DATABASE RESOURCES PRICING ABOUT US

{"id": "VERACODE:38989", "vendorId": null, "type": "veracode", "bulletinFamily": "software", "title": "Information Disclosure", "description": "firefox is vulnerable to Information Disclosure. A mishandled security check when creating a WebSocket in a WebWorker caused the content security Policy `connect-src` header to be ignored leading to connections to be restricted from inside WebWorkers.\n", "published": "2023-01-24T20:59:29", "modified": "2023-02-15T09:55:47", "epss": [{"cve": "CVE-2023-23602", "epss": 0.00045, "percentile": 0.12287, "modified": "2023-06-03"}], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-38989/summary", "reporter": "Veracode Vulnerability Database", "references": [], "cvelist": ["CVE-2023-23602"], "immutableFields": [], "lastseen": "2023-06-03T20:03:24", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2023:0288", "ALSA-2023:0463"]}, {"type": "centos", "idList": ["CESA-2023:0296", "CESA-2023:0456"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3275-1:3B0C1", "DEBIAN:DSA-5322-1:10202"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2023-23602"]}, {"type": "mageia", "idList": ["MGASA-2023-0018", "MGASA-2023-0034"]}, {"type": "mozilla", "idList": ["MFSA2023-01", "MFSA2023-02", "MFSA2023-03"]}, {"type": "nessus", "idList": ["ALMA_LINUX_ALSA-2023-0285.NASL", "ALMA_LINUX_ALSA-2023-0288.NASL", "ALMA_LINUX_ALSA-2023-0463.NASL", "CENTOS_RHSA-2023-0296.NASL", "CENTOS_RHSA-2023-0456.NASL", "DEBIAN_DLA-3275.NASL", "DEBIAN_DSA-5322.NASL", "MACOS_FIREFOX_102_7_ESR.NASL", "MACOS_FIREFOX_109_0.NASL", "MACOS_THUNDERBIRD_102_7.NASL", "MOZILLA_FIREFOX_102_7_ESR.NASL", "MOZILLA_FIREFOX_109_0.NASL", "MOZILLA_THUNDERBIRD_102_7.NASL", "ORACLELINUX_ELSA-2023-0285.NASL", "ORACLELINUX_ELSA-2023-0288.NASL", "ORACLELINUX_ELSA-2023-0296.NASL", "ORACLELINUX_ELSA-2023-0456.NASL", "ORACLELINUX_ELSA-2023-0463.NASL", "ORACLELINUX_ELSA-2023-0476.NASL", "REDHAT-RHSA-2023-0285.NASL", "REDHAT-RHSA-2023-0286.NASL", "REDHAT-RHSA-2023-0288.NASL", "REDHAT-RHSA-2023-0289.NASL", "REDHAT-RHSA-2023-0290.NASL", "REDHAT-RHSA-2023-0294.NASL", "REDHAT-RHSA-2023-0295.NASL", "REDHAT-RHSA-2023-0296.NASL", "REDHAT-RHSA-2023-0456.NASL", "REDHAT-RHSA-2023-0457.NASL", "REDHAT-RHSA-2023-0459.NASL", "REDHAT-RHSA-2023-0460.NASL", "REDHAT-RHSA-2023-0461.NASL", "REDHAT-RHSA-2023-0462.NASL", "REDHAT-RHSA-2023-0463.NASL", "REDHAT-RHSA-2023-0476.NASL", "SLACKWARE_SSA_2023-018-04.NASL", "SL_20230123_FIREFOX_ON_SL7_X.NASL", "SL_20230127_THUNDERBIRD_ON_SL7_X.NASL", "SUSE_SU-2023-0111-1.NASL", "SUSE_SU-2023-0112-1.NASL", "SUSE_SU-2023-0113-1.NASL", "SUSE_SU-2023-0329-1.NASL", "UBUNTU_USN-5816-1.NASL", "UBUNTU_USN-5824-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2023-0285", "ELSA-2023-0288", "ELSA-2023-0296", "ELSA-2023-0456", "ELSA-2023-0463", "ELSA-2023-0476"]}, {"type": "osv", "idList": ["OSV:DLA-3275-1", "OSV:DSA-5322-1"]}, {"type": "redhat", "idList": ["RHSA-2023:0285", "RHSA-2023:0286", "RHSA-2023:0288", "RHSA-2023:0289", "RHSA-2023:0290", "RHSA-2023:0294", "RHSA-2023:0295", "RHSA-2023:0296", "RHSA-2023:0456", "RHSA-2023:0457", "RHSA-2023:0459", "RHSA-2023:0460", "RHSA-2023:0461", "RHSA-2023:0462", "RHSA-2023:0463", "RHSA-2023:0476"]}, {"type": "redhatcve", "idList": ["RH:CVE-2023-23602"]}, {"type": "rocky", "idList": ["RLSA-2023:0285", "RLSA-2023:0288", "RLSA-2023:0463", "RLSA-2023:0476"]}, {"type": "slackware", "idList": ["SSA-2023-018-04"]}, {"type": "ubuntu", "idList": ["USN-5816-1", "USN-5816-2", "USN-5824-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2023-23602"]}]}, "score": {"value": 0.7, "vector": "NONE"}, "affected_software": {"major_version": [{"name": "firefox:bionic", "version": 83}, {"name": "firefox:bionic", "version": 80}, {"name": "firefox:bionic", "version": 59}, {"name": "firefox:bionic", "version": 80}, {"name": "firefox:bionic", "version": 92}, {"name": "firefox:focal", "version": 80}, {"name": "firefox:focal", "version": 83}, {"name": "firefox:focal", "version": 75}, {"name": "firefox:focal", "version": 80}, {"name": "firefox:bionic", "version": 83}, {"name": "firefox:bionic", "version": 80}, {"name": "firefox:bionic", "version": 59}, {"name": "firefox:bionic", "version": 80}, {"name": "firefox:bionic", "version": 92}, {"name": "firefox:focal", "version": 80}, {"name": "firefox:focal", "version": 83}, {"name": "firefox:focal", "version": 75}, {"name": "firefox:focal", "version": 80}]}, "vulnersScore": 0.7}, "_state": {"dependencies": 0, "score": 1685822809, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "96279e831953acb617989174a2c50535"}, "affectedSoftware": []}

