\"\n );\n script_set_attribute(\n attribute:\"patch_publication_date\",\n value:\"2009/09/03\"\n );\n script_set_attribute(\n attribute:\"plugin_publication_date\",\n value:\"2009/09/04\"\n );\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:seamonkey\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"SeaMonkey/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/SeaMonkey/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"SeaMonkey\");\n\nmozilla_check_version(installs:installs, product:'seamonkey', fix:'1.1.18', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:11:50", "description": "The Mozilla NSS and dependend libraries were updated to fix various issues.\n\nCVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function.\n\nMFSA 2009-42 / CVE-2009-2408: IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target.\nThese certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.", "cvss3": {}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : libfreebl3 (libfreebl3-6494)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr", "p-cpe:/a:novell:opensuse:mozilla-nspr-32bit", "p-cpe:/a:novell:opensuse:mozilla-nspr-devel", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_LIBFREEBL3-6494.NASL", "href": "https://www.tenable.com/plugins/nessus/42013", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libfreebl3-6494.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42013);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n\n script_name(english:\"openSUSE 10 Security Update : libfreebl3 (libfreebl3-6494)\");\n script_summary(english:\"Check for the libfreebl3-6494 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla NSS and dependend libraries were updated to fix various\nissues.\n\nCVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a\nregular-expression parser in Mozilla Network Security Services (NSS)\nbefore 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution,\nPidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via a long domain name in the subject's Common Name\n(CN) field of an X.509 certificate, related to the cert_TestHostName\nfunction.\n\nMFSA 2009-42 / CVE-2009-2408: IOActive security researcher Dan\nKaminsky reported a mismatch in the treatment of domain names in SSL\ncertificates between SSL clients and the Certificate Authorities (CA)\nwhich issue server certificates. In particular, if a malicious person\nrequested a certificate for a host name with an invalid null character\nin it most CAs would issue the certificate if the requester owned the\ndomain specified after the null, while most SSL clients (browsers)\nignored that part of the name and used the unvalidated part in front\nof the null. This made it possible for attackers to obtain\ncertificates that would function for any site they wished to target.\nThese certificates could be used to intercept and potentially alter\nencrypted communication between the client and a server such as\nsensitive bank account transactions. This vulnerability was\nindependently reported to us by researcher Moxie Marlinspike who also\nnoted that since Firefox relies on SSL to protect the integrity of\nsecurity updates this attack could be used to serve malicious updates.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libfreebl3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libfreebl3-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mozilla-nspr-4.7.1-46.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mozilla-nspr-devel-4.7.1-46.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mozilla-nss-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mozilla-nss-devel-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mozilla-nss-tools-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.7.1-46.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.3.1-1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-nss\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:07:38", "description": "The Mozilla NSS security framework was updated to version 3.12.3.1.\n\nCVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function.\n\nMFSA 2009-42 / CVE-2009-2408: IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target.\nThese certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.", "cvss3": {}, "published": "2009-08-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libfreebl3 (libfreebl3-1201)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_LIBFREEBL3-090812.NASL", "href": "https://www.tenable.com/plugins/nessus/40652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libfreebl3-1201.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40652);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : libfreebl3 (libfreebl3-1201)\");\n script_summary(english:\"Check for the libfreebl3-1201 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla NSS security framework was updated to version 3.12.3.1.\n\nCVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a\nregular-expression parser in Mozilla Network Security Services (NSS)\nbefore 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution,\nPidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via a long domain name in the subject's Common Name\n(CN) field of an X.509 certificate, related to the cert_TestHostName\nfunction.\n\nMFSA 2009-42 / CVE-2009-2408: IOActive security researcher Dan\nKaminsky reported a mismatch in the treatment of domain names in SSL\ncertificates between SSL clients and the Certificate Authorities (CA)\nwhich issue server certificates. In particular, if a malicious person\nrequested a certificate for a host name with an invalid null character\nin it most CAs would issue the certificate if the requester owned the\ndomain specified after the null, while most SSL clients (browsers)\nignored that part of the name and used the unvalidated part in front\nof the null. This made it possible for attackers to obtain\ncertificates that would function for any site they wished to target.\nThese certificates could be used to intercept and potentially alter\nencrypted communication between the client and a server such as\nsensitive bank account transactions. This vulnerability was\nindependently reported to us by researcher Moxie Marlinspike who also\nnoted that since Firefox relies on SSL to protect the integrity of\nsecurity updates this attack could be used to serve malicious updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=522602\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libfreebl3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libfreebl3-3.12.3.1-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mozilla-nss-3.12.3.1-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mozilla-nss-devel-3.12.3.1-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mozilla-nss-tools-3.12.3.1-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.12.3.1-1.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.3.1-1.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-nss\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:08:39", "description": "The Mozilla NSS security framework was updated to version 3.12.3.1.\n\n - Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function. (CVE-2009-2404 / MFSA 2009-43)\n\n - IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates. (MFSA 2009-42 / CVE-2009-2408)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1199)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libfreebl3", "p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-nss", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBFREEBL3-090812.NASL", "href": "https://www.tenable.com/plugins/nessus/41419", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41419);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n\n script_name(english:\"SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1199)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla NSS security framework was updated to version 3.12.3.1.\n\n - Heap-based buffer overflow in a regular-expression\n parser in Mozilla Network Security Services (NSS) before\n 3.12.3, as used in Firefox, Thunderbird, SeaMonkey,\n Evolution, Pidgin, and AOL Instant Messenger (AIM),\n allows remote SSL servers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via a long domain name in the subject's Common Name (CN)\n field of an X.509 certificate, related to the\n cert_TestHostName function. (CVE-2009-2404 / MFSA\n 2009-43)\n\n - IOActive security researcher Dan Kaminsky reported a\n mismatch in the treatment of domain names in SSL\n certificates between SSL clients and the Certificate\n Authorities (CA) which issue server certificates. In\n particular, if a malicious person requested a\n certificate for a host name with an invalid null\n character in it most CAs would issue the certificate if\n the requester owned the domain specified after the null,\n while most SSL clients (browsers) ignored that part of\n the name and used the unvalidated part in front of the\n null. This made it possible for attackers to obtain\n certificates that would function for any site they\n wished to target. These certificates could be used to\n intercept and potentially alter encrypted communication\n between the client and a server such as sensitive bank\n account transactions. This vulnerability was\n independently reported to us by researcher Moxie\n Marlinspike who also noted that since Firefox relies on\n SSL to protect the integrity of security updates this\n attack could be used to serve malicious updates. (MFSA\n 2009-42 / CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-42.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-43.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=522602\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2404.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1199.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libfreebl3-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-nss-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-nss-tools-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libfreebl3-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-nss-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libfreebl3-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-nss-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-nss-tools-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libfreebl3-32bit-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.12.3.1-1.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.3.1-1.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:11:56", "description": "seamonkey was updated to version 1.1.18, fixing various security issues :\n\n - Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client. This code provided compatibility with the non-standard regular expression syntax historically supported by Netscape clients and servers. With version 3.5 Firefox switched to the more limited industry-standard wildcard syntax instead and is not vulnerable to this flaw. (MFSA 2009-43 / CVE-2009-2404)\n\n - IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates. Mozilla would like to thank Dan and the Microsoft Vulnerability Research team for coordinating a multiple-vendor response to this problem. (MFSA 2009-42 / CVE-2009-2408)", "cvss3": {}, "published": "2009-10-22T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : epiphany (YOU Patch Number 12521)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12521.NASL", "href": "https://www.tenable.com/plugins/nessus/42200", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42200);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n\n script_name(english:\"SuSE9 Security Update : epiphany (YOU Patch Number 12521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"seamonkey was updated to version 1.1.18, fixing various security\nissues :\n\n - Moxie Marlinspike reported a heap overflow vulnerability\n in the code that handles regular expressions in\n certificate names. This vulnerability could be used to\n compromise the browser and run arbitrary code by\n presenting a specially crafted certificate to the\n client. This code provided compatibility with the\n non-standard regular expression syntax historically\n supported by Netscape clients and servers. With version\n 3.5 Firefox switched to the more limited\n industry-standard wildcard syntax instead and is not\n vulnerable to this flaw. (MFSA 2009-43 / CVE-2009-2404)\n\n - IOActive security researcher Dan Kaminsky reported a\n mismatch in the treatment of domain names in SSL\n certificates between SSL clients and the Certificate\n Authorities (CA) which issue server certificates. In\n particular, if a malicious person requested a\n certificate for a host name with an invalid null\n character in it most CAs would issue the certificate if\n the requester owned the domain specified after the null,\n while most SSL clients (browsers) ignored that part of\n the name and used the unvalidated part in front of the\n null. This made it possible for attackers to obtain\n certificates that would function for any site they\n wished to target. These certificates could be used to\n intercept and potentially alter encrypted communication\n between the client and a server such as sensitive bank\n account transactions. This vulnerability was\n independently reported to us by researcher Moxie\n Marlinspike who also noted that since Firefox relies on\n SSL to protect the integrity of security updates this\n attack could be used to serve malicious updates. Mozilla\n would like to thank Dan and the Microsoft Vulnerability\n Research team for coordinating a multiple-vendor\n response to this problem. (MFSA 2009-42 / CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2404.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12521.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-1.8_seamonkey_1.1.18-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-devel-1.8_seamonkey_1.1.18-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-dom-inspector-1.8_seamonkey_1.1.18-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-irc-1.8_seamonkey_1.1.18-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-mail-1.8_seamonkey_1.1.18-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-venkman-1.8_seamonkey_1.1.18-0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:07:38", "description": "The Mozilla NSS security framework was updated to version 3.12.3.1.\n\nCVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function.\n\nMFSA 2009-42 / CVE-2009-2408: IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target.\nThese certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.", "cvss3": {}, "published": "2009-08-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libfreebl3 (libfreebl3-1201)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_LIBFREEBL3-090812.NASL", "href": "https://www.tenable.com/plugins/nessus/40645", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libfreebl3-1201.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40645);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : libfreebl3 (libfreebl3-1201)\");\n script_summary(english:\"Check for the libfreebl3-1201 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla NSS security framework was updated to version 3.12.3.1.\n\nCVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a\nregular-expression parser in Mozilla Network Security Services (NSS)\nbefore 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution,\nPidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via a long domain name in the subject's Common Name\n(CN) field of an X.509 certificate, related to the cert_TestHostName\nfunction.\n\nMFSA 2009-42 / CVE-2009-2408: IOActive security researcher Dan\nKaminsky reported a mismatch in the treatment of domain names in SSL\ncertificates between SSL clients and the Certificate Authorities (CA)\nwhich issue server certificates. In particular, if a malicious person\nrequested a certificate for a host name with an invalid null character\nin it most CAs would issue the certificate if the requester owned the\ndomain specified after the null, while most SSL clients (browsers)\nignored that part of the name and used the unvalidated part in front\nof the null. This made it possible for attackers to obtain\ncertificates that would function for any site they wished to target.\nThese certificates could be used to intercept and potentially alter\nencrypted communication between the client and a server such as\nsensitive bank account transactions. This vulnerability was\nindependently reported to us by researcher Moxie Marlinspike who also\nnoted that since Firefox relies on SSL to protect the integrity of\nsecurity updates this attack could be used to serve malicious updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=522602\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libfreebl3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libfreebl3-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mozilla-nss-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mozilla-nss-devel-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mozilla-nss-tools-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.12.3.1-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.3.1-1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-nss\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:12:29", "description": "The Mozilla NSS security framework was updated to version 3.12.3.1.\n\n - Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function. (CVE-2009-2404 / MFSA 2009-43)\n\n - IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates. (MFSA 2009-42 / CVE-2009-2408)", "cvss3": {}, "published": "2009-10-20T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6541)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MOZILLA-NSPR-6541.NASL", "href": "https://www.tenable.com/plugins/nessus/42190", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42190);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n\n script_name(english:\"SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6541)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla NSS security framework was updated to version 3.12.3.1.\n\n - Heap-based buffer overflow in a regular-expression\n parser in Mozilla Network Security Services (NSS) before\n 3.12.3, as used in Firefox, Thunderbird, SeaMonkey,\n Evolution, Pidgin, and AOL Instant Messenger (AIM),\n allows remote SSL servers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via a long domain name in the subject's Common Name (CN)\n field of an X.509 certificate, related to the\n cert_TestHostName function. (CVE-2009-2404 / MFSA\n 2009-43)\n\n - IOActive security researcher Dan Kaminsky reported a\n mismatch in the treatment of domain names in SSL\n certificates between SSL clients and the Certificate\n Authorities (CA) which issue server certificates. In\n particular, if a malicious person requested a\n certificate for a host name with an invalid null\n character in it most CAs would issue the certificate if\n the requester owned the domain specified after the null,\n while most SSL clients (browsers) ignored that part of\n the name and used the unvalidated part in front of the\n null. This made it possible for attackers to obtain\n certificates that would function for any site they\n wished to target. These certificates could be used to\n intercept and potentially alter encrypted communication\n between the client and a server such as sensitive bank\n account transactions. This vulnerability was\n independently reported to us by researcher Moxie\n Marlinspike who also noted that since Firefox relies on\n SSL to protect the integrity of security updates this\n attack could be used to serve malicious updates. (MFSA\n 2009-42 / CVE-2009-2408)\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-42.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-42/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-43.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-43/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2404.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6541.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nspr-4.8-1.4.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nspr-devel-4.8-1.4.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nss-3.12.3.1-1.4.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nss-devel-3.12.3.1-1.4.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mozilla-nss-tools-3.12.3.1-1.4.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.8-1.4.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.3.1-1.4.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nspr-4.8-1.4.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nspr-devel-4.8-1.4.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nss-3.12.3.1-1.4.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mozilla-nss-devel-3.12.3.1-1.4.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.8-1.4.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.12.3.1-1.4.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:07:57", "description": "The remote host is running a version of Mozilla SeaMonkey earlier than 1.1.18. Such versions are potentially affected by multiple vulnerabilities : \n\n - A heap overflow vulnerability in the code that handles regular expressions in certificate names. (MFSA-2009-43)\n\n - A mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities which issue server certificates. (MFSA-2009-42)\n\n", "cvss3": {}, "published": "2009-09-03T00:00:00", "type": "nessus", "title": "Mozilla SeaMonkey < 1.1.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2009-09-03T00:00:00", "cpe": [], "id": "801235.PRM", "href": "https://www.tenable.com/plugins/lce/801235", "sourceData": "Binary data 801235.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:08:02", "description": "The remote host is running a version of SeaMonkey earlier than 1.1.18. Such versions are potentially affected by multiple vulnerabilities : \n\n - A heap overflow vulnerability in the code that handles regular expressions in certificate names. (MFSA-2009-43)\n\n - A mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities which issue server certificates. (MFSA-2009-42)", "cvss3": {}, "published": "2009-09-03T00:00:00", "type": "nessus", "title": "SeaMonkey < 1.1.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*"], "id": "5152.PRM", "href": "https://www.tenable.com/plugins/nnm/5152", "sourceData": "Binary data 5152.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:03:58", "description": "The installed version of Thunderbird is earlier than 2.0.0.24. Such versions are potentially affected by multiple vulnerabilities :\n\n - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49)\n\n - A heap-based buffer overflow exists in Mozilla's string to floating point number conversion routines. (MFSA 2009-59)\n\n - It is possible to obfuscate the name of files to be downloaded by using a right-to-left override character (RTL). (MFSA 2009-62)\n\n - Multiple memory corruption vulnerabilities exist that may result in the execution of arbitrary code. (MFSA 2010-07)", "cvss3": {}, "published": "2010-03-19T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_20024.NASL", "href": "https://www.tenable.com/plugins/nessus/45110", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(45110);\n script_version(\"1.15\");\n\n script_cve_id(\n \"CVE-2009-0689\",\n \"CVE-2009-2463\",\n \"CVE-2009-3072\",\n \"CVE-2009-3075\",\n \"CVE-2009-3077\",\n \"CVE-2009-3376\",\n \"CVE-2010-0161\",\n \"CVE-2010-0163\"\n );\n script_bugtraq_id(37366,38831);\n script_xref(name:\"Secunia\", value:\"37682\");\n\n script_name(english:\"Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"The remote Windows host contains a mail client that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\",value:\n\"The installed version of Thunderbird is earlier than 2.0.0.24. Such\nversions are potentially affected by multiple vulnerabilities :\n\n - The columns of a XUL tree element can be manipulated in\n a particular way that would leave a pointer owned by\n the column pointing to freed memory. (MFSA 2009-49)\n\n - A heap-based buffer overflow exists in Mozilla's string\n to floating point number conversion routines. \n (MFSA 2009-59)\n\n - It is possible to obfuscate the name of files to be\n downloaded by using a right-to-left override character\n (RTL). (MFSA 2009-62)\n\n - Multiple memory corruption vulnerabilities exist that\n may result in the execution of arbitrary code. \n (MFSA 2010-07)\");\n\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-07/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-49/\");\n script_set_attribute(attribute:\"see_also\",value:\"http://www.nessus.org/u?fff60c73\");\n script_set_attribute(attribute:\"solution\",value:\"Upgrade to Thunderbird 2.0.0.24 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 94, 119, 189);\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2009/09/09\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2010/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\",value:\"2010/03/19\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'2.0.0.24', severity:SECURITY_HOLE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:03:17", "description": "Versions of Mozilla Thunderbird prior to 2.0.0.24 are affected by the following vulnerabilities : \n\n - The columns of a XUL tree element can be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49)\n - A heap-based buffer overflow exists in Mozilla's string to floating point number conversion routines. (MFSA 2009-59)\n - It is possible to obfuscate the name of files to be downloaded by using a right-to-left override character (RTL). (MFSA 2009-62)", "cvss3": {}, "published": "2010-03-19T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"], "id": "5480.PRM", "href": "https://www.tenable.com/plugins/nnm/5480", "sourceData": "Binary data 5480.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:04:57", "description": "Several flaws were discovered in the JavaScript engine of Thunderbird.\nIf a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0689, CVE-2009-2463, CVE-2009-3075)\n\nJosh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3072)\n\nIt was discovered that Thunderbird did not properly manage memory when using XUL tree elements. If a user were tricked into viewing malicious content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3077)\n\nJesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left (RTL) override characters. If a user were tricked into opening a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. (CVE-2009-3376)\n\nTakehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. If an NTLM authenticated user opened content containing links to a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983)\n\nLudovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments. A remote attacker could send specially crafted content and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0163).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-03-19T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : thunderbird vulnerabilities (USN-915-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3983", "CVE-2010-0163"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird", "p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev", "p-cpe:/a:canonical:ubuntu_linux:thunderbird", "p-cpe:/a:canonical:ubuntu_linux:thunderbird-dev", "p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-915-1.NASL", "href": "https://www.tenable.com/plugins/nessus/45108", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-915-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45108);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3983\", \"CVE-2010-0163\");\n script_bugtraq_id(35769, 36343, 36851, 36867, 37366, 38831);\n script_xref(name:\"USN\", value:\"915-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : thunderbird vulnerabilities (USN-915-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were discovered in the JavaScript engine of Thunderbird.\nIf a user had JavaScript enabled and were tricked into viewing\nmalicious web content, a remote attacker could cause a denial of\nservice or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2009-0689, CVE-2009-2463,\nCVE-2009-3075)\n\nJosh Soref discovered that the BinHex decoder used in Thunderbird\ncontained a flaw. If a user were tricked into viewing malicious\ncontent, a remote attacker could cause a denial of service or possibly\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2009-3072)\n\nIt was discovered that Thunderbird did not properly manage memory when\nusing XUL tree elements. If a user were tricked into viewing malicious\ncontent, a remote attacker could cause a denial of service or possibly\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2009-3077)\n\nJesse Ruderman and Sid Stamm discovered that Thunderbird did not\nproperly display filenames containing right-to-left (RTL) override\ncharacters. If a user were tricked into opening a malicious file with\na crafted filename, an attacker could exploit this to trick the user\ninto opening a different file than the user expected. (CVE-2009-3376)\n\nTakehiro Takahashi discovered flaws in the NTLM implementation in\nThunderbird. If an NTLM authenticated user opened content containing\nlinks to a malicious website, a remote attacker could send requests to\nother applications, authenticated as the user. (CVE-2009-3983)\n\nLudovic Hirlimann discovered a flaw in the way Thunderbird indexed\ncertain messages with attachments. A remote attacker could send\nspecially crafted content and cause a denial of service or possibly\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2010-0163).