CentOS Update for firefox CESA-2011:1242 centos4 i386
2011-09-07T00:00:00
ID OPENVAS:880971 Type openvas Reporter Copyright (c) 2011 Greenbone Networks GmbH Modified 2017-07-10T00:00:00
Description
Check for the Version of firefox
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for firefox CESA-2011:1242 centos4 i386
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.
It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
certificate. This update renders any HTTPS certificates signed by that
CA as untrusted, except for a select few. The now untrusted certificates
that were issued before July 1, 2011 can be manually re-enabled and used
again at your own risk in Firefox; however, affected certificates issued
after this date cannot be re-enabled or used. (BZ#734316)
All Firefox users should upgrade to these updated packages, which contain
a backported patch. After installing the update, Firefox must be restarted
for the changes to take effect.";
tag_solution = "Please Install the Updated Packages.";
tag_affected = "firefox on CentOS 4";
if(description)
{
script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2011-September/017714.html");
script_id(880971);
script_version("$Revision: 6653 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $");
script_tag(name:"creation_date", value:"2011-09-07 08:58:04 +0200 (Wed, 07 Sep 2011)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_xref(name: "CESA", value: "2011:1242");
script_name("CentOS Update for firefox CESA-2011:1242 centos4 i386");
script_summary("Check for the Version of firefox");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "CentOS4")
{
if ((res = isrpmvuln(pkg:"firefox", rpm:"firefox~3.6.20~3.el4.centos", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"bulletinFamily": "scanner", "viewCount": 0, "naslFamily": "CentOS Local Security Checks", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://lists.centos.org/pipermail/centos-announce/2011-September/017714.html", "2011:1242"], "description": "Check for the Version of firefox", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "8ab2086e5c37da8b9bddca4139df783b"}, {"key": "href", "hash": "9fadae1867df316809e443e589ce8aea"}, {"key": "modified", "hash": "0d134bf170d66438eb1e01173ee0187f"}, {"key": "naslFamily", "hash": "8f8213e8b86855939d5beea715ce3045"}, {"key": "pluginID", "hash": "5e74201c51cb66158e3470fd5995722a"}, {"key": "published", "hash": "a7650535d6d3ccd45833e6a945f95987"}, {"key": "references", "hash": "777adb487d8582f5e4964b6c71a0eb84"}, {"key": "reporter", "hash": "5b3e78bf2118fdcf240d0771f3c6039e"}, {"key": "sourceData", "hash": "1b7171edffb7794c05f2c7454ca5c7aa"}, {"key": "title", "hash": "0a16e0af9a7344a9fa6f083298367de9"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "href": "http://plugins.openvas.org/nasl.php?oid=880971", "modified": "2017-07-10T00:00:00", "objectVersion": "1.3", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2017-07-25T10:55:20"}, "vulnersScore": 7.5}, "id": "OPENVAS:880971", "title": "CentOS Update for firefox CESA-2011:1242 centos4 i386", "hash": "dbcf2b2ed4c043e1d55957fcd3192260a1ce242d45710355b1d8aa8fae49a838", "edition": 2, "published": "2011-09-07T00:00:00", "type": "openvas", "history": [{"lastseen": "2017-07-02T21:13:27", "bulletin": {"hash": "7757564c8a0bdcb7839ef07e64de048f4e1451e0b5e90b265e4cf47733f8f1ef", "viewCount": 0, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://lists.centos.org/pipermail/centos-announce/2011-September/017714.html", "2011:1242"], "description": "Check for the Version of firefox", "hashmap": [{"key": "modified", "hash": "6b744f6cc99eb0b6fa467773215c68fb"}, {"key": "sourceData", "hash": "b4f566793c3e3a50cf3d7009bdffdc4a"}, {"key": "href", "hash": "9fadae1867df316809e443e589ce8aea"}, {"key": "pluginID", "hash": "5e74201c51cb66158e3470fd5995722a"}, {"key": "reporter", "hash": "5b3e78bf2118fdcf240d0771f3c6039e"}, {"key": "naslFamily", "hash": "8f8213e8b86855939d5beea715ce3045"}, {"key": "published", "hash": "a7650535d6d3ccd45833e6a945f95987"}, {"key": "title", "hash": "0a16e0af9a7344a9fa6f083298367de9"}, {"key": "references", "hash": "777adb487d8582f5e4964b6c71a0eb84"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "description", "hash": "8ab2086e5c37da8b9bddca4139df783b"}], "naslFamily": "CentOS Local Security Checks", "modified": "2016-04-15T00:00:00", "objectVersion": "1.3", "href": "http://plugins.openvas.org/nasl.php?oid=880971", "published": "2011-09-07T00:00:00", "enchantments": {}, "id": "OPENVAS:880971", "title": "CentOS Update for firefox CESA-2011:1242 centos4 i386", "bulletinFamily": "scanner", "edition": 1, "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:1242 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n It was found that a Certificate Authority (CA) issued a fraudulent HTTPS\n certificate. This update renders any HTTPS certificates signed by that\n CA as untrusted, except for a select few. The now untrusted certificates\n that were issued before July 1, 2011 can be manually re-enabled and used\n again at your own risk in Firefox; however, affected certificates issued\n after this date cannot be re-enabled or used. (BZ#734316)\n \n All Firefox users should upgrade to these updated packages, which contain\n a backported patch. After installing the update, Firefox must be restarted\n for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-September/017714.html\");\n script_id(880971);\n script_version(\"$Revision: 3073 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-15 10:41:17 +0200 (Fri, 15 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-07 08:58:04 +0200 (Wed, 07 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"CESA\", value: \"2011:1242\");\n script_name(\"CentOS Update for firefox CESA-2011:1242 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:centos:centos\", \"login/SSH/success\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.20~3.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "type": "openvas", "history": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvelist": [], "lastseen": "2017-07-02T21:13:27", "pluginID": "880971"}, "differentElements": ["modified", "sourceData"], "edition": 1}], "cvss": {"score": 0.0, "vector": "NONE"}, "cvelist": [], "lastseen": "2017-07-25T10:55:20", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:1242 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n It was found that a Certificate Authority (CA) issued a fraudulent HTTPS\n certificate. This update renders any HTTPS certificates signed by that\n CA as untrusted, except for a select few. The now untrusted certificates\n that were issued before July 1, 2011 can be manually re-enabled and used\n again at your own risk in Firefox; however, affected certificates issued\n after this date cannot be re-enabled or used. (BZ#734316)\n \n All Firefox users should upgrade to these updated packages, which contain\n a backported patch. After installing the update, Firefox must be restarted\n for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-September/017714.html\");\n script_id(880971);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-07 08:58:04 +0200 (Wed, 07 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"CESA\", value: \"2011:1242\");\n script_name(\"CentOS Update for firefox CESA-2011:1242 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.20~3.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "pluginID": "880971"}