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/915-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mozilla-thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|8\\.10|9\\.04|9\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04 / 9.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mozilla-thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"thunderbird-gnome-support\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"mozilla-thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"thunderbird-gnome-support\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"mozilla-thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"thunderbird-gnome-support\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mozilla-thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mozilla-thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"thunderbird\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"thunderbird-dev\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"thunderbird-gnome-support\", pkgver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mozilla-thunderbird / mozilla-thunderbird-dev / thunderbird / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:04:36", "description": "Mozilla Thunderbird was updated to 2.0.0.14 fixing several security issues and bugs.\n\nMFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla's NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitary application via the browser. If an attacker could get a user to visit a web page he controlled he could force NTLM authenticated requests to be forwarded to another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.\n\nPlease see http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.ht ml", "cvss3": {}, "published": "2010-03-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_MOZILLATHUNDERBIRD-100324.NASL", "href": "https://www.tenable.com/plugins/nessus/45376", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-2189.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(45376);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3983\", \"CVE-2010-0161\", \"CVE-2010-0163\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)\");\n script_summary(english:\"Check for the MozillaThunderbird-2189 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to 2.0.0.14 fixing several security\nissues and bugs.\n\nMFSA 2010-07: Mozilla developers took fixes from previously fixed\nmemory safety bugs in newer Mozilla-based products and ported them to\nthe Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and\nSeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server\nunder Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some\nmessages with attachments (CVE-2010-0163) Carsten Book reported a\ncrash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a\ncrash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072)\nmonarch2000 reported an integer overflow in a base64 decoding function\n(CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi\nof the IBM X-Force reported that Mozilla's NTLM implementation was\nvulnerable to reflection attacks in which NTLM credentials from one\napplication could be forwarded to another arbitary application via the\nbrowser. If an attacker could get a user to visit a web page he\ncontrolled he could force NTLM authenticated requests to be forwarded\nto another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse\nRuderman and Sid Stamm reported that when downloading a file\ncontaining a right-to-left override character (RTL) in the filename,\nthe name displayed in the dialog title bar conflicts with the name of\nthe file shown in the dialog body. An attacker could use this\nvulnerability to obfuscate the name and file extension of a file to be\ndownloaded and opened, potentially causing a user to run an executable\nfile when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of\nSecunia Research reported a heap-based buffer overflow in Mozilla's\nstring to floating point number conversion routines. Using this\nvulnerability an attacker could craft some malicious JavaScript code\ncontaining a very long string to be converted to a floating point\nnumber which would result in improper memory allocation and the\nexecution of an arbitrary memory location. This vulnerability could\nthus be leveraged by the attacker to run arbitrary code on a victim's\ncomputer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla\nappears to be essentially the same as that reported against the libc\ngdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via\nTippingPoint's Zero Day Initiative, reported that the columns of a XUL\ntree element could be manipulated in a particular way which would\nleave a pointer owned by the column pointing to freed memory. An\nattacker could potentially use this vulnerability to crash a victim's\nbrowser and run arbitrary code on the victim's computer.\n\nPlease see\nhttp://www.mozilla.org/security/known-vulnerabilities/thunderbird20.ht\nml\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?280be806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=576969\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"MozillaThunderbird-2.0.0.24-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"MozillaThunderbird-devel-2.0.0.24-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"MozillaThunderbird-translations-2.0.0.24-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:04:54", "description": "Mozilla Thunderbird was updated to 2.0.0.14 fixing several security issues and bugs.\n\nMFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla's NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitary application via the browser. If an attacker could get a user to visit a web page he controlled he could force NTLM authenticated requests to be forwarded to another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.\n\nPlease see http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.ht ml", "cvss3": {}, "published": "2010-03-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_MOZILLATHUNDERBIRD-100324.NASL", "href": "https://www.tenable.com/plugins/nessus/45375", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-2189.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(45375);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3983\", \"CVE-2010-0161\", \"CVE-2010-0163\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-2189)\");\n script_summary(english:\"Check for the MozillaThunderbird-2189 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to 2.0.0.14 fixing several security\nissues and bugs.\n\nMFSA 2010-07: Mozilla developers took fixes from previously fixed\nmemory safety bugs in newer Mozilla-based products and ported them to\nthe Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and\nSeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server\nunder Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some\nmessages with attachments (CVE-2010-0163) Carsten Book reported a\ncrash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a\ncrash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072)\nmonarch2000 reported an integer overflow in a base64 decoding function\n(CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi\nof the IBM X-Force reported that Mozilla's NTLM implementation was\nvulnerable to reflection attacks in which NTLM credentials from one\napplication could be forwarded to another arbitary application via the\nbrowser. If an attacker could get a user to visit a web page he\ncontrolled he could force NTLM authenticated requests to be forwarded\nto another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse\nRuderman and Sid Stamm reported that when downloading a file\ncontaining a right-to-left override character (RTL) in the filename,\nthe name displayed in the dialog title bar conflicts with the name of\nthe file shown in the dialog body. An attacker could use this\nvulnerability to obfuscate the name and file extension of a file to be\ndownloaded and opened, potentially causing a user to run an executable\nfile when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of\nSecunia Research reported a heap-based buffer overflow in Mozilla's\nstring to floating point number conversion routines. Using this\nvulnerability an attacker could craft some malicious JavaScript code\ncontaining a very long string to be converted to a floating point\nnumber which would result in improper memory allocation and the\nexecution of an arbitrary memory location. This vulnerability could\nthus be leveraged by the attacker to run arbitrary code on a victim's\ncomputer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla\nappears to be essentially the same as that reported against the libc\ngdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via\nTippingPoint's Zero Day Initiative, reported that the columns of a XUL\ntree element could be manipulated in a particular way which would\nleave a pointer owned by the column pointing to freed memory. An\nattacker could potentially use this vulnerability to crash a victim's\nbrowser and run arbitrary code on the victim's computer.\n\nPlease see\nhttp://www.mozilla.org/security/known-vulnerabilities/thunderbird20.ht\nml\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?280be806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=576969\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"MozillaThunderbird-2.0.0.24-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"MozillaThunderbird-devel-2.0.0.24-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"MozillaThunderbird-translations-2.0.0.24-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:41:06", "description": "Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409)\n\nAll users of nspr and nss are advised to upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : nspr and nss (RHSA-2009:1207)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2009-1207.NASL", "href": "https://www.tenable.com/plugins/nessus/63889", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1207. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63889);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_bugtraq_id(35888, 35891);\n script_xref(name:\"RHSA\", value:\"2009:1207\");\n\n script_name(english:\"RHEL 5 : nspr and nss (RHSA-2009:1207)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nspr and nss packages that fix security issues are now\navailable for Red Hat Enterprise Linux 5.2 Extended Update Support.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2,\nto a prerelease of version 3.12.4. The version of NSPR has also been\nupgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library used by browsers such as Mozilla\nFirefox to match common names in certificates. A malicious website\ncould present a carefully-crafted certificate in such a way as to\ntrigger the heap overflow, leading to a crash or, possibly, arbitrary\ncode execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction\nin Firefox, the carefully-crafted certificate would need to be signed\nby a Certificate Authority trusted by Firefox, otherwise Firefox\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by Firefox, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse Firefox into\naccepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS now disables the use of MD2 and MD4\nalgorithms inside signatures by default. (CVE-2009-2409)\n\nAll users of nspr and nss are advised to upgrade to these updated\npackages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-2404.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-2409.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-1207.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"nspr-4.7.4-1.el5_2\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"nspr-devel-4.7.4-1.el5_2\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"nss-3.12.3.99.3-1.el5_2\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"nss-devel-3.12.3.99.3-1.el5_2\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"nss-pkcs11-devel-3.12.3.99.3-1.el5_2\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i386\", reference:\"nss-tools-3.12.3.99.3-1.el5_2\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"nss-tools-3.12.3.99.3-1.el5_2\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"nss-tools-3.12.3.99.3-1.el5_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:38:10", "description": "Updated nspr and nss packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide fixes for the following bugs :\n\n* SSL client authentication failed against an Apache server when it was using the mod_nss module and configured for NSSOCSP. On the client side, the user agent received an error message that referenced 'Error Code: -12271' and stated that establishing an encrypted connection had failed because the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained the following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this failure has been resolved so that SSL client authentication with an Apache web server using mod_nss which is configured for NSSOCSP succeeds as expected. Note that if the presented client certificate is expired, then access is denied, the user agent is presented with an error message about the invalid certificate, and the OCSP queries are seen in the OCSP responder. Also, similar OCSP status verification happens for SSL server certificates used in Apache upon instance start or restart. (BZ#508026)\n\n* NSS uses a software integrity test to detect code corruption. RPM transactions and system link optimization daemons (such as prelink) can change the contents of libraries, causing the software integrity test to fail. In combination with the updated prelink package (RHBA-2009:1041), these updated packages can now prevent software integrity test failures. (BZ#495938)\n\nAll users of nspr and nss are advised to upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 : nspr and nss (RHSA-2009:1190)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-1190.NASL", "href": "https://www.tenable.com/plugins/nessus/63888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1190. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63888);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_bugtraq_id(35888, 35891);\n script_xref(name:\"RHSA\", value:\"2009:1190\");\n\n script_name(english:\"RHEL 4 : nspr and nss (RHSA-2009:1190)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nspr and nss packages that fix security issues and bugs are\nnow available for Red Hat Enterprise Linux 4.7 Extended Update\nSupport.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2,\nto a prerelease of version 3.12.4. The version of NSPR has also been\nupgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library used by browsers such as Mozilla\nFirefox to match common names in certificates. A malicious website\ncould present a carefully-crafted certificate in such a way as to\ntrigger the heap overflow, leading to a crash or, possibly, arbitrary\ncode execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction\nin Firefox, the carefully-crafted certificate would need to be signed\nby a Certificate Authority trusted by Firefox, otherwise Firefox\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by Firefox, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse Firefox into\naccepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS now disables the use of MD2 and MD4\nalgorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide fixes for the following bugs :\n\n* SSL client authentication failed against an Apache server when it\nwas using the mod_nss module and configured for NSSOCSP. On the client\nside, the user agent received an error message that referenced 'Error\nCode: -12271' and stated that establishing an encrypted connection had\nfailed because the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained\nthe following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this\nfailure has been resolved so that SSL client authentication with an\nApache web server using mod_nss which is configured for NSSOCSP\nsucceeds as expected. Note that if the presented client certificate is\nexpired, then access is denied, the user agent is presented with an\nerror message about the invalid certificate, and the OCSP queries are\nseen in the OCSP responder. Also, similar OCSP status verification\nhappens for SSL server certificates used in Apache upon instance start\nor restart. (BZ#508026)\n\n* NSS uses a software integrity test to detect code corruption. RPM\ntransactions and system link optimization daemons (such as prelink)\ncan change the contents of libraries, causing the software integrity\ntest to fail. In combination with the updated prelink package\n(RHBA-2009:1041), these updated packages can now prevent software\nintegrity test failures. (BZ#495938)\n\nAll users of nspr and nss are advised to upgrade to these updated\npackages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-2404.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-2409.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-1190.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"nspr-4.7.4-1.el4_7.1\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"nspr-devel-4.7.4-1.el4_7.1\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"nss-3.12.3.99.3-1.el4_7.6\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"nss-devel-3.12.3.99.3-1.el4_7.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:27:57", "description": "CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky) CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly CVE-2009-2404 nss regexp heap overflow\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide a fix for the following bug :\n\n - SSL client authentication failed against an Apache server when it was using the mod_nss module and configured for NSSOCSP. On the client side, the user agent received an error message that referenced 'Error Code :\n\n - -12271' and stated that establishing an encrypted connection had failed because the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained the following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this failure has been resolved so that SSL client authentication with an Apache web server using mod_nss which is configured for NSSOCSP succeeds as expected. Note that if the presented client certificate is expired, then access is denied, the user agent is presented with an error message about the invalid certificate, and the OCSP queries are seen in the OCSP responder. Also, similar OCSP status verification happens for SSL server certificates used in Apache upon instance start or restart. (BZ#508027)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : nspr and nss for SL 4.x on i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090731_NSPR_AND_NSS_FOR_SL_4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60631", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60631);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n\n script_name(english:\"Scientific Linux Security Update : nspr and nss for SL 4.x on i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)\nCVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly\nCVE-2009-2404 nss regexp heap overflow\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2,\nto a prerelease of version 3.12.4. The version of NSPR has also been\nupgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library used by browsers such as Mozilla\nFirefox to match common names in certificates. A malicious website\ncould present a carefully-crafted certificate in such a way as to\ntrigger the heap overflow, leading to a crash or, possibly, arbitrary\ncode execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction\nin Firefox, the carefully-crafted certificate would need to be signed\nby a Certificate Authority trusted by Firefox, otherwise Firefox\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by Firefox, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse Firefox into\naccepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS now disables the use of MD2 and MD4\nalgorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide a fix for the following bug :\n\n - SSL client authentication failed against an Apache\n server when it was using the mod_nss module and\n configured for NSSOCSP. On the client side, the user\n agent received an error message that referenced 'Error\n Code :\n\n - -12271' and stated that establishing an encrypted\n connection had failed because the certificate had been\n rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained\nthe following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this\nfailure has been resolved so that SSL client authentication with an\nApache web server using mod_nss which is configured for NSSOCSP\nsucceeds as expected. Note that if the presented client certificate is\nexpired, then access is denied, the user agent is presented with an\nerror message about the invalid certificate, and the OCSP queries are\nseen in the OCSP responder. Also, similar OCSP status verification\nhappens for SSL server certificates used in Apache upon instance start\nor restart. (BZ#508027)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=508027\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=3189\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?577411ae\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"nspr-4.7.4-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"nspr-devel-4.7.4-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"nss-3.12.3.99.3-1.el4_8.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"nss-devel-3.12.3.99.3-1.el4_8.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"nss-tools-3.12.3.99.3-1.el4_8.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:26:56", "description": "CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky) CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly CVE-2009-2404 nss regexp heap overflow\n\nThe packages with this update are identical to the packages released on the 20th of July 2009. They are being reissued as a Security Advisory as they fixed a number of security issues that were made public today. If you are installing these packages for the first time, they also provide a number of bug fixes and add an enhancement. Since the packages are identical, there is no need to install this update if the nspr/nss packages from July 20, 2009 have already been installed.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : nspr and nss for SL 5.x on i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090731_NSPR_AND_NSS_FOR_SL_5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60632", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60632);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n\n script_name(english:\"Scientific Linux Security Update : nspr and nss for SL 5.x on i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)\nCVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly\nCVE-2009-2404 nss regexp heap overflow\n\nThe packages with this update are identical to the packages released\non the 20th of July 2009. They are being reissued as a Security\nAdvisory as they fixed a number of security issues that were made\npublic today. If you are installing these packages for the first time,\nthey also provide a number of bug fixes and add an enhancement. Since\nthe packages are identical, there is no need to install this update if\nthe nspr/nss packages from July 20, 2009 have already been installed.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2,\nto a prerelease of version 3.12.4. The version of NSPR has also been\nupgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library used by browsers such as Mozilla\nFirefox to match common names in certificates. A malicious website\ncould present a carefully-crafted certificate in such a way as to\ntrigger the heap overflow, leading to a crash or, possibly, arbitrary\ncode execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction\nin Firefox, the carefully-crafted certificate would need to be signed\nby a Certificate Authority trusted by Firefox, otherwise Firefox\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by Firefox, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse Firefox into\naccepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS now disables the use of MD2 and MD4\nalgorithms inside signatures by default. (CVE-2009-2409)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=3323\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a920d6cb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"nspr-4.7.4-1.el5_3.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nspr-devel-4.7.4-1.el5_3.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-3.12.3.99.3-1.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-devel-3.12.3.99.3-1.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-tools-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:24", "description": "From Red Hat Security Advisory 2009:1184 :\n\nUpdated nspr and nss packages that fix security issues and a bug are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide a fix for the following bug :\n\n* SSL client authentication failed against an Apache server when it was using the mod_nss module and configured for NSSOCSP. On the client side, the user agent received an error message that referenced 'Error Code: -12271' and stated that establishing an encrypted connection had failed because the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained the following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this failure has been resolved so that SSL client authentication with an Apache web server using mod_nss which is configured for NSSOCSP succeeds as expected. Note that if the presented client certificate is expired, then access is denied, the user agent is presented with an error message about the invalid certificate, and the OCSP queries are seen in the OCSP responder. Also, similar OCSP status verification happens for SSL server certificates used in Apache upon instance start or restart. (BZ#508027)\n\nAll users of nspr and nss are advised to upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : nspr / nss (ELSA-2009-1184)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nspr", "p-cpe:/a:oracle:linux:nspr-devel", "p-cpe:/a:oracle:linux:nss", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nss-pkcs11-devel", "p-cpe:/a:oracle:linux:nss-tools", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-1184.NASL", "href": "https://www.tenable.com/plugins/nessus/67902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1184 and \n# Oracle Linux Security Advisory ELSA-2009-1184 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67902);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_xref(name:\"RHSA\", value:\"2009:1184\");\n\n script_name(english:\"Oracle Linux 4 / 5 : nspr / nss (ELSA-2009-1184)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1184 :\n\nUpdated nspr and nss packages that fix security issues and a bug are\nnow available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2,\nto a prerelease of version 3.12.4. The version of NSPR has also been\nupgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library used by browsers such as Mozilla\nFirefox to match common names in certificates. A malicious website\ncould present a carefully-crafted certificate in such a way as to\ntrigger the heap overflow, leading to a crash or, possibly, arbitrary\ncode execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction\nin Firefox, the carefully-crafted certificate would need to be signed\nby a Certificate Authority trusted by Firefox, otherwise Firefox\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by Firefox, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse Firefox into\naccepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS now disables the use of MD2 and MD4\nalgorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide a fix for the following bug :\n\n* SSL client authentication failed against an Apache server when it\nwas using the mod_nss module and configured for NSSOCSP. On the client\nside, the user agent received an error message that referenced 'Error\nCode: -12271' and stated that establishing an encrypted connection had\nfailed because the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained\nthe following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this\nfailure has been resolved so that SSL client authentication with an\nApache web server using mod_nss which is configured for NSSOCSP\nsucceeds as expected. Note that if the presented client certificate is\nexpired, then access is denied, the user agent is presented with an\nerror message about the invalid certificate, and the OCSP queries are\nseen in the OCSP responder. Also, similar OCSP status verification\nhappens for SSL server certificates used in Apache upon instance start\nor restart. (BZ#508027)\n\nAll users of nspr and nss are advised to upgrade to these updated\npackages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001097.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001099.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr and / or nss packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"nspr-4.7.4-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nspr-devel-4.7.4-1.el4_8.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nss-3.12.3.99.3-1.0.1.el4_8.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nss-devel-3.12.3.99.3-1.0.1.el4_8.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nss-tools-3.12.3.99.3-1.0.1.el4_8.2\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"nspr-4.7.4-1.el5_3.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nspr-devel-4.7.4-1.el5_3.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-3.12.3.99.3-1.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-devel-3.12.3.99.3-1.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-tools-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / nss-tools\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:00:03", "description": "Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-2404 Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution of arbitrary code.\n\n - CVE-2009-2408 Dan Kaminsky discovered that NULL characters in certificate names could lead to man-in-the-middle attacks by tricking the user into accepting a rogue certificate.\n\n - CVE-2009-2409 Certificates with MD2 hash signatures are no longer accepted since they're no longer considered cryptograhically secure.", "cvss3": {}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1874-1 : nss - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:nss", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1874.NASL", "href": "https://www.tenable.com/plugins/nessus/44739", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1874. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44739);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_bugtraq_id(35888, 35891);\n script_xref(name:\"DSA\", value:\"1874\");\n\n script_name(english:\"Debian DSA-1874-1 : nss - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Network Security\nService libraries. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-2404\n Moxie Marlinspike discovered that a buffer overflow in\n the regular expression parser could lead to the\n execution of arbitrary code.\n\n - CVE-2009-2408\n Dan Kaminsky discovered that NULL characters in\n certificate names could lead to man-in-the-middle\n attacks by tricking the user into accepting a rogue\n certificate.\n\n - CVE-2009-2409\n Certificates with MD2 hash signatures are no longer\n accepted since they're no longer considered\n cryptograhically secure.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-2409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1874\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the nss packages.\n\nThe old stable distribution (etch) doesn't contain nss.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.12.3.1-0lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libnss3-1d\", reference:\"3.12.3.1-0lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libnss3-1d-dbg\", reference:\"3.12.3.1-0lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libnss3-dev\", reference:\"3.12.3.1-0lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libnss3-tools\", reference:\"3.12.3.1-0lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:06:12", "description": "Updated nspr and nss packages that fix security issues, bugs, and add an enhancement are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe packages with this update are identical to the packages released by RHBA-2009:1161 on the 20th of July 2009. They are being reissued as a Red Hat Security Advisory as they fixed a number of security issues that were made public today. If you are installing these packages for the first time, they also provide a number of bug fixes and add an enhancement, as detailed in RHBA-2009:1161. Since the packages are identical, there is no need to install this update if RHBA-2009:1161 has already been installed.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409)\n\nAll users of nspr and nss are advised to upgrade to these updated packages, which resolve these issues and add an enhancement.", "cvss3": {}, "published": "2009-07-31T00:00:00", "type": "nessus", "title": "RHEL 5 : nspr and nss (RHSA-2009:1186)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-1186.NASL", "href": "https://www.tenable.com/plugins/nessus/40441", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1186. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40441);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_xref(name:\"RHSA\", value:\"2009:1186\");\n\n script_name(english:\"RHEL 5 : nspr and nss (RHSA-2009:1186)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nspr and nss packages that fix security issues, bugs, and add\nan enhancement are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe packages with this update are identical to the packages released\nby RHBA-2009:1161 on the 20th of July 2009. They are being reissued as\na Red Hat Security Advisory as they fixed a number of security issues\nthat were made public today. If you are installing these packages for\nthe first time, they also provide a number of bug fixes and add an\nenhancement, as detailed in RHBA-2009:1161. Since the packages are\nidentical, there is no need to install this update if RHBA-2009:1161\nhas already been installed.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2,\nto a prerelease of version 3.12.4. The version of NSPR has also been\nupgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library used by browsers such as Mozilla\nFirefox to match common names in certificates. A malicious website\ncould present a carefully-crafted certificate in such a way as to\ntrigger the heap overflow, leading to a crash or, possibly, arbitrary\ncode execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction\nin Firefox, the carefully-crafted certificate would need to be signed\nby a Certificate Authority trusted by Firefox, otherwise Firefox\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by Firefox, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse Firefox into\naccepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS now disables the use of MD2 and MD4\nalgorithms inside signatures by default. (CVE-2009-2409)\n\nAll users of nspr and nss are advised to upgrade to these updated\npackages, which resolve these issues and add an enhancement.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2409\"\n );\n # http://rhn.redhat.com/errata/RHBA-2009-1161.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHBA-2009:1161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1186\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1186\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"nspr-4.7.4-1.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"nspr-devel-4.7.4-1.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"nss-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"nss-devel-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nss-tools-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nss-tools-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nss-tools-3.12.3.99.3-1.el5_3.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / nss-tools\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:06:55", "description": "Security issues were identified and fixed in firefox 3.0.x :\n\nSecurity researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open() on an invalid URL which looks similar to a legitimate URL and then use document.write() to place content within the new document, appearing to have come from the spoofed location (CVE-2009-2654).\n\nMoxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client (CVE-2009-2404).\n\nIOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates.\nThese certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions (CVE-2009-2408).\n\nThis update provides the latest Mozilla Firefox 3.0.x to correct these issues.\n\nAdditionally, some packages which require so, have been rebuilt and are being provided as updates.", "cvss3": {}, "published": "2009-08-10T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : firefox (MDVSA-2009:198)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2654"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:beagle", "p-cpe:/a:mandriva:linux:beagle-crawl-system", "p-cpe:/a:mandriva:linux:beagle-doc", "p-cpe:/a:mandriva:linux:beagle-epiphany", "p-cpe:/a:mandriva:linux:beagle-evolution", "p-cpe:/a:mandriva:linux:beagle-gui", "p-cpe:/a:mandriva:linux:beagle-gui-qt", "p-cpe:/a:mandriva:linux:beagle-libs", "p-cpe:/a:mandriva:linux:devhelp", "p-cpe:/a:mandriva:linux:devhelp-plugins", "p-cpe:/a:mandriva:linux:epiphany", "p-cpe:/a:mandriva:linux:epiphany-devel", "p-cpe:/a:mandriva:linux:firefox", "p-cpe:/a:mandriva:linux:firefox-af", "p-cpe:/a:mandriva:linux:firefox-ar", "p-cpe:/a:mandriva:linux:firefox-be", "p-cpe:/a:mandriva:linux:firefox-bg", "p-cpe:/a:mandriva:linux:firefox-bn", "p-cpe:/a:mandriva:linux:firefox-ca", "p-cpe:/a:mandriva:linux:firefox-cs", "p-cpe:/a:mandriva:linux:firefox-cy", "p-cpe:/a:mandriva:linux:firefox-da", "p-cpe:/a:mandriva:linux:firefox-de", "p-cpe:/a:mandriva:linux:firefox-el", "p-cpe:/a:mandriva:linux:firefox-en_GB", "p-cpe:/a:mandriva:linux:firefox-eo", "p-cpe:/a:mandriva:linux:firefox-es_AR", "p-cpe:/a:mandriva:linux:firefox-es_ES", "p-cpe:/a:mandriva:linux:firefox-et", "p-cpe:/a:mandriva:linux:firefox-eu", "p-cpe:/a:mandriva:linux:firefox-ext-beagle", "p-cpe:/a:mandriva:linux:firefox-ext-blogrovr", "p-cpe:/a:mandriva:linux:firefox-ext-foxmarks", "p-cpe:/a:mandriva:linux:firefox-ext-mozvoikko", "p-cpe:/a:mandriva:linux:firefox-ext-r-kiosk", "p-cpe:/a:mandriva:linux:firefox-ext-scribefire", "p-cpe:/a:mandriva:linux:firefox-fi", "p-cpe:/a:mandriva:linux:firefox-fr", "p-cpe:/a:mandriva:linux:firefox-fy", "p-cpe:/a:mandriva:linux:firefox-ga_IE", "p-cpe:/a:mandriva:linux:firefox-gl", "p-cpe:/a:mandriva:linux:firefox-gu_IN", "p-cpe:/a:mandriva:linux:firefox-he", "p-cpe:/a:mandriva:linux:firefox-hi", "p-cpe:/a:mandriva:linux:firefox-hu", "p-cpe:/a:mandriva:linux:firefox-id", "p-cpe:/a:mandriva:linux:firefox-is", "p-cpe:/a:mandriva:linux:firefox-it", "p-cpe:/a:mandriva:linux:firefox-ja", "p-cpe:/a:mandriva:linux:firefox-ka", "p-cpe:/a:mandriva:linux:firefox-kn", "p-cpe:/a:mandriva:linux:firefox-ko", "p-cpe:/a:mandriva:linux:firefox-ku", "p-cpe:/a:mandriva:linux:firefox-lt", "p-cpe:/a:mandriva:linux:firefox-lv", "p-cpe:/a:mandriva:linux:firefox-mk", "p-cpe:/a:mandriva:linux:firefox-mn", "p-cpe:/a:mandriva:linux:firefox-mr", "p-cpe:/a:mandriva:linux:firefox-nb_NO", "p-cpe:/a:mandriva:linux:firefox-nl", "p-cpe:/a:mandriva:linux:firefox-nn_NO", "p-cpe:/a:mandriva:linux:firefox-oc", "p-cpe:/a:mandriva:linux:firefox-pa_IN", "p-cpe:/a:mandriva:linux:firefox-pl", "p-cpe:/a:mandriva:linux:firefox-pt_BR", "p-cpe:/a:mandriva:linux:firefox-pt_PT", "p-cpe:/a:mandriva:linux:firefox-ro", "p-cpe:/a:mandriva:linux:firefox-ru", "p-cpe:/a:mandriva:linux:firefox-si", "p-cpe:/a:mandriva:linux:firefox-sk", "p-cpe:/a:mandriva:linux:firefox-sl", "p-cpe:/a:mandriva:linux:firefox-sq", "p-cpe:/a:mandriva:linux:firefox-sr", "p-cpe:/a:mandriva:linux:firefox-sv_SE", "p-cpe:/a:mandriva:linux:firefox-te", "p-cpe:/a:mandriva:linux:firefox-th", "p-cpe:/a:mandriva:linux:firefox-theme-kde4ff", "p-cpe:/a:mandriva:linux:firefox-tr", "p-cpe:/a:mandriva:linux:firefox-uk", "p-cpe:/a:mandriva:linux:firefox-zh_CN", "p-cpe:/a:mandriva:linux:firefox-zh_TW", "p-cpe:/a:mandriva:linux:gnome-python-extras", "p-cpe:/a:mandriva:linux:gnome-python-gda", "p-cpe:/a:mandriva:linux:gnome-python-gda-devel", "p-cpe:/a:mandriva:linux:gnome-python-gdl", "p-cpe:/a:mandriva:linux:gnome-python-gtkhtml2", "p-cpe:/a:mandriva:linux:gnome-python-gtkmozembed", "p-cpe:/a:mandriva:linux:gnome-python-gtkspell", "p-cpe:/a:mandriva:linux:google-gadgets-common", "p-cpe:/a:mandriva:linux:google-gadgets-gtk", "p-cpe:/a:mandriva:linux:google-gadgets-qt", "p-cpe:/a:mandriva:linux:google-gadgets-xul", "p-cpe:/a:mandriva:linux:lib64devhelp-1-devel", "p-cpe:/a:mandriva:linux:lib64devhelp-1_0", "p-cpe:/a:mandriva:linux:lib64ggadget-gtk1.0_0", "p-cpe:/a:mandriva:linux:lib64ggadget-qt1.0_0", "p-cpe:/a:mandriva:linux:lib64ggadget1.0_0", "p-cpe:/a:mandriva:linux:lib64google-gadgets-devel", "p-cpe:/a:mandriva:linux:lib64opensc-devel", "p-cpe:/a:mandriva:linux:lib64opensc2", "p-cpe:/a:mandriva:linux:lib64xulrunner-devel", "p-cpe:/a:mandriva:linux:lib64xulrunner-unstable-devel", "p-cpe:/a:mandriva:linux:lib64xulrunner1.9", "p-cpe:/a:mandriva:linux:libdevhelp-1-devel", "p-cpe:/a:mandriva:linux:libdevhelp-1_0", "p-cpe:/a:mandriva:linux:libggadget-gtk1.0_0", "p-cpe:/a:mandriva:linux:libggadget-qt1.0_0", "p-cpe:/a:mandriva:linux:libggadget1.0_0", "p-cpe:/a:mandriva:linux:libgoogle-gadgets-devel", "p-cpe:/a:mandriva:linux:libopensc-devel", "p-cpe:/a:mandriva:linux:libopensc2", "p-cpe:/a:mandriva:linux:libxulrunner-devel", "p-cpe:/a:mandriva:linux:libxulrunner-unstable-devel", "p-cpe:/a:mandriva:linux:libxulrunner1.9", "p-cpe:/a:mandriva:linux:mozilla-firefox-ext-blogrovr", "p-cpe:/a:mandriva:linux:mozilla-firefox-ext-foxmarks", "p-cpe:/a:mandriva:linux:mozilla-firefox-ext-scribefire", "p-cpe:/a:mandriva:linux:mozilla-plugin-opensc", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-beagle", "p-cpe:/a:mandriva:linux:opensc", "p-cpe:/a:mandriva:linux:python-xpcom", "p-cpe:/a:mandriva:linux:xulrunner", "p-cpe:/a:mandriva:linux:yelp", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-198.NASL", "href": "https://www.tenable.com/plugins/nessus/40523", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:198. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40523);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2654\");\n script_bugtraq_id(35803, 35888, 35891);\n script_xref(name:\"MDVSA\", value:\"2009:198\");\n\n script_name(english:\"Mandriva Linux Security Advisory : firefox (MDVSA-2009:198)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security issues were identified and fixed in firefox 3.0.x :\n\nSecurity researcher Juan Pablo Lopez Yacubian reported that an\nattacker could call window.open() on an invalid URL which looks\nsimilar to a legitimate URL and then use document.write() to place\ncontent within the new document, appearing to have come from the\nspoofed location (CVE-2009-2654).\n\nMoxie Marlinspike reported a heap overflow vulnerability in the code\nthat handles regular expressions in certificate names. This\nvulnerability could be used to compromise the browser and run\narbitrary code by presenting a specially crafted certificate to the\nclient (CVE-2009-2404).\n\nIOActive security researcher Dan Kaminsky reported a mismatch in the\ntreatment of domain names in SSL certificates between SSL clients and\nthe Certificate Authorities (CA) which issue server certificates.\nThese certificates could be used to intercept and potentially alter\nencrypted communication between the client and a server such as\nsensitive bank account transactions (CVE-2009-2408).\n\nThis update provides the latest Mozilla Firefox 3.0.x to correct these\nissues.\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\"\n );\n # https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/#firefox3.0.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd7e048f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle-crawl-system\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle-epiphany\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle-evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle-gui-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:beagle-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:devhelp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:devhelp-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:epiphany\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:epiphany-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_ES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ext-beagle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ext-blogrovr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ext-foxmarks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ext-mozvoikko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ext-r-kiosk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ext-scribefire\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ga_IE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gu_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nb_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nn_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pa_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sv_SE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-theme-kde4ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gda\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gda-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gtkhtml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gtkmozembed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnome-python-gtkspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:google-gadgets-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:google-gadgets-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:google-gadgets-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:google-gadgets-xul\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64devhelp-1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64devhelp-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ggadget-gtk1.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ggadget-qt1.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ggadget1.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64google-gadgets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64opensc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64opensc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xulrunner-unstable-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xulrunner1.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libdevhelp-1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libdevhelp-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libggadget-gtk1.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libggadget-qt1.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libggadget1.0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgoogle-gadgets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopensc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopensc2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxulrunner-unstable-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxulrunner1.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ext-blogrovr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ext-foxmarks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-firefox-ext-scribefire\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-plugin-opensc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-beagle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opensc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-xpcom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:yelp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-crawl-system-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-doc-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-epiphany-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-evolution-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-gui-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-gui-qt-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"beagle-libs-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"devhelp-0.21-3.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"devhelp-plugins-0.21-3.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"epiphany-2.24.0.1-3.11mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"epiphany-devel-2.24.0.1-3.11mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-af-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ar-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-be-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-bg-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-bn-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ca-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-cs-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-cy-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-da-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-de-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-el-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-en_GB-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-eo-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-es_AR-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-es_ES-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-et-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-eu-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ext-beagle-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ext-mozvoikko-0.9.5-4.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-fi-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-fr-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-fy-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ga_IE-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-gl-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-gu_IN-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-he-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-hi-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-hu-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-id-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-is-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-it-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ja-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ka-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-kn-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ko-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ku-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-lt-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-lv-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-mk-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-mn-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-mr-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-nb_NO-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-nl-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-nn_NO-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-oc-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-pa_IN-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-pl-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-pt_BR-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-pt_PT-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ro-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-ru-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-si-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-sk-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-sl-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-sq-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-sr-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-sv_SE-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-te-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-th-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-theme-kde4ff-0.14-4.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-tr-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-uk-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-zh_CN-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"firefox-zh_TW-3.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnome-python-extras-2.19.1-20.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnome-python-gda-2.19.1-20.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnome-python-gda-devel-2.19.1-20.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnome-python-gdl-2.19.1-20.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnome-python-gtkhtml2-2.19.1-20.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnome-python-gtkmozembed-2.19.1-20.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnome-python-gtkspell-2.19.1-20.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64devhelp-1-devel-0.21-3.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64devhelp-1_0-0.21-3.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64xulrunner-devel-1.9.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64xulrunner-unstable-devel-1.9.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64xulrunner1.9-1.9.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libdevhelp-1-devel-0.21-3.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libdevhelp-1_0-0.21-3.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libxulrunner-devel-1.9.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libxulrunner-unstable-devel-1.9.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libxulrunner1.9-1.9.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-firefox-ext-blogrovr-1.1.779-5.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-firefox-ext-foxmarks-2.1.0.12-2.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-firefox-ext-scribefire-2.3.1-2.9mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-beagle-0.3.8-13.14mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"xulrunner-1.9.0.13-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"yelp-2.24.0-3.9mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-crawl-system-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-doc-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-epiphany-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-evolution-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-gui-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-gui-qt-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"beagle-libs-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"epiphany-2.26.1-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"epiphany-devel-2.26.1-1.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-af-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ar-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-be-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-bg-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-bn-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ca-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-cs-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-cy-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-da-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-de-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-el-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-en_GB-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-eo-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-es_AR-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-es_ES-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-et-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-eu-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ext-beagle-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ext-blogrovr-1.1.798-2.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ext-foxmarks-2.7.2-2.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ext-mozvoikko-0.9.6-2.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ext-r-kiosk-0.7.2-2.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ext-scribefire-3.2.3-2.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-fi-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-fr-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-fy-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ga_IE-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-gl-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-gu_IN-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-he-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-hi-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-hu-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-id-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-is-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-it-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ja-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ka-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-kn-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ko-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ku-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-lt-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-lv-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-mk-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-mn-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-mr-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-nb_NO-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-nl-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-nn_NO-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-oc-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-pa_IN-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-pl-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-pt_BR-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-pt_PT-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ro-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-ru-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-si-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-sk-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-sl-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-sq-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-sr-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-sv_SE-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-te-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-th-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-theme-kde4ff-0.14-9.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-tr-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-uk-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-zh_CN-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"firefox-zh_TW-3.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnome-python-extras-2.25.3-3.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnome-python-gda-2.25.3-3.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnome-python-gda-devel-2.25.3-3.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnome-python-gdl-2.25.3-3.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnome-python-gtkhtml2-2.25.3-3.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnome-python-gtkmozembed-2.25.3-3.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnome-python-gtkspell-2.25.3-3.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"google-gadgets-common-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"google-gadgets-gtk-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"google-gadgets-qt-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"google-gadgets-xul-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64ggadget-gtk1.0_0-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64ggadget-qt1.0_0-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64ggadget1.0_0-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64google-gadgets-devel-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64opensc-devel-0.11.7-1.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64opensc2-0.11.7-1.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64xulrunner-devel-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64xulrunner-unstable-devel-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64xulrunner1.9-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libggadget-gtk1.0_0-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libggadget-qt1.0_0-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libggadget1.0_0-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libgoogle-gadgets-devel-0.10.5-8.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libopensc-devel-0.11.7-1.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libopensc2-0.11.7-1.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libxulrunner-devel-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libxulrunner-unstable-devel-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libxulrunner1.9-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"mozilla-plugin-opensc-0.11.7-1.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"mozilla-thunderbird-beagle-0.3.9-9.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opensc-0.11.7-1.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"python-xpcom-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"xulrunner-1.9.0.13-0.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"yelp-2.26.0-3.3mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:07:10", "description": "Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate (CVE-2009-2404).\n\nThis update provides the latest versions of NSS and NSPR libraries which are not vulnerable to those attacks.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers", "cvss3": {}, "published": "2009-08-10T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : nss (MDVSA-2009:197-3)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64nspr-devel", "p-cpe:/a:mandriva:linux:lib64nspr4", "p-cpe:/a:mandriva:linux:lib64nss-devel", "p-cpe:/a:mandriva:linux:lib64nss-static-devel", "p-cpe:/a:mandriva:linux:lib64nss3", "p-cpe:/a:mandriva:linux:libnspr-devel", "p-cpe:/a:mandriva:linux:libnspr4", "p-cpe:/a:mandriva:linux:libnss-devel", "p-cpe:/a:mandriva:linux:libnss-static-devel", "p-cpe:/a:mandriva:linux:libnss3", "p-cpe:/a:mandriva:linux:nss", "cpe:/o:mandriva:linux:2008.0"], "id": "MANDRIVA_MDVSA-2009-197.NASL", "href": "https://www.tenable.com/plugins/nessus/40522", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:197. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40522);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_bugtraq_id(35888, 35891);\n script_xref(name:\"MDVSA\", value:\"2009:197-3\");\n\n script_name(english:\"Mandriva Linux Security Advisory : nss (MDVSA-2009:197-3)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security issues in nss prior to 3.12.3 could lead to a\nman-in-the-middle attack via a spoofed X.509 certificate\n(CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also\ncause a denial-of-service and possible code execution via a long\ndomain name in X.509 certificate (CVE-2009-2404).\n\nThis update provides the latest versions of NSS and NSPR libraries\nwhich are not vulnerable to those attacks.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nspr4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nss-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64nss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnspr4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnss-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libnss3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64nspr-devel-4.7.5-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64nspr4-4.7.5-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64nss-devel-3.12.3.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64nss-static-devel-3.12.3.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64nss3-3.12.3.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnspr-devel-4.7.5-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnspr4-4.7.5-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnss-devel-3.12.3.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnss-static-devel-3.12.3.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libnss3-3.12.3.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"nss-3.12.3.1-0.1mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:44:10", "description": "USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS (e.g. Firefox) to have an executable stack. This reduced the effectiveness of some defensive security protections. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nMoxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service (via application crash) or execute arbitrary code as the user invoking the program. (CVE-2009-2404)\n\nMoxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.\n(CVE-2009-2408)\n\nDan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. (CVE-2009-2409).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-09T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : nss regression (USN-810-3)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnss3-1d", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-810-3.NASL", "href": "https://www.tenable.com/plugins/nessus/65117", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-810-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65117);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_xref(name:\"USN\", value:\"810-3\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : nss regression (USN-810-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that\nthe new libraries on amd64 did not correctly set stack memory flags,\nand caused applications using NSS (e.g. Firefox) to have an executable\nstack. This reduced the effectiveness of some defensive security\nprotections. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nMoxie Marlinspike discovered that NSS did not properly handle regular\nexpressions in certificate names. A remote attacker could create a\nspecially crafted certificate to cause a denial of service (via\napplication crash) or execute arbitrary code as the user invoking the\nprogram. (CVE-2009-2404)\n\nMoxie Marlinspike and Dan Kaminsky independently discovered\nthat NSS did not properly handle certificates with NULL\ncharacters in the certificate name. An attacker could\nexploit this to perform a man in the middle attack to view\nsensitive information or alter encrypted communications.\n(CVE-2009-2408)\n\nDan Kaminsky discovered NSS would still accept certificates\nwith MD2 hash signatures. As a result, an attacker could\npotentially create a malicious trusted certificate to\nimpersonate another site. (CVE-2009-2409).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/810-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libnss3-1d package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-1d\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnss3-1d\", pkgver:\"3.12.3.1-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnss3-1d\", pkgver:\"3.12.3.1-0ubuntu0.8.10.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnss3-1d\", pkgver:\"3.12.3.1-0ubuntu0.9.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnss3-1d\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:04:21", "description": "Updated nspr and nss packages that fix security issues and a bug are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide a fix for the following bug :\n\n* SSL client authentication failed against an Apache server when it was using the mod_nss module and configured for NSSOCSP. On the client side, the user agent received an error message that referenced 'Error Code: -12271' and stated that establishing an encrypted connection had failed because the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained the following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this failure has been resolved so that SSL client authentication with an Apache web server using mod_nss which is configured for NSSOCSP succeeds as expected. Note that if the presented client certificate is expired, then access is denied, the user agent is presented with an error message about the invalid certificate, and the OCSP queries are seen in the OCSP responder. Also, similar OCSP status verification happens for SSL server certificates used in Apache upon instance start or restart. (BZ#508027)\n\nAll users of nspr and nss are advised to upgrade to these updated packages, which resolve these issues.", "cvss3": {}, "published": "2009-07-31T00:00:00", "type": "nessus", "title": "RHEL 4 : nspr and nss (RHSA-2009:1184)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2009-1184.NASL", "href": "https://www.tenable.com/plugins/nessus/40439", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1184. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40439);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_xref(name:\"RHSA\", value:\"2009:1184\");\n\n script_name(english:\"RHEL 4 : nspr and nss (RHSA-2009:1184)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nspr and nss packages that fix security issues and a bug are\nnow available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nNetscape Portable Runtime (NSPR) provides platform independence for\nnon-GUI operating system facilities. These facilities include threads,\nthread synchronization, normal file and network I/O, interval timing,\ncalendar time, basic memory management (malloc and free), and shared\nlibrary linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Applications built with NSS can support SSLv2,\nSSLv3, TLS, and other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2,\nto a prerelease of version 3.12.4. The version of NSPR has also been\nupgraded from 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library used by browsers such as Mozilla\nFirefox to match common names in certificates. A malicious website\ncould present a carefully-crafted certificate in such a way as to\ntrigger the heap overflow, leading to a crash or, possibly, arbitrary\ncode execution with the permissions of the user running the browser.\n(CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction\nin Firefox, the carefully-crafted certificate would need to be signed\nby a Certificate Authority trusted by Firefox, otherwise Firefox\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by Firefox, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse Firefox into\naccepting it by mistake. (CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS now disables the use of MD2 and MD4\nalgorithms inside signatures by default. (CVE-2009-2409)\n\nThese version upgrades also provide a fix for the following bug :\n\n* SSL client authentication failed against an Apache server when it\nwas using the mod_nss module and configured for NSSOCSP. On the client\nside, the user agent received an error message that referenced 'Error\nCode: -12271' and stated that establishing an encrypted connection had\nfailed because the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained\nthe following message :\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error :\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this\nfailure has been resolved so that SSL client authentication with an\nApache web server using mod_nss which is configured for NSSOCSP\nsucceeds as expected. Note that if the presented client certificate is\nexpired, then access is denied, the user agent is presented with an\nerror message about the invalid certificate, and the OCSP queries are\nseen in the OCSP responder. Also, similar OCSP status verification\nhappens for SSL server certificates used in Apache upon instance start\nor restart. (BZ#508027)\n\nAll users of nspr and nss are advised to upgrade to these updated\npackages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1184\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1184\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"nspr-4.7.4-1.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"nspr-devel-4.7.4-1.el4_8.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"nss-3.12.3.99.3-1.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"nss-devel-3.12.3.99.3-1.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"nss-tools-3.12.3.99.3-1.el4_8.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-tools\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:07:27", "description": "Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service (via application crash) or execute arbitrary code as the user invoking the program. (CVE-2009-2404)\n\nMoxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-2408)\n\nDan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site.\n(CVE-2009-2409).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-08-05T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : nss vulnerabilities (USN-810-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnss3-0d", "p-cpe:/a:canonical:ubuntu_linux:libnss3-1d", "p-cpe:/a:canonical:ubuntu_linux:libnss3-1d-dbg", "p-cpe:/a:canonical:ubuntu_linux:libnss3-dev", "p-cpe:/a:canonical:ubuntu_linux:libnss3-tools", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-810-1.NASL", "href": "https://www.tenable.com/plugins/nessus/40490", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-810-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40490);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_bugtraq_id(35888, 35891);\n script_xref(name:\"USN\", value:\"810-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : nss vulnerabilities (USN-810-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Moxie Marlinspike discovered that NSS did not properly handle regular\nexpressions in certificate names. A remote attacker could create a\nspecially crafted certificate to cause a denial of service (via\napplication crash) or execute arbitrary code as the user invoking the\nprogram. (CVE-2009-2404)\n\nMoxie Marlinspike and Dan Kaminsky independently discovered that NSS\ndid not properly handle certificates with NULL characters in the\ncertificate name. An attacker could exploit this to perform a man in\nthe middle attack to view sensitive information or alter encrypted\ncommunications. (CVE-2009-2408)\n\nDan Kaminsky discovered NSS would still accept certificates with MD2\nhash signatures. As a result, an attacker could potentially create a\nmalicious trusted certificate to impersonate another site.\n(CVE-2009-2409).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/810-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-0d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-1d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-1d-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnss3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnss3-0d\", pkgver:\"3.12.3.1-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnss3-1d\", pkgver:\"3.12.3.1-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnss3-1d-dbg\", pkgver:\"3.12.3.1-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnss3-dev\", pkgver:\"3.12.3.1-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnss3-tools\", pkgver:\"3.12.3.1-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnss3-0d\", pkgver:\"3.12.3.1-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnss3-1d\", pkgver:\"3.12.3.1-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnss3-1d-dbg\", pkgver:\"3.12.3.1-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnss3-dev\", pkgver:\"3.12.3.1-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnss3-tools\", pkgver:\"3.12.3.1-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnss3-0d\", pkgver:\"3.12.3.1-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnss3-1d\", pkgver:\"3.12.3.1-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnss3-1d-dbg\", pkgver:\"3.12.3.1-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnss3-dev\", pkgver:\"3.12.3.1-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnss3-tools\", pkgver:\"3.12.3.1-0ubuntu0.9.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnss3-0d / libnss3-1d / libnss3-1d-dbg / libnss3-dev / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:07:27", "description": "USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS.\n\nMoxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service (via application crash) or execute arbitrary code as the user invoking the program. (CVE-2009-2404)\n\nMoxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.\n(CVE-2009-2408)\n\nDan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. (CVE-2009-2409).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-08-05T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : nspr update (USN-810-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2409"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libnspr4-0d", "p-cpe:/a:canonical:ubuntu_linux:libnspr4-0d-dbg", "p-cpe:/a:canonical:ubuntu_linux:libnspr4-dev", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-810-2.NASL", "href": "https://www.tenable.com/plugins/nessus/40491", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-810-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40491);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_bugtraq_id(35888, 35891);\n script_xref(name:\"USN\", value:\"810-2\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : nspr update (USN-810-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR\nneeded to use the new NSS.\n\nMoxie Marlinspike discovered that NSS did not properly handle regular\nexpressions in certificate names. A remote attacker could create a\nspecially crafted certificate to cause a denial of service (via\napplication crash) or execute arbitrary code as the user invoking the\nprogram. (CVE-2009-2404)\n\nMoxie Marlinspike and Dan Kaminsky independently discovered\nthat NSS did not properly handle certificates with NULL\ncharacters in the certificate name. An attacker could\nexploit this to perform a man in the middle attack to view\nsensitive information or alter encrypted communications.\n(CVE-2009-2408)\n\nDan Kaminsky discovered NSS would still accept certificates\nwith MD2 hash signatures. As a result, an attacker could\npotentially create a malicious trusted certificate to\nimpersonate another site. (CVE-2009-2409).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/810-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libnspr4-0d, libnspr4-0d-dbg and / or libnspr4-dev\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnspr4-0d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnspr4-0d-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libnspr4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnspr4-0d\", pkgver:\"4.7.5-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnspr4-0d-dbg\", pkgver:\"4.7.5-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libnspr4-dev\", pkgver:\"4.7.5-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnspr4-0d\", pkgver:\"4.7.5-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnspr4-0d-dbg\", pkgver:\"4.7.5-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libnspr4-dev\", pkgver:\"4.7.5-0ubuntu0.8.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnspr4-0d\", pkgver:\"4.7.5-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnspr4-0d-dbg\", pkgver:\"4.7.5-0ubuntu0.9.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libnspr4-dev\", pkgver:\"4.7.5-0ubuntu0.9.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libnspr4-0d / libnspr4-0d-dbg / libnspr4-dev\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:06:45", "description": "The installed version of Firefox is earlier than 3.0.13/3.5.0. Such versions are reportedly potentially affected by the following security issues : \n\n - The browser can be fooled into trusting a malicious SSL server certificate with a null character in the host name. (MFSA 2009-42)\n\n - A heap overflow in the code that handles regular expressions in certificate names can lead to arbitrary code execution. (MFSA 2009-43)\n\n", "cvss3": {}, "published": "2009-08-03T00:00:00", "type": "nessus", "title": "Firefox < 3.0.13/3.5.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2654"], "modified": "2009-08-03T00:00:00", "cpe": [], "id": "800771.PRM", "href": "https://www.tenable.com/plugins/lce/800771", "sourceData": "Binary data 800771.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:06:47", "description": "The installed version of Firefox is earlier than 3.0.13/3.5.0. Such versions are reportedly potentially affected by the following security issues : \n\n - The browser can be fooled into trusting a malicious SSL server certificate with a null character in the host name. (MFSA 2009-42)\n - A heap overflow in the code that handles regular expressions in certificate names can lead to arbitrary code execution. (MFSA 2009-43)", "cvss3": {}, "published": "2009-08-03T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 3.0.13/3.5.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2654"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"], "id": "5113.PRM", "href": "https://www.tenable.com/plugins/nnm/5113", "sourceData": "Binary data 5113.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:12:05", "description": "Update to new upstream SeaMonkey version 1.1.19, fixing multiple security issues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/known- vulnerabilities/seamonkey11.html#seamonkey1.1.19 CVE-2010-0161 CVE-2010-0163 CVE-2009-3075 CVE-2009-3072 CVE-2009-2463 CVE-2009-3385 CVE-2009-3983 CVE-2009-3376 CVE-2009-0689 CVE-2009-3077\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 11 : seamonkey-1.1.19-1.fc11 (2010-7100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:seamonkey", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-7100.NASL", "href": "https://www.tenable.com/plugins/nessus/47453", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-7100.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47453);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(35769, 36343, 36851, 36867, 37366, 38831);\n script_xref(name:\"FEDORA\", value:\"2010-7100\");\n\n script_name(english:\"Fedora 11 : seamonkey-1.1.19-1.fc11 (2010-7100)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream SeaMonkey version 1.1.19, fixing multiple\nsecurity issues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/known-\nvulnerabilities/seamonkey11.html#seamonkey1.1.19 CVE-2010-0161\nCVE-2010-0163 CVE-2009-3075 CVE-2009-3072 CVE-2009-2463 CVE-2009-3385\nCVE-2009-3983 CVE-2009-3376 CVE-2009-0689 CVE-2009-3077\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/known-\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=577290\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-April/039834.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?360208b7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"seamonkey-1.1.19-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-11T15:08:27", "description": "This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues.\n\nThe following security issues are fixed :\n\n - Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1. (MFSA 2010-07)\n\n - Paul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication. (CVE-2010-0161)\n\n - Ludovic Hirlimann reported a crash indexing some messages with attachments. (CVE-2010-0163)\n\n - Carsten Book reported a crash in the JavaScript engine.\n (CVE-2009-3075)\n\n - Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072)\n\n - monarch2000 reported an integer overflow in a base64 decoding function. (CVE-2009-2463)\n\n - Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla's NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitary application via the browser. If an attacker could get a user to visit a web page he controlled he could force NTLM authenticated requests to be forwarded to another application on behalf of the user. (MFSA 2009-68 / CVE-2009-3983)\n\n - Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file.\n (MFSA 2009-62 / CVE-2009-3376)\n\n - Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines.\n Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer. (MFSA 2009-59 / CVE-2009-0689)\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz.\n\n - Security researcher Georgi Guninski reported that scriptable plugin content, such as Flash objects, could be loaded and executed in SeaMonkey mail messages by embedding the content in an iframe inside the message.\n If a user were to reply to or forward such a message, malicious JavaScript embedded in the plugin content could potentially steal the contents of the message or files from the local filesystem. (MFSA 2010-06 / CVE-2009-3385)\n\n - An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer. (MFSA 2009-49 / CVE-2009-3077)\n\nPlease see http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html", "cvss3": {}, "published": "2010-05-20T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : epiphany (YOU Patch Number 12616)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12616.NASL", "href": "https://www.tenable.com/plugins/nessus/46685", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46685);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3385\", \"CVE-2009-3983\", \"CVE-2010-0161\", \"CVE-2010-0163\");\n\n script_name(english:\"SuSE9 Security Update : epiphany (YOU Patch Number 12616)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and\nsecurity issues.\n\nThe following security issues are fixed :\n\n - Mozilla developers took fixes from previously fixed\n memory safety bugs in newer Mozilla-based products and\n ported them to the Mozilla 1.8.1 branch so they can be\n utilized by Thunderbird 2 and SeaMonkey 1.1. (MFSA\n 2010-07)\n\n - Paul Fisher reported a crash when joined to an Active\n Directory server under Vista or Windows 7 and using SSPI\n authentication. (CVE-2010-0161)\n\n - Ludovic Hirlimann reported a crash indexing some\n messages with attachments. (CVE-2010-0163)\n\n - Carsten Book reported a crash in the JavaScript engine.\n (CVE-2009-3075)\n\n - Josh Soref reported a crash in the BinHex decoder used\n on non-Mac platforms. (CVE-2009-3072)\n\n - monarch2000 reported an integer overflow in a base64\n decoding function. (CVE-2009-2463)\n\n - Security researcher Takehiro Takahashi of the IBM\n X-Force reported that Mozilla's NTLM implementation was\n vulnerable to reflection attacks in which NTLM\n credentials from one application could be forwarded to\n another arbitary application via the browser. If an\n attacker could get a user to visit a web page he\n controlled he could force NTLM authenticated requests to\n be forwarded to another application on behalf of the\n user. (MFSA 2009-68 / CVE-2009-3983)\n\n - Mozilla security researchers Jesse Ruderman and Sid\n Stamm reported that when downloading a file containing a\n right-to-left override character (RTL) in the filename,\n the name displayed in the dialog title bar conflicts\n with the name of the file shown in the dialog body. An\n attacker could use this vulnerability to obfuscate the\n name and file extension of a file to be downloaded and\n opened, potentially causing a user to run an executable\n file when they expected to open a non-executable file.\n (MFSA 2009-62 / CVE-2009-3376)\n\n - Security researcher Alin Rad Pop of Secunia Research\n reported a heap-based buffer overflow in Mozilla's\n string to floating point number conversion routines.\n Using this vulnerability an attacker could craft some\n malicious JavaScript code containing a very long string\n to be converted to a floating point number which would\n result in improper memory allocation and the execution\n of an arbitrary memory location. This vulnerability\n could thus be leveraged by the attacker to run arbitrary\n code on a victim's computer. (MFSA 2009-59 /\n CVE-2009-0689)\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla\nappears to be essentially the same as that reported against the libc\ngdtoa routine by Maksymilian Arciemowicz.\n\n - Security researcher Georgi Guninski reported that\n scriptable plugin content, such as Flash objects, could\n be loaded and executed in SeaMonkey mail messages by\n embedding the content in an iframe inside the message.\n If a user were to reply to or forward such a message,\n malicious JavaScript embedded in the plugin content\n could potentially steal the contents of the message or\n files from the local filesystem. (MFSA 2010-06 /\n CVE-2009-3385)\n\n - An anonymous security researcher, via TippingPoint's\n Zero Day Initiative, reported that the columns of a XUL\n tree element could be manipulated in a particular way\n which would leave a pointer owned by the column pointing\n to freed memory. An attacker could potentially use this\n vulnerability to crash a victim's browser and run\n arbitrary code on the victim's computer. (MFSA 2009-49 /\n CVE-2009-3077)\n\nPlease see\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0689.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2463.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3072.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3075.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3077.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3376.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2009-3385/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3983.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2010-0161/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2010-0163/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12616.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-1.8_seamonkey_1.1.19-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-devel-1.8_seamonkey_1.1.19-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-dom-inspector-1.8_seamonkey_1.1.19-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-irc-1.8_seamonkey_1.1.19-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-mail-1.8_seamonkey_1.1.19-0.1\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"mozilla-venkman-1.8_seamonkey_1.1.19-0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:09:11", "description": "This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues.\n\nFollowing security issues are fixed: MFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla's NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitary application via the browser. If an attacker could get a user to visit a web page he controlled he could force NTLM authenticated requests to be forwarded to another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2010-06 / CVE-2009-3385: Security researcher Georgi Guninski reported that scriptable plugin content, such as Flash objects, could be loaded and executed in SeaMonkey mail messages by embedding the content in an iframe inside the message. If a user were to reply to or forward such a message, malicious JavaScript embedded in the plugin content could potentially steal the contents of the message or files from the local filesystem.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.\n\nPlease see http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html", "cvss3": {}, "published": "2010-05-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:seamonkey", "p-cpe:/a:novell:opensuse:seamonkey-dom-inspector", "p-cpe:/a:novell:opensuse:seamonkey-irc", "p-cpe:/a:novell:opensuse:seamonkey-mail", "p-cpe:/a:novell:opensuse:seamonkey-spellchecker", "p-cpe:/a:novell:opensuse:seamonkey-venkman", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_SEAMONKEY-100430.NASL", "href": "https://www.tenable.com/plugins/nessus/46687", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update seamonkey-2388.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46687);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3385\", \"CVE-2009-3983\", \"CVE-2010-0161\", \"CVE-2010-0163\");\n\n script_name(english:\"openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1)\");\n script_summary(english:\"Check for the seamonkey-2388 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and\nsecurity issues.\n\nFollowing security issues are fixed: MFSA 2010-07: Mozilla developers\ntook fixes from previously fixed memory safety bugs in newer\nMozilla-based products and ported them to the Mozilla 1.8.1 branch so\nthey can be utilized by Thunderbird 2 and SeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server\nunder Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some\nmessages with attachments (CVE-2010-0163) Carsten Book reported a\ncrash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a\ncrash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072)\nmonarch2000 reported an integer overflow in a base64 decoding function\n(CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi\nof the IBM X-Force reported that Mozilla's NTLM implementation was\nvulnerable to reflection attacks in which NTLM credentials from one\napplication could be forwarded to another arbitary application via the\nbrowser. If an attacker could get a user to visit a web page he\ncontrolled he could force NTLM authenticated requests to be forwarded\nto another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse\nRuderman and Sid Stamm reported that when downloading a file\ncontaining a right-to-left override character (RTL) in the filename,\nthe name displayed in the dialog title bar conflicts with the name of\nthe file shown in the dialog body. An attacker could use this\nvulnerability to obfuscate the name and file extension of a file to be\ndownloaded and opened, potentially causing a user to run an executable\nfile when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of\nSecunia Research reported a heap-based buffer overflow in Mozilla's\nstring to floating point number conversion routines. Using this\nvulnerability an attacker could craft some malicious JavaScript code\ncontaining a very long string to be converted to a floating point\nnumber which would result in improper memory allocation and the\nexecution of an arbitrary memory location. This vulnerability could\nthus be leveraged by the attacker to run arbitrary code on a victim's\ncomputer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla\nappears to be essentially the same as that reported against the libc\ngdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2010-06 / CVE-2009-3385: Security researcher Georgi Guninski\nreported that scriptable plugin content, such as Flash objects, could\nbe loaded and executed in SeaMonkey mail messages by embedding the\ncontent in an iframe inside the message. If a user were to reply to or\nforward such a message, malicious JavaScript embedded in the plugin\ncontent could potentially steal the contents of the message or files\nfrom the local filesystem.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via\nTippingPoint's Zero Day Initiative, reported that the columns of a XUL\ntree element could be manipulated in a particular way which would\nleave a pointer owned by the column pointing to freed memory. An\nattacker could potentially use this vulnerability to crash a victim's\nbrowser and run arbitrary code on the victim's computer.\n\nPlease see\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e868d512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=590499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-irc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-spellchecker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"seamonkey-1.1.19-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"seamonkey-dom-inspector-1.1.19-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"seamonkey-irc-1.1.19-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"seamonkey-mail-1.1.19-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"seamonkey-spellchecker-1.1.19-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"seamonkey-venkman-1.1.19-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:03:28", "description": "Mozilla Project reports :\n\nMFSA 2010-07 Fixes for potentially exploitable crashes ported to the legacy branch\n\nMFSA 2010-06 Scriptable plugin execution in SeaMonkey mail\n\nMFSA 2009-68 NTLM reflection vulnerability\n\nMFSA 2009-62 Download filename spoofing with RTL override\n\nMFSA 2009-59 Heap buffer overflow in string to number conversion\n\nMFSA 2009-49 TreeColumns dangling pointer vulnerability", "cvss3": {}, "published": "2010-03-22T00:00:00", "type": "nessus", "title": "FreeBSD : mozilla -- multiple vulnerabilities (56cfe192-329f-11df-abb2-000f20797ede)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:thunderbird", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_56CFE192329F11DFABB2000F20797EDE.NASL", "href": "https://www.tenable.com/plugins/nessus/45114", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(45114);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3385\", \"CVE-2009-3983\", \"CVE-2010-0161\", \"CVE-2010-0163\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (56cfe192-329f-11df-abb2-000f20797ede)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Project reports :\n\nMFSA 2010-07 Fixes for potentially exploitable crashes ported to the\nlegacy branch\n\nMFSA 2010-06 Scriptable plugin execution in SeaMonkey mail\n\nMFSA 2009-68 NTLM reflection vulnerability\n\nMFSA 2009-62 Download filename spoofing with RTL override\n\nMFSA 2009-59 Heap buffer overflow in string to number conversion\n\nMFSA 2009-49 TreeColumns dangling pointer vulnerability\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-07.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-07/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-06.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-06/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-68.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-68/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-59.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-49.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-49/\"\n );\n # https://vuxml.freebsd.org/freebsd/56cfe192-329f-11df-abb2-000f20797ede.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?99c8bc06\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/03/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey<1.1.19\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey<1.1.19\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird<2.0.0.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird<2.0.0.24\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:08:47", "description": "This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues.\n\nFollowing security issues are fixed: MFSA 2010-07: Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some messages with attachments (CVE-2010-0163) Carsten Book reported a crash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072) monarch2000 reported an integer overflow in a base64 decoding function (CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla's NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitary application via the browser. If an attacker could get a user to visit a web page he controlled he could force NTLM authenticated requests to be forwarded to another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2010-06 / CVE-2009-3385: Security researcher Georgi Guninski reported that scriptable plugin content, such as Flash objects, could be loaded and executed in SeaMonkey mail messages by embedding the content in an iframe inside the message. If a user were to reply to or forward such a message, malicious JavaScript embedded in the plugin content could potentially steal the contents of the message or files from the local filesystem.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.\n\nPlease see http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html", "cvss3": {}, "published": "2010-05-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3376", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:seamonkey", "p-cpe:/a:novell:opensuse:seamonkey-dom-inspector", "p-cpe:/a:novell:opensuse:seamonkey-irc", "p-cpe:/a:novell:opensuse:seamonkey-mail", "p-cpe:/a:novell:opensuse:seamonkey-spellchecker", "p-cpe:/a:novell:opensuse:seamonkey-venkman", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_SEAMONKEY-100430.NASL", "href": "https://www.tenable.com/plugins/nessus/46686", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update seamonkey-2388.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46686);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3385\", \"CVE-2009-3983\", \"CVE-2010-0161\", \"CVE-2010-0163\");\n\n script_name(english:\"openSUSE Security Update : seamonkey (openSUSE-SU-2010:0273-1)\");\n script_summary(english:\"Check for the seamonkey-2388 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and\nsecurity issues.\n\nFollowing security issues are fixed: MFSA 2010-07: Mozilla developers\ntook fixes from previously fixed memory safety bugs in newer\nMozilla-based products and ported them to the Mozilla 1.8.1 branch so\nthey can be utilized by Thunderbird 2 and SeaMonkey 1.1.\n\nPaul Fisher reported a crash when joined to an Active Directory server\nunder Vista or Windows 7 and using SSPI authentication.\n(CVE-2010-0161) Ludovic Hirlimann reported a crash indexing some\nmessages with attachments (CVE-2010-0163) Carsten Book reported a\ncrash in the JavaScript engine (CVE-2009-3075) Josh Soref reported a\ncrash in the BinHex decoder used on non-Mac platforms. (CVE-2009-3072)\nmonarch2000 reported an integer overflow in a base64 decoding function\n(CVE-2009-2463)\n\nMFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro Takahashi\nof the IBM X-Force reported that Mozilla's NTLM implementation was\nvulnerable to reflection attacks in which NTLM credentials from one\napplication could be forwarded to another arbitary application via the\nbrowser. If an attacker could get a user to visit a web page he\ncontrolled he could force NTLM authenticated requests to be forwarded\nto another application on behalf of the user.\n\nMFSA 2009-62 / CVE-2009-3376: Mozilla security researchers Jesse\nRuderman and Sid Stamm reported that when downloading a file\ncontaining a right-to-left override character (RTL) in the filename,\nthe name displayed in the dialog title bar conflicts with the name of\nthe file shown in the dialog body. An attacker could use this\nvulnerability to obfuscate the name and file extension of a file to be\ndownloaded and opened, potentially causing a user to run an executable\nfile when they expected to open a non-executable file.\n\nMFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad Pop of\nSecunia Research reported a heap-based buffer overflow in Mozilla's\nstring to floating point number conversion routines. Using this\nvulnerability an attacker could craft some malicious JavaScript code\ncontaining a very long string to be converted to a floating point\nnumber which would result in improper memory allocation and the\nexecution of an arbitrary memory location. This vulnerability could\nthus be leveraged by the attacker to run arbitrary code on a victim's\ncomputer.\n\nUpdate: The underlying flaw in the dtoa routines used by Mozilla\nappears to be essentially the same as that reported against the libc\ngdtoa routine by Maksymilian Arciemowicz.\n\nMFSA 2010-06 / CVE-2009-3385: Security researcher Georgi Guninski\nreported that scriptable plugin content, such as Flash objects, could\nbe loaded and executed in SeaMonkey mail messages by embedding the\ncontent in an iframe inside the message. If a user were to reply to or\nforward such a message, malicious JavaScript embedded in the plugin\ncontent could potentially steal the contents of the message or files\nfrom the local filesystem.\n\nMFSA 2009-49 / CVE-2009-3077: An anonymous security researcher, via\nTippingPoint's Zero Day Initiative, reported that the columns of a XUL\ntree element could be manipulated in a particular way which would\nleave a pointer owned by the column pointing to freed memory. An\nattacker could potentially use this vulnerability to crash a victim's\nbrowser and run arbitrary code on the victim's computer.\n\nPlease see\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e868d512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=590499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00021.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-irc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-spellchecker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"seamonkey-1.1.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"seamonkey-dom-inspector-1.1.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"seamonkey-irc-1.1.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"seamonkey-mail-1.1.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"seamonkey-spellchecker-1.1.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"seamonkey-venkman-1.1.19-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:26:54", "description": "CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)\n\nCVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly\n\nCVE-2009-2654 firefox: URL bar spoofing vulnerability\n\nCVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes\n\nCVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine crashes\n\nCVE-2009-3076 Firefox 3.0.14 Insufficient warning for PKCS11 module installation and removal\n\nCVE-2009-3077 Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by SeaMonkey, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse SeaMonkey into accepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS (provided by SeaMonkey) now disables the use of MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAfter installing the update, SeaMonkey must be restarted for the changes to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2654", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090909_SEAMONKEY_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60665", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60665);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2654\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\");\n\n script_name(english:\"Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)\n\nCVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly\n\nCVE-2009-2654 firefox: URL bar spoofing vulnerability\n\nCVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes\n\nCVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine crashes\n\nCVE-2009-3076 Firefox 3.0.14 Insufficient warning for PKCS11 module\ninstallation and removal\n\nCVE-2009-3077 Firefox 3.5.3 3.0.14 TreeColumns dangling pointer\nvulnerability\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use\nthis flaw to crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by SeaMonkey, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse SeaMonkey into\naccepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules\nwere not informative. An attacker able to trick a user into installing\na malicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it\npossible to trick the user into believing they are viewing a trusted\nsite or, potentially, execute arbitrary code with the privileges of\nthe user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when\nwindow.open() is called in a certain way. An attacker could use this\nflaw to conceal a malicious URL, possibly tricking a user into\nbelieving they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS (provided by SeaMonkey) now disables the use\nof MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAfter installing the update, SeaMonkey must be restarted for the\nchanges to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0909&L=scientific-linux-errata&T=0&P=850\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2c8d5aeb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 94, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-chat-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-devel-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-dom-inspector-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-js-debugger-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-mail-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nspr-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nspr-devel-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nss-1.0.9-0.45.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nss-devel-1.0.9-0.45.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-1.0.9-48.el4_8\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-chat-1.0.9-48.el4_8\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-devel-1.0.9-48.el4_8\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-dom-inspector-1.0.9-48.el4_8\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-js-debugger-1.0.9-48.el4_8\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"seamonkey-mail-1.0.9-48.el4_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:23", "description": "From Red Hat Security Advisory 2009:1432 :\n\nUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by SeaMonkey, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse SeaMonkey into accepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS (provided by SeaMonkey) now disables the use of MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : seamonkey (ELSA-2009-1432)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2654", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:seamonkey", "p-cpe:/a:oracle:linux:seamonkey-chat", "p-cpe:/a:oracle:linux:seamonkey-devel", "p-cpe:/a:oracle:linux:seamonkey-dom-inspector", "p-cpe:/a:oracle:linux:seamonkey-js-debugger", "p-cpe:/a:oracle:linux:seamonkey-mail", "p-cpe:/a:oracle:linux:seamonkey-nspr", "p-cpe:/a:oracle:linux:seamonkey-nspr-devel", "p-cpe:/a:oracle:linux:seamonkey-nss", "p-cpe:/a:oracle:linux:seamonkey-nss-devel", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2009-1432.NASL", "href": "https://www.tenable.com/plugins/nessus/67924", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1432 and \n# Oracle Linux Security Advisory ELSA-2009-1432 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67924);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2654\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\");\n script_bugtraq_id(35803, 35888, 36343);\n script_xref(name:\"RHSA\", value:\"2009:1432\");\n\n script_name(english:\"Oracle Linux 3 : seamonkey (ELSA-2009-1432)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1432 :\n\nUpdated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use\nthis flaw to crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by SeaMonkey, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse SeaMonkey into\naccepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules\nwere not informative. An attacker able to trick a user into installing\na malicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it\npossible to trick the user into believing they are viewing a trusted\nsite or, potentially, execute arbitrary code with the privileges of\nthe user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when\nwindow.open() is called in a certain way. An attacker could use this\nflaw to conceal a malicious URL, possibly tricking a user into\nbelieving they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS (provided by SeaMonkey) now disables the use\nof MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-September/001151.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.45.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.45.0.1.el3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:47", "description": "From Red Hat Security Advisory 2009:1431 :\n\nUpdated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : seamonkey (ELSA-2009-1431)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2654", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:seamonkey", "p-cpe:/a:oracle:linux:seamonkey-chat", "p-cpe:/a:oracle:linux:seamonkey-devel", "p-cpe:/a:oracle:linux:seamonkey-dom-inspector", "p-cpe:/a:oracle:linux:seamonkey-js-debugger", "p-cpe:/a:oracle:linux:seamonkey-mail", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-1431.NASL", "href": "https://www.tenable.com/plugins/nessus/67923", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1431 and \n# Oracle Linux Security Advisory ELSA-2009-1431 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67923);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2654\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\");\n script_bugtraq_id(35803, 36343);\n script_xref(name:\"RHSA\", value:\"2009:1431\");\n\n script_name(english:\"Oracle Linux 4 : seamonkey (ELSA-2009-1431)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1431 :\n\nUpdated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use\nthis flaw to crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules\nwere not informative. An attacker able to trick a user into installing\na malicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it\npossible to trick the user into believing they are viewing a trusted\nsite or, potentially, execute arbitrary code with the privileges of\nthe user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when\nwindow.open() is called in a certain way. An attacker could use this\nflaw to conceal a malicious URL, possibly tricking a user into\nbelieving they are viewing a trusted site. (CVE-2009-2654)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-September/001148.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-1.0.9-48.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-chat-1.0.9-48.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-devel-1.0.9-48.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-dom-inspector-1.0.9-48.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-js-debugger-1.0.9-48.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-mail-1.0.9-48.0.1.el4_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:09:48", "description": "Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by SeaMonkey, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse SeaMonkey into accepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS (provided by SeaMonkey) now disables the use of MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.", "cvss3": {}, "published": "2009-09-11T00:00:00", "type": "nessus", "title": "CentOS 3 : seamonkey (CESA-2009:1432)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2654", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:seamonkey", "p-cpe:/a:centos:centos:seamonkey-chat", "p-cpe:/a:centos:centos:seamonkey-devel", "p-cpe:/a:centos:centos:seamonkey-dom-inspector", "p-cpe:/a:centos:centos:seamonkey-js-debugger", "p-cpe:/a:centos:centos:seamonkey-mail", "p-cpe:/a:centos:centos:seamonkey-nspr", "p-cpe:/a:centos:centos:seamonkey-nspr-devel", "p-cpe:/a:centos:centos:seamonkey-nss", "p-cpe:/a:centos:centos:seamonkey-nss-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1432.NASL", "href": "https://www.tenable.com/plugins/nessus/40934", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1432 and \n# CentOS Errata and Security Advisory 2009:1432 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40934);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2654\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\");\n script_bugtraq_id(35803, 35888, 36343);\n script_xref(name:\"RHSA\", value:\"2009:1432\");\n\n script_name(english:\"CentOS 3 : seamonkey (CESA-2009:1432)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use\nthis flaw to crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by SeaMonkey, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse SeaMonkey into\naccepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules\nwere not informative. An attacker able to trick a user into installing\na malicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it\npossible to trick the user into believing they are viewing a trusted\nsite or, potentially, execute arbitrary code with the privileges of\nthe user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when\nwindow.open() is called in a certain way. An attacker could use this\nflaw to conceal a malicious URL, possibly tricking a user into\nbelieving they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS (provided by SeaMonkey) now disables the use\nof MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-September/016131.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?83a904e0\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-September/016132.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c2fd6eb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.45.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.45.el3.centos3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:08:38", "description": "Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.", "cvss3": {}, "published": "2009-09-11T00:00:00", "type": "nessus", "title": "CentOS 4 : seamonkey (CESA-2009:1431)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2654", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:seamonkey", "p-cpe:/a:centos:centos:seamonkey-chat", "p-cpe:/a:centos:centos:seamonkey-devel", "p-cpe:/a:centos:centos:seamonkey-dom-inspector", "p-cpe:/a:centos:centos:seamonkey-js-debugger", "p-cpe:/a:centos:centos:seamonkey-mail", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-1431.NASL", "href": "https://www.tenable.com/plugins/nessus/40933", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1431 and \n# CentOS Errata and Security Advisory 2009:1431 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40933);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2654\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\");\n script_bugtraq_id(35803, 36343);\n script_xref(name:\"RHSA\", value:\"2009:1431\");\n\n script_name(english:\"CentOS 4 : seamonkey (CESA-2009:1431)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use\nthis flaw to crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules\nwere not informative. An attacker able to trick a user into installing\na malicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it\npossible to trick the user into believing they are viewing a trusted\nsite or, potentially, execute arbitrary code with the privileges of\nthe user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when\nwindow.open() is called in a certain way. An attacker could use this\nflaw to conceal a malicious URL, possibly tricking a user into\nbelieving they are viewing a trusted site. (CVE-2009-2654)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-September/016135.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f8b1737\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-September/016136.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?07906dc2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-48.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-48.el4.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:09:48", "description": "Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.", "cvss3": {}, "published": "2009-09-10T00:00:00", "type": "nessus", "title": "RHEL 4 : seamonkey (RHSA-2009:1431)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2654", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:seamonkey", "p-cpe:/a:redhat:enterprise_linux:seamonkey-chat", "p-cpe:/a:redhat:enterprise_linux:seamonkey-devel", "p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector", "p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger", "p-cpe:/a:redhat:enterprise_linux:seamonkey-mail", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2009-1431.NASL", "href": "https://www.tenable.com/plugins/nessus/40922", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1431. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40922);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2654\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\");\n script_bugtraq_id(35803, 36343);\n script_xref(name:\"RHSA\", value:\"2009:1431\");\n\n script_name(english:\"RHEL 4 : seamonkey (RHSA-2009:1431)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use\nthis flaw to crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules\nwere not informative. An attacker able to trick a user into installing\na malicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it\npossible to trick the user into believing they are viewing a trusted\nsite or, potentially, execute arbitrary code with the privileges of\nthe user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when\nwindow.open() is called in a certain way. An attacker could use this\nflaw to conceal a malicious URL, possibly tricking a user into\nbelieving they are viewing a trusted site. (CVE-2009-2654)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1431\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1431\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-1.0.9-48.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-chat-1.0.9-48.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-devel-1.0.9-48.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-dom-inspector-1.0.9-48.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-js-debugger-1.0.9-48.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-mail-1.0.9-48.el4_8\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:10:24", "description": "Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by SeaMonkey, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse SeaMonkey into accepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were not informative. An attacker able to trick a user into installing a malicious PKCS #11 module could use this flaw to install their own Certificate Authority certificates on a user's machine, making it possible to trick the user into believing they are viewing a trusted site or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS (provided by SeaMonkey) now disables the use of MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.", "cvss3": {}, "published": "2009-09-10T00:00:00", "type": "nessus", "title": "RHEL 3 : seamonkey (RHSA-2009:1432)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-2409", "CVE-2009-2654", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:seamonkey", "p-cpe:/a:redhat:enterprise_linux:seamonkey-chat", "p-cpe:/a:redhat:enterprise_linux:seamonkey-devel", "p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector", "p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger", "p-cpe:/a:redhat:enterprise_linux:seamonkey-mail", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nss", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2009-1432.NASL", "href": "https://www.tenable.com/plugins/nessus/40923", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1432. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40923);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2654\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\");\n script_bugtraq_id(35803, 35888, 36343);\n script_xref(name:\"RHSA\", value:\"2009:1432\");\n\n script_name(english:\"RHEL 3 : seamonkey (RHSA-2009:1432)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)\n\nA use-after-free flaw was found in SeaMonkey. An attacker could use\nthis flaw to crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-3077)\n\nDan Kaminsky discovered flaws in the way browsers such as SeaMonkey\nhandle NULL characters in a certificate. If an attacker is able to get\na carefully-crafted certificate signed by a Certificate Authority\ntrusted by SeaMonkey, the attacker could use the certificate during a\nman-in-the-middle attack and potentially confuse SeaMonkey into\naccepting it by mistake. (CVE-2009-2408)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules\nwere not informative. An attacker able to trick a user into installing\na malicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it\npossible to trick the user into believing they are viewing a trusted\nsite or, potentially, execute arbitrary code with the privileges of\nthe user running SeaMonkey. (CVE-2009-3076)\n\nA flaw was found in the way SeaMonkey displays the address bar when\nwindow.open() is called in a certain way. An attacker could use this\nflaw to conceal a malicious URL, possibly tricking a user into\nbelieving they are viewing a trusted site. (CVE-2009-2654)\n\nDan Kaminsky found that browsers still accept certificates with MD2\nhash signatures, even though MD2 is no longer considered a\ncryptographically strong algorithm. This could make it easier for an\nattacker to create a malicious certificate that would be treated as\ntrusted by a browser. NSS (provided by SeaMonkey) now disables the use\nof MD2 and MD4 algorithms inside signatures by default.\n(CVE-2009-2409)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1432\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 94, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1432\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-chat-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-devel-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-dom-inspector-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-js-debugger-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-mail-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nspr-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nspr-devel-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nss-1.0.9-0.45.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nss-devel-1.0.9-0.45.el3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:06:54", "description": "Mozilla Project reports :\n\nMFSA 2009-38: Data corruption with SOCKS5 reply containing DNS name longer than 15 characters\n\nMFSA 2009-42: Compromise of SSL-protected communication\n\nMFSA 2009-43: Heap overflow in certificate regexp parsing\n\nMFSA 2009-44: Location bar and SSL indicator spoofing via window.open() on invalid URL\n\nMFSA 2009-45: Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13)\n\nMFSA 2009-46: Chrome privilege escalation due to incorrectly cached wrapper", "cvss3": {}, "published": "2009-08-05T00:00:00", "type": "nessus", "title": "FreeBSD : mozilla -- multiple vulnerabilities (49e8f2ee-8147-11de-a994-0030843d3802)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404", "CVE-2009-2408", "CVE-2009-2454", "CVE-2009-2470"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:linux-firefox", "p-cpe:/a:freebsd:freebsd:linux-firefox-devel", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:linux-seamonkey-devel", "p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:thunderbird", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_49E8F2EE814711DEA9940030843D3802.NASL", "href": "https://www.tenable.com/plugins/nessus/40485", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40485);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2454\", \"CVE-2009-2470\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (49e8f2ee-8147-11de-a994-0030843d3802)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Project reports :\n\nMFSA 2009-38: Data corruption with SOCKS5 reply containing DNS name\nlonger than 15 characters\n\nMFSA 2009-42: Compromise of SSL-protected communication\n\nMFSA 2009-43: Heap overflow in certificate regexp parsing\n\nMFSA 2009-44: Location bar and SSL indicator spoofing via\nwindow.open() on invalid URL\n\nMFSA 2009-45: Crashes with evidence of memory corruption\n(rv:1.9.1.2/1.9.0.13)\n\nMFSA 2009-46: Chrome privilege escalation due to incorrectly cached\nwrapper\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-38.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-38/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-42.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-42/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-43.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-43/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-44.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-44/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-45.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-45/\"\n );\n # http://www.mozilla.org/security/announce/2009/mfsa2009-46.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-46/\"\n );\n # https://vuxml.freebsd.org/freebsd/49e8f2ee-8147-11de-a994-0030843d3802.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b73e9fa9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 79, 119, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox<3.*,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox>3.*,1<3.0.13,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox>3.5.*,1<3.5.2,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<3.*,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox>3.*,1<3.0.13,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox>3.5.*,1<3.5.2,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox-devel<3.5.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey<1.1.18\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey<1.1.18\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey-devel>0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird<2.0.0.23\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird<2.0.0.23\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:04:00", "description": "The installed version of SeaMonkey is earlier than 1.1.19. Such versions are potentially affected by the following security issues :\n - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49)\n\n - A heap-based buffer overflow exists in Mozilla's string to floating point number conversion routines. (MFSA 2009-59)\n\n - It is possible to obfuscate the name of files to be downloaded by using a right-to-left override character (RTL). (MFSA 2009-62)\n\n - Mozilla's NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitrary application. (MFSA 2009-68)\n\n - Scriptable plugin content, such as Flash objects, can be loaded and executed by embedding the content in an iframe inside the message. (MFSA 2010-06)\n\n - Multiple memory corruption vulnerabilities exist that may result in the execution of arbitrary code. (MFSA 2010-07)", "cvss3": {}, "published": "2010-03-19T00:00:00", "type": "nessus", "title": "SeaMonkey < 1.1.19 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2072", "CVE-2009-2463", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2018-07-27T00:00:00", "cpe": ["cpe:/a:mozilla:seamonkey"], "id": "SEAMONKEY_1119.NASL", "href": "https://www.tenable.com/plugins/nessus/45111", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(45111);\n script_version(\"1.15\");\n\n script_cve_id(\n \"CVE-2009-0689\",\n \"CVE-2009-2463\",\n \"CVE-2009-2072\",\n \"CVE-2009-3075\",\n \"CVE-2009-3077\",\n \"CVE-2009-3385\",\n \"CVE-2009-3983\",\n \"CVE-2010-0161\", \n \"CVE-2010-0163\"\n );\n script_bugtraq_id(37366, 38830, 38831);\n script_xref(name:\"Secunia\", value:\"39001\");\n\n script_name(english:\"SeaMonkey < 1.1.19 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of SeaMonkey\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"A web browser on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\",value:\n\"The installed version of SeaMonkey is earlier than 1.1.19. Such\nversions are potentially affected by the following security issues :\n \n - The columns of a XUL tree element can be manipulated in\n a particular way that would leave a pointer owned by\n the column pointing to freed memory. (MFSA 2009-49)\n\n - A heap-based buffer overflow exists in Mozilla's string\n to floating point number conversion routines. \n (MFSA 2009-59)\n\n - It is possible to obfuscate the name of files to be\n downloaded by using a right-to-left override character\n (RTL). (MFSA 2009-62)\n\n - Mozilla's NTLM implementation is vulnerable to \n reflection attacks in which NTLM credentials from one\n application could be forwarded to another arbitrary \n application. (MFSA 2009-68)\n\n - Scriptable plugin content, such as Flash objects, can be\n loaded and executed by embedding the content in an \n iframe inside the message. (MFSA 2010-06)\n\n - Multiple memory corruption vulnerabilities exist that\n may result in the execution of arbitrary code. \n (MFSA 2010-07)\");\n\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-06/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-07/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-68/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59/\");\n script_set_attribute(attribute:\"see_also\",value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-49/\");\n script_set_attribute(attribute:\"solution\",value:\n\"Upgrade to SeaMonkey 2.0.3 / 1.1.19 or later. \n\nNote that 1.1.19 is a legacy release and is affected by known\nvulnerabilities.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94, 119, 189, 287);\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2010/09/09\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2010/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\",value:\"2010/03/19\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:seamonkey\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"SeaMonkey/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/SeaMonkey/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"SeaMonkey\");\n\nmozilla_check_version(installs:installs, product:'seamonkey', fix:'1.1.19', severity:SECURITY_HOLE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:02:47", "description": "The remote host is running a version of SeaMonkey earlier than 1.1.19. Such versions are potentially affected by multiple vulnerabilities : \n\n - The columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49)\n\n - A heap-based overflow exists in Mozilla's string to floating point number conversion routines. (MFSA 2009-59)\n\n - It is possible to obfuscate the name of files to be downloaded by using a right-to-left override character (RTL). (MFSA 2009-62)\n\n - Mozilla's NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitrary application. (MFSA 2009-68)\n\n - Scriptable plugin content, such as Flash objects, can be loaded and executed by embedding the content in an iframe inside the message. (MFSA 2010-06)\n\n - Multiple memory corruption vulnerabilities which could potentially lead to the execution of arbitrary code. (MFSA 2010-07)", "cvss3": {}, "published": "2010-03-19T00:00:00", "type": "nessus", "title": "SeaMonkey < 1.1.19 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0689", "CVE-2009-2072", "CVE-2009-2463", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3385", "CVE-2009-3983", "CVE-2010-0161", "CVE-2010-0163"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*"], "id": "5479.PRM", "href": "https://www.tenable.com/plugins/nnm/5479", "sourceData": "Binary data 5479.prm", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:04", "description": "From Red Hat Security Advisory 2009:1185 :\n\nUpdated SeaMonkey packages that fix a security issue are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library (provided by SeaMonkey) used to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by SeaMonkey, otherwise SeaMonkey presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nAll SeaMonkey users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, SeaMonkey must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : seamonkey (ELSA-2009-1185)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:seamonkey", "p-cpe:/a:oracle:linux:seamonkey-chat", "p-cpe:/a:oracle:linux:seamonkey-devel", "p-cpe:/a:oracle:linux:seamonkey-dom-inspector", "p-cpe:/a:oracle:linux:seamonkey-js-debugger", "p-cpe:/a:oracle:linux:seamonkey-mail", "p-cpe:/a:oracle:linux:seamonkey-nspr", "p-cpe:/a:oracle:linux:seamonkey-nspr-devel", "p-cpe:/a:oracle:linux:seamonkey-nss", "p-cpe:/a:oracle:linux:seamonkey-nss-devel", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2009-1185.NASL", "href": "https://www.tenable.com/plugins/nessus/67903", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1185 and \n# Oracle Linux Security Advisory ELSA-2009-1185 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67903);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\");\n script_xref(name:\"RHSA\", value:\"2009:1185\");\n\n script_name(english:\"Oracle Linux 3 : seamonkey (ELSA-2009-1185)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1185 :\n\nUpdated SeaMonkey packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library (provided by SeaMonkey) used to\nmatch common names in certificates. A malicious website could present\na carefully-crafted certificate in such a way as to trigger the heap\noverflow, leading to a crash or, possibly, arbitrary code execution\nwith the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction,\nthe carefully-crafted certificate would need to be signed by a\nCertificate Authority trusted by SeaMonkey, otherwise SeaMonkey\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, SeaMonkey must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001098.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.41.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.41.0.1.el3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:04:21", "description": "Updated SeaMonkey packages that fix a security issue are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library (provided by SeaMonkey) used to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by SeaMonkey, otherwise SeaMonkey presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nAll SeaMonkey users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, SeaMonkey must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-07-31T00:00:00", "type": "nessus", "title": "CentOS 3 : seamonkey (CESA-2009:1185)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:seamonkey", "p-cpe:/a:centos:centos:seamonkey-chat", "p-cpe:/a:centos:centos:seamonkey-devel", "p-cpe:/a:centos:centos:seamonkey-dom-inspector", "p-cpe:/a:centos:centos:seamonkey-js-debugger", "p-cpe:/a:centos:centos:seamonkey-mail", "p-cpe:/a:centos:centos:seamonkey-nspr", "p-cpe:/a:centos:centos:seamonkey-nspr-devel", "p-cpe:/a:centos:centos:seamonkey-nss", "p-cpe:/a:centos:centos:seamonkey-nss-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1185.NASL", "href": "https://www.tenable.com/plugins/nessus/40437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1185 and \n# CentOS Errata and Security Advisory 2009:1185 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40437);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2404\");\n script_xref(name:\"RHSA\", value:\"2009:1185\");\n\n script_name(english:\"CentOS 3 : seamonkey (CESA-2009:1185)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library (provided by SeaMonkey) used to\nmatch common names in certificates. A malicious website could present\na carefully-crafted certificate in such a way as to trigger the heap\noverflow, leading to a crash or, possibly, arbitrary code execution\nwith the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction,\nthe carefully-crafted certificate would need to be signed by a\nCertificate Authority trusted by SeaMonkey, otherwise SeaMonkey\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, SeaMonkey must be restarted for the update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016060.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?16101529\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016061.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42008fc3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.41.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.41.el3.centos3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:06:08", "description": "Updated SeaMonkey packages that fix a security issue are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library (provided by SeaMonkey) used to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by SeaMonkey, otherwise SeaMonkey presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nAll SeaMonkey users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, SeaMonkey must be restarted for the update to take effect.", "cvss3": {}, "published": "2009-07-31T00:00:00", "type": "nessus", "title": "RHEL 3 : seamonkey (RHSA-2009:1185)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:seamonkey", "p-cpe:/a:redhat:enterprise_linux:seamonkey-chat", "p-cpe:/a:redhat:enterprise_linux:seamonkey-devel", "p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector", "p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger", "p-cpe:/a:redhat:enterprise_linux:seamonkey-mail", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nss", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2009-1185.NASL", "href": "https://www.tenable.com/plugins/nessus/40440", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1185. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40440);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\");\n script_xref(name:\"RHSA\", value:\"2009:1185\");\n\n script_name(english:\"RHEL 3 : seamonkey (RHSA-2009:1185)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix a security issue are now available\nfor Red Hat Enterprise Linux 3.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library (provided by SeaMonkey) used to\nmatch common names in certificates. A malicious website could present\na carefully-crafted certificate in such a way as to trigger the heap\noverflow, leading to a crash or, possibly, arbitrary code execution\nwith the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction,\nthe carefully-crafted certificate would need to be signed by a\nCertificate Authority trusted by SeaMonkey, otherwise SeaMonkey\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, SeaMonkey must be restarted for the update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1185\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1185\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-chat-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-devel-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-dom-inspector-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-js-debugger-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-mail-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nspr-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nspr-devel-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nss-1.0.9-0.41.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nss-devel-1.0.9-0.41.el3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:26:08", "description": "CVE-2009-2404 nss regexp heap overflow\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library (provided by SeaMonkey) used to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by SeaMonkey, otherwise SeaMonkey presents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take place.\n\nAfter installing the updated packages, SeaMonkey must be restarted for the update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : seamonkey on SL3.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2404"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090730_SEAMONKEY_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60630", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60630);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2404\");\n\n script_name(english:\"Scientific Linux Security Update : seamonkey on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-2404 nss regexp heap overflow\n\nMoxie Marlinspike reported a heap overflow flaw in a regular\nexpression parser in the NSS library (provided by SeaMonkey) used to\nmatch common names in certificates. A malicious website could present\na carefully-crafted certificate in such a way as to trigger the heap\noverflow, leading to a crash or, possibly, arbitrary code execution\nwith the permissions of the user running SeaMonkey. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction,\nthe carefully-crafted certificate would need to be signed by a\nCertificate Authority trusted by SeaMonkey, otherwise SeaMonkey\npresents the victim with a warning that the certificate is untrusted.\nOnly if the user then accepts the certificate will the overflow take\nplace.\n\nAfter installing the updated packages, SeaMonkey must be restarted for\nthe update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0908&L=scientific-linux-errata&T=0&P=583\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ae73e964\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-chat-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-devel-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-dom-inspector-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-js-debugger-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-mail-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nspr-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nspr-devel-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nss-1.0.9-0.41.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"seamonkey-nss-devel-1.0.9-0.41.el3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:10:35", "description": "This update of mutt improves the handling of the \\0 character in SSL certificates. (CVE-2009-2408)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : mutt (ZYPP Patch Number 6484)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_MUTT-6484.NASL", "href": "https://www.tenable.com/plugins/nessus/41559", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41559);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE 10 Security Update : mutt (ZYPP Patch Number 6484)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6484.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"mutt-1.5.9i-27.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"mutt-1.5.9i-27.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:09:12", "description": "Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.", "cvss3": {}, "published": "2009-09-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1303)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations", "p-cpe:/a:novell:opensuse:hunspell", "p-cpe:/a:novell:opensuse:hunspell-32bit", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_MOZILLATHUNDERBIRD-090914.NASL", "href": "https://www.tenable.com/plugins/nessus/41011", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-1303.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41011);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1303)\");\n script_summary(english:\"Check for the MozillaThunderbird-1303 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the\ntreatment of domain names in SSL certificates between SSL clients and\nthe Certificate Authorities (CA) which issue server certificates. In\nparticular, if a malicious person requested a certificate for a host\nname with an invalid null character in it most CAs would issue the\ncertificate if the requester owned the domain specified after the\nnull, while most SSL clients (browsers) ignored that part of the name\nand used the unvalidated part in front of the null. This made it\npossible for attackers to obtain certificates that would function for\nany site they wished to target. These certificates could be used to\nintercept and potentially alter encrypted communication between the\nclient and a server such as sensitive bank account transactions. This\nvulnerability was independently reported to us by researcher Moxie\nMarlinspike who also noted that since Firefox relies on SSL to protect\nthe integrity of security updates this attack could be used to serve\nmalicious updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534782\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hunspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hunspell-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"MozillaThunderbird-2.0.0.23-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"MozillaThunderbird-devel-2.0.0.23-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"MozillaThunderbird-translations-2.0.0.23-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"hunspell-1.2.7-1.28\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"hunspell-1.2.7-1.35\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"hunspell-32bit-1.2.7-1.28\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:23:49", "description": "This update of openldap2 makes SSL certificate verification more robust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)", "cvss3": {}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : OpenLDAP 2 (ZYPP Patch Number 6598)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENLDAP2-6598.NASL", "href": "https://www.tenable.com/plugins/nessus/49906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49906);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE 10 Security Update : OpenLDAP 2 (ZYPP Patch Number 6598)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of openldap2 makes SSL certificate verification more\nrobust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6598.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"openldap2-2.3.32-0.36.50\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"openldap2-client-2.3.32-0.36.91\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"openldap2-devel-2.3.32-0.36.91\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.3.32-0.36.91\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.32-0.36.91\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openldap2-2.3.32-0.36.50\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openldap2-back-meta-2.3.32-0.36.50\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openldap2-back-perl-2.3.32-0.36.50\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openldap2-client-2.3.32-0.36.91\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"openldap2-devel-2.3.32-0.36.91\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.3.32-0.36.91\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.32-0.36.91\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:09:11", "description": "This update of mutt improves the handling of the \\0 character in SSL certificates. (CVE-2009-2408 )", "cvss3": {}, "published": "2009-09-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mutt (mutt-1298)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mutt", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_MUTT-090909.NASL", "href": "https://www.tenable.com/plugins/nessus/41036", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update mutt-1298.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41036);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : mutt (mutt-1298)\");\n script_summary(english:\"Check for the mutt-1298 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408 )\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537141\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected mutt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mutt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"mutt-1.5.17-63.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mutt\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:08:32", "description": "Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.", "cvss3": {}, "published": "2009-09-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1303)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations", "p-cpe:/a:novell:opensuse:hunspell", "p-cpe:/a:novell:opensuse:hunspell-32bit", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_MOZILLATHUNDERBIRD-090914.NASL", "href": "https://www.tenable.com/plugins/nessus/41009", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-1303.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41009);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1303)\");\n script_summary(english:\"Check for the MozillaThunderbird-1303 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the\ntreatment of domain names in SSL certificates between SSL clients and\nthe Certificate Authorities (CA) which issue server certificates. In\nparticular, if a malicious person requested a certificate for a host\nname with an invalid null character in it most CAs would issue the\ncertificate if the requester owned the domain specified after the\nnull, while most SSL clients (browsers) ignored that part of the name\nand used the unvalidated part in front of the null. This made it\npossible for attackers to obtain certificates that would function for\nany site they wished to target. These certificates could be used to\nintercept and potentially alter encrypted communication between the\nclient and a server such as sensitive bank account transactions. This\nvulnerability was independently reported to us by researcher Moxie\nMarlinspike who also noted that since Firefox relies on SSL to protect\nthe integrity of security updates this attack could be used to serve\nmalicious updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534782\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hunspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hunspell-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"MozillaThunderbird-2.0.0.23-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"MozillaThunderbird-devel-2.0.0.23-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"MozillaThunderbird-translations-2.0.0.23-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"hunspell-1.2.2-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"hunspell-32bit-1.2.2-15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:10:23", "description": "This update of mutt improves the handling of the \\0 character in SSL certificates. (CVE-2009-2408 )", "cvss3": {}, "published": "2009-09-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mutt (mutt-1298)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mutt", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_MUTT-090909.NASL", "href": "https://www.tenable.com/plugins/nessus/41042", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update mutt-1298.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41042);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : mutt (mutt-1298)\");\n script_summary(english:\"Check for the mutt-1298 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408 )\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537141\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected mutt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mutt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"mutt-1.5.17-42.113.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mutt\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:11:19", "description": "This update of mutt improves the handling of the \\0 character in SSL certificates. (CVE-2009-2408)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : mutt (SAT Patch Number 1291)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:mutt", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_MUTT-090909.NASL", "href": "https://www.tenable.com/plugins/nessus/41438", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41438);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE 11 Security Update : mutt (SAT Patch Number 1291)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1291.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mutt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mutt-1.5.17-42.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mutt-1.5.17-42.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"mutt-1.5.17-42.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"mutt-1.5.17-42.32.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"mutt-1.5.17-42.32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:08:32", "description": "This update of openldap2 makes SSL certificate verification more robust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)", "cvss3": {}, "published": "2009-09-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libldap-2_4-2 (libldap-2_4-2-1301)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openldap2", "p-cpe:/a:novell:opensuse:openldap2-back-meta", "p-cpe:/a:novell:opensuse:openldap2-back-perl", "p-cpe:/a:novell:opensuse:openldap2-client", "p-cpe:/a:novell:opensuse:openldap2-client-32bit", "p-cpe:/a:novell:opensuse:openldap2-devel", "p-cpe:/a:novell:opensuse:openldap2-devel-32bit", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_LIBLDAP-2_4-2-090909.NASL", "href": "https://www.tenable.com/plugins/nessus/41035", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libldap-2_4-2-1301.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41035);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : libldap-2_4-2 (libldap-2_4-2-1301)\");\n script_summary(english:\"Check for the libldap-2_4-2-1301 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of openldap2 makes SSL certificate verification more\nrobust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537143\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libldap-2_4-2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openldap2-2.4.9-7.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openldap2-back-meta-2.4.9-7.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openldap2-back-perl-2.4.9-7.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openldap2-client-2.4.9-7.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"openldap2-devel-2.4.9-7.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.4.9-7.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.4.9-7.6\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:11:01", "description": "This update of openldap2 makes SSL certificate verification more robust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : OpenLDAP2 (ZYPP Patch Number 6485)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_OPENLDAP2-6485.NASL", "href": "https://www.tenable.com/plugins/nessus/41566", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41566);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE 10 Security Update : OpenLDAP2 (ZYPP Patch Number 6485)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of openldap2 makes SSL certificate verification more\nrobust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6485.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"openldap2-2.3.32-0.34.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"openldap2-client-2.3.32-0.33.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"openldap2-devel-2.3.32-0.33.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.3.32-0.33.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.32-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openldap2-2.3.32-0.34.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openldap2-back-meta-2.3.32-0.34.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openldap2-back-perl-2.3.32-0.34.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openldap2-client-2.3.32-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"openldap2-devel-2.3.32-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.3.32-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.32-0.33.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:37:18", "description": "Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Mozilla (SAT Patch Number 1304)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:MozillaThunderbird", "p-cpe:/a:novell:suse_linux:11:MozillaThunderbird-translations", "p-cpe:/a:novell:suse_linux:11:hunspell", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_MOZILLATHUNDERBIRD-090915.NASL", "href": "https://www.tenable.com/plugins/nessus/64209", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64209);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE 11 Security Update : Mozilla (SAT Patch Number 1304)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the\ntreatment of domain names in SSL certificates between SSL clients and\nthe Certificate Authorities (CA) which issue server certificates. In\nparticular, if a malicious person requested a certificate for a host\nname with an invalid null character in it most CAs would issue the\ncertificate if the requester owned the domain specified after the\nnull, while most SSL clients (browsers) ignored that part of the name\nand used the unvalidated part in front of the null. This made it\npossible for attackers to obtain certificates that would function for\nany site they wished to target. These certificates could be used to\nintercept and potentially alter encrypted communication between the\nclient and a server such as sensitive bank account transactions. This\nvulnerability was independently reported to us by researcher Moxie\nMarlinspike who also noted that since Firefox relies on SSL to protect\nthe integrity of security updates this attack could be used to serve\nmalicious updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2009/mfsa2009-42.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1304.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaThunderbird-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:hunspell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"MozillaThunderbird-2.0.0.23-0.2.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"MozillaThunderbird-translations-2.0.0.23-0.2.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"hunspell-1.2.7-1.16\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"MozillaThunderbird-2.0.0.23-0.2.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"MozillaThunderbird-translations-2.0.0.23-0.2.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"hunspell-1.2.7-1.16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:11:35", "description": "This update of mutt improves the handling of the \\0 character in SSL certificates. (CVE-2009-2408 )", "cvss3": {}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : mutt (mutt-6487)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mutt", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_MUTT-6487.NASL", "href": "https://www.tenable.com/plugins/nessus/42023", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update mutt-6487.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42023);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE 10 Security Update : mutt (mutt-6487)\");\n script_summary(english:\"Check for the mutt-6487 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408 )\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected mutt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mutt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"mutt-1.5.16-36.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mutt\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:11:37", "description": "This update of openldap2 makes SSL certificate verification more robust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)", "cvss3": {}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : libldap-2_4-2 (libldap-2_4-2-6488)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:openldap2", "p-cpe:/a:novell:opensuse:openldap2-back-meta", "p-cpe:/a:novell:opensuse:openldap2-back-perl", "p-cpe:/a:novell:opensuse:openldap2-client", "p-cpe:/a:novell:opensuse:openldap2-client-32bit", "p-cpe:/a:novell:opensuse:openldap2-devel", "p-cpe:/a:novell:opensuse:openldap2-devel-32bit", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_LIBLDAP-2_4-2-6488.NASL", "href": "https://www.tenable.com/plugins/nessus/42014", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libldap-2_4-2-6488.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42014);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE 10 Security Update : libldap-2_4-2 (libldap-2_4-2-6488)\");\n script_summary(english:\"Check for the libldap-2_4-2-6488 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of openldap2 makes SSL certificate verification more\nrobust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libldap-2_4-2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-client-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-2.3.37-7.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-back-meta-2.3.37-7.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-back-perl-2.3.37-7.11\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-client-2.3.37-20.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"openldap2-devel-2.3.37-20.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"openldap2-client-32bit-2.3.37-20.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.3.37-20.10\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:09:10", "description": "This update of mutt improves the handling of the \\0 character in SSL certificates. (CVE-2009-2408)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : mutt (YOU Patch Number 12505)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12505.NASL", "href": "https://www.tenable.com/plugins/nessus/41326", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41326);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE9 Security Update : mutt (YOU Patch Number 12505)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of mutt improves the handling of the \\0 character in SSL\ncertificates. (CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12505.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"mutt-1.5.6i-64.12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:08:34", "description": "This update of openldap2 makes SSL certificate verification more robust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)", "cvss3": {}, "published": "2009-09-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libldap-2_4-2 (libldap-2_4-2-1301)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libldap-2_4-2", "p-cpe:/a:novell:opensuse:libldap-2_4-2-32bit", "p-cpe:/a:novell:opensuse:openldap2", "p-cpe:/a:novell:opensuse:openldap2-back-meta", "p-cpe:/a:novell:opensuse:openldap2-back-perl", "p-cpe:/a:novell:opensuse:openldap2-client", "p-cpe:/a:novell:opensuse:openldap2-devel", "p-cpe:/a:novell:opensuse:openldap2-devel-32bit", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_LIBLDAP-2_4-2-090909.NASL", "href": "https://www.tenable.com/plugins/nessus/41041", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libldap-2_4-2-1301.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41041);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE Security Update : libldap-2_4-2 (libldap-2_4-2-1301)\");\n script_summary(english:\"Check for the libldap-2_4-2-1301 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of openldap2 makes SSL certificate verification more\nrobust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537143\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libldap-2_4-2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldap-2_4-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libldap-2_4-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-back-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openldap2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libldap-2_4-2-2.4.12-5.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openldap2-2.4.12-5.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openldap2-back-meta-2.4.12-5.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openldap2-back-perl-2.4.12-5.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openldap2-client-2.4.12-5.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"openldap2-devel-2.4.12-5.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libldap-2_4-2-32bit-2.4.12-5.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-2.4.12-5.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openldap2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:10:31", "description": "This update of openldap2 makes SSL certificate verification more robust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : OpenLDAP2 (SAT Patch Number 1290)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libldap-2_4-2", "p-cpe:/a:novell:suse_linux:11:libldap-2_4-2-32bit", "p-cpe:/a:novell:suse_linux:11:openldap2", "p-cpe:/a:novell:suse_linux:11:openldap2-back-meta", "p-cpe:/a:novell:suse_linux:11:openldap2-client", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBLDAP-2_4-2-090915.NASL", "href": "https://www.tenable.com/plugins/nessus/41420", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41420);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE 11 Security Update : OpenLDAP2 (SAT Patch Number 1290)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of openldap2 makes SSL certificate verification more\nrobust against uses of the special character \\0 in the subjects name.\n(CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 1290.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libldap-2_4-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libldap-2_4-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openldap2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openldap2-back-meta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:openldap2-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libldap-2_4-2-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"openldap2-client-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libldap-2_4-2-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libldap-2_4-2-32bit-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"openldap2-client-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libldap-2_4-2-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openldap2-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openldap2-back-meta-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"openldap2-client-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libldap-2_4-2-32bit-2.4.12-7.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libldap-2_4-2-32bit-2.4.12-7.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:11:35", "description": "Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This vulnerability was independently reported to us by researcher Moxie Marlinspike who also noted that since Firefox relies on SSL to protect the integrity of security updates this attack could be used to serve malicious updates.", "cvss3": {}, "published": "2009-10-06T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-6493)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_MOZILLATHUNDERBIRD-6493.NASL", "href": "https://www.tenable.com/plugins/nessus/41986", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-6493.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41986);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-6493)\");\n script_summary(english:\"Check for the MozillaThunderbird-6493 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to version 2.0.0.23.\n\nThe release fixes one security issue: MFSA 2009-42 / CVE-2009-2408:\nIOActive security researcher Dan Kaminsky reported a mismatch in the\ntreatment of domain names in SSL certificates between SSL clients and\nthe Certificate Authorities (CA) which issue server certificates. In\nparticular, if a malicious person requested a certificate for a host\nname with an invalid null character in it most CAs would issue the\ncertificate if the requester owned the domain specified after the\nnull, while most SSL clients (browsers) ignored that part of the name\nand used the unvalidated part in front of the null. This made it\npossible for attackers to obtain certificates that would function for\nany site they wished to target. These certificates could be used to\nintercept and potentially alter encrypted communication between the\nclient and a server such as sensitive bank account transactions. This\nvulnerability was independently reported to us by researcher Moxie\nMarlinspike who also noted that since Firefox relies on SSL to protect\nthe integrity of security updates this attack could be used to serve\nmalicious updates.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"MozillaThunderbird-2.0.0.23-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"MozillaThunderbird-devel-2.0.0.23-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"MozillaThunderbird-translations-2.0.0.23-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:07:51", "description": "The installed version of Thunderbird is earlier than 2.0.0.23. Such versions are potentially affected by the following security issue :\n\n - The client can be fooled into trusting a malicious SSL server certificate with a null character in the host name.\n (MFSA 2009-42)", "cvss3": {}, "published": "2009-08-21T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Name Null Byte Handling SSL MiTM Weakness", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_20023.NASL", "href": "https://www.tenable.com/plugins/nessus/40664", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(40664);\n script_version(\"1.14\");\n\n script_cve_id(\"CVE-2009-2408\");\n script_bugtraq_id(35888);\n script_xref(name:\"Secunia\", value:\"36088\");\n\n script_name(english:\"Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Name Null Byte Handling SSL MiTM Weakness\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute( attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by a\nsecurity bypass vulnerability.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The installed version of Thunderbird is earlier than 2.0.0.23. Such\nversions are potentially affected by the following security issue :\n\n - The client can be fooled into trusting a malicious SSL\n server certificate with a null character in the host name.\n (MFSA 2009-42)\" );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2009-42/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to Thunderbird 2.0.0.23 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(310);\n script_set_attribute(\n attribute:\"vuln_publication_date\",\n value:\"2009/07/30\"\n );\n script_set_attribute(\n attribute:\"patch_publication_date\",\n value:\"2009/08/20\"\n );\n script_set_attribute(\n attribute:\"plugin_publication_date\",\n value:\"2009/08/21\"\n );\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'2.0.0.23', severity:SECURITY_WARNING);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:02:43", "description": "The installed version of Mozilla Thunderbird is earlier than 2.0.0.23. Such versions are potentially affected by the following security issue : \n\n - The client can be fooled into trusting a malicious SSL server certificate with a null character in the host name. (MFSA 2009-42)\n\n", "cvss3": {}, "published": "2010-03-04T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Null Byte Handling SSL MiTM Weakness", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2010-03-04T00:00:00", "cpe": [], "id": "801349.PRM", "href": "https://www.tenable.com/plugins/lce/801349", "sourceData": "Binary data 801349.prm", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:03:17", "description": "Versions of Mozilla Thunderbird prior to 2.0.0.23 are affected by an SSL spoofing attack. The client can be fooled into trusting a malicious SSL server certificate with a null character in the host name. (MFSA 2009-42)", "cvss3": {}, "published": "2010-03-04T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 2.0.0.23 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"], "id": "5353.PRM", "href": "https://www.tenable.com/plugins/nnm/5353", "sourceData": "Binary data 5353.prm", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:10:05", "description": "This update of openldap2 makes SSL certificate verification more robust against uses of the special character \\0 in the subject's name.\n(CVE-2009-2408)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : OpenLDAP2 (YOU Patch Number 12506)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12506.NASL", "href": "https://www.tenable.com/plugins/nessus/41327", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41327);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2408\");\n\n script_name(english:\"SuSE9 Security Update : OpenLDAP2 (YOU Patch Number 12506)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of openldap2 makes SSL certificate verification more\nrobust against uses of the special character \\0 in the subject's name.\n(CVE-2009-2408)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2408.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12506.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-2.2.24-4.31\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-ldap-2.2.24-4.31\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-meta-2.2.24-4.31\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-monitor-2.2.24-4.31\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-back-perl-2.2.24-4.31\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-client-2.2.24-4.31\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"openldap2-devel-2.2.24-4.31\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"openldap2-client-32bit-9-200909091106\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"openldap2-devel-32bit-9-200909091106\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:05:52", "description": "\nSeveral remote vulnerabilities have been discovered in the Icedove\nmail client, an unbranded version of the Thunderbird mail client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\n\n* [CVE-2009-2408](https://security-tracker.debian.org/tracker/CVE-2009-2408)\nDan Kaminsky and Moxie Marlinspike discovered that icedove does not\nproperly handle a '\\0' character in a domain name in the subject's\nCommon Name (CN) field of an X.509 certificate (MFSA 2009-42).\n* [CVE-2009-2404](https://security-tracker.debian.org/tracker/CVE-2009-2404)\nMoxie Marlinspike reported a heap overflow vulnerability in the code\nthat handles regular expressions in certificate names (MFSA 2009-43).\n* [CVE-2009-2463](https://security-tracker.debian.org/tracker/CVE-2009-2463)\nmonarch2020 discovered an integer overflow in a base64 decoding function\n(MFSA 2010-07).\n* [CVE-2009-3072](https://security-tracker.debian.org/tracker/CVE-2009-3072)\nJosh Soref discovered a crash in the BinHex decoder (MFSA 2010-07).\n* [CVE-2009-3075](https://security-tracker.debian.org/tracker/CVE-2009-3075)\nCarsten Book reported a crash in the JavaScript engine (MFSA 2010-07).\n* [CVE-2010-0163](https://security-tracker.debian.org/tracker/CVE-2010-0163)\nLudovic Hirlimann reported a crash indexing some messages with\nattachments, which could lead to the execution of arbitrary code\n(MFSA 2010-07).\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.0.0.24-0lenny1.\n\n\nDue to a problem with the archive system it is not possible to release\nall architectures. The missing architectures will be installed into the\narchive once they become available.\n\n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthese problems will be fixed soon.\n\n\nWe recommend that you upgrade your icedove packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2010-03-31T00:00:00", "type": "osv", "title": "icedove - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2408", "CVE-2009-3072", "CVE-2009-2463", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-2404"], "modified": "2022-08-10T07:05:49", "id": "OSV:DSA-2025-1", "href": "https://osv.dev/vulnerability/DSA-2025-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T07:05:26", "description": "\nSeveral vulnerabilities have been discovered in the Network Security\nService libraries. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\n\n* [CVE-2009-2404](https://security-tracker.debian.org/tracker/CVE-2009-2404)\nMoxie Marlinspike discovered that a buffer overflow in the regular\n expression parser could lead to the execution of arbitrary code.\n* [CVE-2009-2408](https://security-tracker.debian.org/tracker/CVE-2009-2408)\nDan Kaminsky discovered that NULL characters in certificate\n names could lead to man-in-the-middle attacks by tricking the user\n into accepting a rogue certificate.\n* [CVE-2009-2409](https://security-tracker.debian.org/tracker/CVE-2009-2409)\nCertificates with MD2 hash signatures are no longer accepted\n since they're no longer considered cryptograhically secure.\n\n\nThe old stable distribution (etch) doesn't contain nss.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.12.3.1-0lenny1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.12.3.1-1.\n\n\nWe recommend that you upgrade your nss packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2009-08-26T00:00:00", "type": "osv", "title": "nss - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2409", "CVE-2009-2408", "CVE-2009-2404"], "modified": "2022-08-10T07:05:24", "id": "OSV:DSA-1874-1", "href": "https://osv.dev/vulnerability/DSA-1874-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2018-01-23T13:05:23", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 2025-1.", "cvss3": {}, "published": "2010-04-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2025-1 (icedove)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-3072", "CVE-2009-2463", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-2404"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:136141256231067209", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067209", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2025_1.nasl 8495 2018-01-23 07:57:49Z teissa $\n# Description: Auto-generated from advisory DSA 2025-1 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Icedove\nmail client, an unbranded version of the Thunderbird mail client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2009-2408\n\nDan Kaminsky and Moxie Marlinspike discovered that icedove does not\nproperly handle a '\\0' character in a domain name in the subject's\nCommon Name (CN) field of an X.509 certificate (MFSA 2009-42).\n\nCVE-2009-2404\n\nMoxie Marlinspike reported a heap overflow vulnerability in the code\nthat handles regular expressions in certificate names (MFSA 2009-43).\n\nCVE-2009-2463\n\nmonarch2020 discovered an integer overflow n a base64 decoding function\n(MFSA 2010-07).\n\nCVE-2009-3072\n\nJosh Soref discovered a crash in the BinHex decoder (MFSA 2010-07).\n\nCVE-2009-3075\n\nCarsten Book reported a crash in the JavaScript engine (MFSA 2010-07).\n\nCVE-2010-0163\n\nLudovic Hirlimann reported a crash indexing some messages with\nattachments, which could lead to the execution of arbitrary code\n(MFSA 2010-07).\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.0.0.24-0lenny1.\n\nDue to a problem with the archive system it is not possible to release\nall architectures. The missing architectures will be installed into the\narchive once they become available.\n\nFor the testing distribution squeeze and the unstable distribution (sid),\nthese problems will be fixed soon.\n\n\nWe recommend that you upgrade your icedove packages.\";\ntag_summary = \"The remote host is missing an update to icedove\nannounced via advisory DSA 2025-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202025-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67209\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-06 21:31:38 +0200 (Tue, 06 Apr 2010)\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2404\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2010-0163\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2025-1 (icedove)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"2.0.0.24-0lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:25", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-nspr\n mozilla-nspr-devel\n mozilla-nss\n mozilla-nss-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES10: Security update for Mozilla NSS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2404"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066076", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066076", "sourceData": "#\n#VID slesp2-mozilla-nspr-6541\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Mozilla NSS\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-nspr\n mozilla-nspr-devel\n mozilla-nss\n mozilla-nss-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66076\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Mozilla NSS\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.8~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nspr-devel\", rpm:\"mozilla-nspr-devel~4.8~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.12.3.1~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.12.3.1~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:21", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-devel\n mozilla-dom-inspector\n mozilla-irc\n mozilla-mail\n mozilla-venkman\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060741 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES9: Security update for epiphany", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2404"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66072", "href": "http://plugins.openvas.org/nasl.php?oid=66072", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5060741.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for epiphany\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-devel\n mozilla-dom-inspector\n mozilla-irc\n mozilla-mail\n mozilla-venkman\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060741 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(66072);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for epiphany\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla\", rpm:\"mozilla~1.8_seamonkey_1.1.18~0.1\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:36", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-nspr\n mozilla-nspr-devel\n mozilla-nss\n mozilla-nss-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES10: Security update for Mozilla NSS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2404"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66076", "href": "http://plugins.openvas.org/nasl.php?oid=66076", "sourceData": "#\n#VID slesp2-mozilla-nspr-6541\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Mozilla NSS\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla-nspr\n mozilla-nspr-devel\n mozilla-nss\n mozilla-nss-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66076);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Mozilla NSS\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla-nspr\", rpm:\"mozilla-nspr~4.8~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nspr-devel\", rpm:\"mozilla-nspr-devel~4.8~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.12.3.1~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.12.3.1~1.4.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:20", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libfreebl3\n mozilla-nss\n mozilla-nss-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Mozilla Firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2404"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65705", "href": "http://plugins.openvas.org/nasl.php?oid=65705", "sourceData": "#\n#VID 5d306b6d7dd56f9b174098ca596f270a\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Mozilla Firefox\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libfreebl3\n mozilla-nss\n mozilla-nss-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=522602\");\n script_id(65705);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for Mozilla Firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.12.3.1~1.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.12.3.1~1.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.12.3.1~1.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:42", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-devel\n mozilla-dom-inspector\n mozilla-irc\n mozilla-mail\n mozilla-venkman\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060741 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "SLES9: Security update for epiphany", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2404"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066072", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066072", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5060741.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for epiphany\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-devel\n mozilla-dom-inspector\n mozilla-irc\n mozilla-mail\n mozilla-venkman\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5060741 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66072\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for epiphany\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla\", rpm:\"mozilla~1.8_seamonkey_1.1.18~0.1\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:39", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libfreebl3\n mozilla-nss\n mozilla-nss-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Mozilla Firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2404"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065705", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065705", "sourceData": "#\n#VID 5d306b6d7dd56f9b174098ca596f270a\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Mozilla Firefox\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libfreebl3\n mozilla-nss\n mozilla-nss-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=522602\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65705\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES11: Security update for Mozilla Firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.12.3.1~1.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.12.3.1~1.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.12.3.1~1.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:56", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-915-1", "cvss3": {}, "published": "2010-03-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird vulnerabilities USN-915-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3376", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3983", "CVE-2009-3077"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310840402", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840402", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_915_1.nasl 8485 2018-01-22 07:57:57Z teissa $\n#\n# Ubuntu Update for thunderbird vulnerabilities USN-915-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several flaws were discovered in the JavaScript engine of Thunderbird. If a\n user had JavaScript enabled and were tricked into viewing malicious web\n content, a remote attacker could cause a denial of service or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2009-0689, CVE-2009-2463, CVE-2009-3075)\n\n Josh Soref discovered that the BinHex decoder used in Thunderbird contained\n a flaw. If a user were tricked into viewing malicious content, a remote\n attacker could cause a denial of service or possibly execute arbitrary code\n with the privileges of the user invoking the program. (CVE-2009-3072)\n \n It was discovered that Thunderbird did not properly manage memory when\n using XUL tree elements. If a user were tricked into viewing malicious\n content, a remote attacker could cause a denial of service or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2009-3077)\n \n Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly\n display filenames containing right-to-left (RTL) override characters. If a\n user were tricked into opening a malicious file with a crafted filename, an\n attacker could exploit this to trick the user into opening a different file\n than the user expected. (CVE-2009-3376)\n \n Takehiro Takahashi discovered flaws in the NTLM implementation in\n Thunderbird. If an NTLM authenticated user opened content containing links\n to a malicious website, a remote attacker could send requests to other\n applications, authenticated as the user. (CVE-2009-3983)\n \n Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain\n messages with attachments. A remote attacker could send specially crafted\n content and cause a denial of service or possibly execute arbitrary code\n with the privileges of the user invoking the program. (CVE-2010-0163)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-915-1\";\ntag_affected = \"thunderbird vulnerabilities on Ubuntu 8.04 LTS ,\n Ubuntu 8.10 ,\n Ubuntu 9.04 ,\n Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-915-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840402\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-22 11:34:53 +0100 (Mon, 22 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"915-1\");\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3983\", \"CVE-2010-0163\");\n script_name(\"Ubuntu Update for thunderbird vulnerabilities USN-915-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:18:03", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-915-1", "cvss3": {}, "published": "2010-03-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird vulnerabilities USN-915-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3376", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3983", "CVE-2009-3077"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840402", "href": "http://plugins.openvas.org/nasl.php?oid=840402", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_915_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for thunderbird vulnerabilities USN-915-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several flaws were discovered in the JavaScript engine of Thunderbird. If a\n user had JavaScript enabled and were tricked into viewing malicious web\n content, a remote attacker could cause a denial of service or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2009-0689, CVE-2009-2463, CVE-2009-3075)\n\n Josh Soref discovered that the BinHex decoder used in Thunderbird contained\n a flaw. If a user were tricked into viewing malicious content, a remote\n attacker could cause a denial of service or possibly execute arbitrary code\n with the privileges of the user invoking the program. (CVE-2009-3072)\n \n It was discovered that Thunderbird did not properly manage memory when\n using XUL tree elements. If a user were tricked into viewing malicious\n content, a remote attacker could cause a denial of service or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2009-3077)\n \n Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly\n display filenames containing right-to-left (RTL) override characters. If a\n user were tricked into opening a malicious file with a crafted filename, an\n attacker could exploit this to trick the user into opening a different file\n than the user expected. (CVE-2009-3376)\n \n Takehiro Takahashi discovered flaws in the NTLM implementation in\n Thunderbird. If an NTLM authenticated user opened content containing links\n to a malicious website, a remote attacker could send requests to other\n applications, authenticated as the user. (CVE-2009-3983)\n \n Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain\n messages with attachments. A remote attacker could send specially crafted\n content and cause a denial of service or possibly execute arbitrary code\n with the privileges of the user invoking the program. (CVE-2010-0163)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-915-1\";\ntag_affected = \"thunderbird vulnerabilities on Ubuntu 8.04 LTS ,\n Ubuntu 8.10 ,\n Ubuntu 9.04 ,\n Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-915-1/\");\n script_id(840402);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-22 11:34:53 +0100 (Mon, 22 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"915-1\");\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-2463\", \"CVE-2009-3072\", \"CVE-2009-3075\", \"CVE-2009-3077\", \"CVE-2009-3376\", \"CVE-2009-3983\", \"CVE-2010-0163\");\n script_name(\"Ubuntu Update for thunderbird vulnerabilities USN-915-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.04.1\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.10.1\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"2.0.0.24+build1+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:04", "description": "Oracle Linux Local Security Checks ELSA-2009-1186", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1186", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2409", "CVE-2009-2408", "CVE-2009-2404"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122465", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122465", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1186.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122465\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:45:56 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1186\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1186 - nspr and nss security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1186\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1186.html\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.7.4~1.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.7.4~1.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.3.99.3~1.0.1.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.12.3.99.3~1.0.1.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.12.3.99.3~1.0.1.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.12.3.99.3~1.0.1.el5_3.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:57:00", "description": "The remote host is missing an update to nss\nannounced via advisory MDVSA-2009:197-3.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:197-3 (nss)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2409", "CVE-2009-2408", "CVE-2009-2404"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:66362", "href": "http://plugins.openvas.org/nasl.php?oid=66362", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_197_3.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:197-3 (nss)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security issues in nss prior to 3.12.3 could lead to a\nman-in-the-middle attack via a spoofed X.509 certificate\n(CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also\ncause a denial-of-service and possible code execution via a long\ndomain name in X.509 certificate (CVE-2009-2404).\n\nThis update provides the latest versions of NSS and NSPR libraries\nwhich are not vulnerable to those attacks.\n\nUpdate:\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:197-3\";\ntag_summary = \"The remote host is missing an update to nss\nannounced via advisory MDVSA-2009:197-3.\";\n\n \n\nif(description)\n{\n script_id(66362);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2009-2409\", \"CVE-2009-2404\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:197-3 (nss)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libnspr4\", rpm:\"libnspr4~4.7.5~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnspr-devel\", rpm:\"libnspr-devel~4.7.5~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnss3\", rpm:\"libnss3~3.12.3.1~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnss-devel\", rpm:\"libnss-devel~3.12.3.1~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnss-static-devel\", rpm:\"libnss-static-devel~3.12.3.1~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.12.3.1~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nspr4\", rpm:\"lib64nspr4~4.7.5~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nspr-devel\", rpm:\"lib64nspr-devel~4.7.5~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nss3\", rpm:\"lib64nss3~3.12.3.1~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nss-devel\", rpm:\"lib64nss-devel~3.12.3.1~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64nss-static-devel\", rpm:\"lib64nss-static-devel~3.12.3.1~0.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:03", "description": "The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:198.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:198 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2408", "CVE-2009-2654", "CVE-2009-2404"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:64604", "href": "http://plugins.openvas.org/nasl.php?oid=64604", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_198.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:198 (firefox)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security issues were identified and fixed in firefox 3.0.x:\n\nSecurity researcher Juan Pablo Lopez Yacubian reported that an attacker\ncould call window.open() on an invalid URL which looks similar to a\nlegitimate URL and then use document.write() to place content within\nthe new document, appearing to have come from the spoofed location\n(CVE-2009-2654).\n\nMoxie Marlinspike reported a heap overflow vulnerability in the\ncode that handles regular expressions in certificate names. This\nvulnerability could be used to compromise the browser and run arbitrary\ncode by presenting a specially crafted certificate to the client\n(CVE-2009-2404).\n\nIOActive security researcher Dan Kaminsky reported a mismatch in the\ntreatment of domain names in SSL certificates between SSL clients and\nthe Certificate Authorities (CA) which issue server certificates. These\ncertificates could be used to intercept and potentially alter encrypted\ncommunication between the client and a server such as sensitive bank\naccount transactions (CVE-2009-2408).\n\nThis update provides the latest Mozilla Firefox 3.0.x to correct\nthese issues.\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\n\nAffected: 2009.0, 2009.1, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:198\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.13\";\ntag_summary = \"The remote host is missing an update to firefox\nannounced via advisory MDVSA-2009:198.\";\n\n \n\nif(description)\n{\n script_id(64604);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-2654\", \"CVE-2009-2404\", \"CVE-2009-2408\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:198 (firefox)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.21~3.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.21~3.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.0.1~3.11mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.0.1~3.11mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~0.9.5~4.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mn\", rpm:\"firefox-mn~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-theme-kde4ff\", rpm:\"firefox-theme-kde4ff~0.14~4.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.21~3.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.21~3.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner1.9\", rpm:\"libxulrunner1.9~1.9.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-unstable-devel\", rpm:\"libxulrunner-unstable-devel~1.9.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-blogrovr\", rpm:\"mozilla-firefox-ext-blogrovr~1.1.779~5.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-foxmarks\", rpm:\"mozilla-firefox-ext-foxmarks~2.1.0.12~2.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-scribefire\", rpm:\"mozilla-firefox-ext-scribefire~2.3.1~2.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.21~3.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.21~3.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner1.9\", rpm:\"lib64xulrunner1.9~1.9.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-unstable-devel\", rpm:\"lib64xulrunner-unstable-devel~1.9.0.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.26.1~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.26.1~1.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.798~2.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-foxmarks\", rpm:\"firefox-ext-foxmarks~2.7.2~2.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~0.9.6~2.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.7.2~2.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.2.3~2.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mn\", rpm:\"firefox-mn~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-theme-kde4ff\", rpm:\"firefox-theme-kde4ff~0.14~9.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~3.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~3.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~3.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~3.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~3.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~3.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~3.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-common\", rpm:\"google-gadgets-common~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-gtk\", rpm:\"google-gadgets-gtk~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-qt\", rpm:\"google-gadgets-qt~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"google-gadgets-xul\", rpm:\"google-gadgets-xul~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget1.0_0\", rpm:\"libggadget1.0_0~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget-gtk1.0_0\", rpm:\"libggadget-gtk1.0_0~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libggadget-qt1.0_0\", rpm:\"libggadget-qt1.0_0~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgoogle-gadgets-devel\", rpm:\"libgoogle-gadgets-devel~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.7~1.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopensc-devel\", rpm:\"libopensc-devel~0.11.7~1.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner1.9\", rpm:\"libxulrunner1.9~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-unstable-devel\", rpm:\"libxulrunner-unstable-devel~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-plugin-opensc\", rpm:\"mozilla-plugin-opensc~0.11.7~1.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~9.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.7~1.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xpcom\", rpm:\"python-xpcom~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.26.0~3.3mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget1.0_0\", rpm:\"lib64ggadget1.0_0~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget-gtk1.0_0\", rpm:\"lib64ggadget-gtk1.0_0~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64ggadget-qt1.0_0\", rpm:\"lib64ggadget-qt1.0_0~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64google-gadgets-devel\", rpm:\"lib64google-gadgets-devel~0.10.5~8.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64opensc2\", rpm:\"lib64opensc2~0.11.7~1.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64opensc-devel\", rpm:\"lib64opensc-devel~0.11.7~1.5mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner1.9\", rpm:\"lib64xulrunner1.9~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-unstable-devel\", rpm:\"lib64xulrunner-unstable-devel~1.9.0.13~0.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mn\", rpm:\"firefox-mn~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner1.9\", rpm:\"libxulrunner1.9~1.9.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxulrunner-unstable-devel\", rpm:\"libxulrunner-unstable-devel~1.9.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.9mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner1.9\", rpm:\"lib64xulrunner1.9~1.9.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64xulrunner-unstable-devel\", rpm:\"lib64xulrunner-unstable-devel~1.9.0.13~0.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:34", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1190.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI\noperating system facilities. These facilities include threads, thread\nsynchronization, normal file and network I/O, interval timing, calendar\ntime, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv2, SSLv3, TLS,\nand other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a\nprerelease of version 3.12.4. The version of NSPR has also been upgraded\nfrom 4.7.3 to 4.7.4.\n\nFor details on the issues address in this update, please visit the\nreferenced security advisories.\n\nAll users of nspr and nss are advised to upgrade to these updated packages,\nwhich resolve these issues.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1190", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2409", "CVE-2009-2408", "CVE-2009-2404"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64513", "href": "http://plugins.openvas.org/nasl.php?oid=64513", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1190.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1190 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1190.\n\nNetscape Portable Runtime (NSPR) provides platform independence for non-GUI\noperating system facilities. These facilities include threads, thread\nsynchronization, normal file and network I/O, interval timing, calendar\ntime, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv2, SSLv3, TLS,\nand other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a\nprerelease of version 3.12.4. The version of NSPR has also been upgraded\nfrom 4.7.3 to 4.7.4.\n\nFor details on the issues address in this update, please visit the\nreferenced security advisories.\n\nAll users of nspr and nss are advised to upgrade to these updated packages,\nwhich resolve these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64513);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2409\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1190\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1190.html\");\n script_xref(name : \"UR