{"ubuntucve": [{"lastseen": "2023-04-26T13:14:39", "description": "[Unknown description]\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | mozjs contains a copy of the SpiderMonkey JavaScript engine \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap\n", "cvss3": {}, "published": "2023-01-18T00:00:00", "type": "ubuntucve", "title": "CVE-2023-23602", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2023-23602"], "modified": "2023-01-18T00:00:00", "id": "UB:CVE-2023-23602", "href": "https://ubuntu.com/security/CVE-2023-23602", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2023-06-03T14:44:19", "description": "The Mozilla Foundation Security Advisory describes this flaw as: A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers.\n", "cvss3": {}, "published": "2023-01-19T12:06:35", "type": "redhatcve", "title": "CVE-2023-23602", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2023-23602"], "modified": "2023-04-06T10:16:16", "id": "RH:CVE-2023-23602", "href": "https://access.redhat.com/security/cve/cve-2023-23602", "cvss": {"score": 0.0, "vector": "NONE"}}], "debiancve": [{"lastseen": "2023-06-03T14:40:04", "description": "A mishandled security check when creating a WebSocket in a WebWorker c ...", "cvss3": {}, "published": "2023-06-02T17:15:00", "type": "debiancve", "title": "CVE-2023-23602", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2023-23602"], "modified": "2023-06-02T17:15:00", "id": "DEBIANCVE:CVE-2023-23602", "href": "https://security-tracker.debian.org/tracker/CVE-2023-23602", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2023-06-03T14:28:04", "description": "A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.", "cvss3": {}, "published": "2023-06-02T17:15:00", "type": "cve", "title": "CVE-2023-23602", "cwe": [], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2023-23602"], "modified": "2023-06-02T18:10:00", "cpe": [], "id": "CVE-2023-23602", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23602", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}], "ibm": [{"lastseen": "2023-06-03T17:37:36", "description": "## Summary\n\nAPM Synthetic Playback Agent is vulnerable to Firefox ESR CVE-2023-23599, CVE-2023-23603, CVE-2023-23605, CVE-2023-23602, CVE-2023-23601, CVE-2023-23598. Firefox ESR is used by APM Synthetic Playback Agent for running the selenium scripts. The fix includes support for Firefox 102.7 ESR. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2023-23599](<https://vulners.com/cve/CVE-2023-23599>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by the improper validation of output when copying a network request from the developer tools panel as a curl command. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to allow arbitrary commands to be hidden within. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/244843](<https://exchange.xforce.ibmcloud.com/vulnerabilities/244843>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2023-23603](<https://vulners.com/cve/CVE-2023-23603>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by the failure to account for external URLs by regular expressions used to filter out forbidden properties and values from style directives in calls to console.log. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to exfiltrate data from the browser. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/244847](<https://exchange.xforce.ibmcloud.com/vulnerabilities/244847>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2023-23605](<https://vulners.com/cve/CVE-2023-23605>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/244839](<https://exchange.xforce.ibmcloud.com/vulnerabilities/244839>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2023-23602](<https://vulners.com/cve/CVE-2023-23602>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by the failure to correctly apply Content Security Policy to WebSockets in WebWorkers. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to lead to connections to restricted origins from inside WebWorkers. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/244846](<https://exchange.xforce.ibmcloud.com/vulnerabilities/244846>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2023-23601](<https://vulners.com/cve/CVE-2023-23601>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to conduct spoofing attacks, caused by navigations being allowed when dragging a URL from a cross-origin iframe into the same tab. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to conduct spoofing attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/244845](<https://exchange.xforce.ibmcloud.com/vulnerabilities/244845>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2023-23598](<https://vulners.com/cve/CVE-2023-23598>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by the use of text/plain for a GTK drag and drop on Linux. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability using a call to DataTransfer.setData to read arbitrary files on the system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/244840](<https://exchange.xforce.ibmcloud.com/vulnerabilities/244840>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAPM on-premise| 8.1.4 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading: \n\nProduct Remediation\n\n| \n\nFix \n \n---|--- \n \nAPM on-premise\n\n| \n\nSynthetic Playback Agent 8.1.4 IF17\n\nDownload link: [http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Application+Performance+Management+Advanced&amp;fixids=8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0017&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Application+Performance+Management+Advanced&fixids=8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0017&source=SAR>)\n\nReadme: <https://www.ibm.com/support/pages/node/6847849> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2023-03-21T11:20:55", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities of Mozilla Firefox ESR have affected APM Synthetic Playback Agent", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-03-21T11:20:55", "id": "04852C21578B5AE55119C10C853A7AF2327B17F9309C319C431A4DD45D3B83A7", "href": "https://www.ibm.com/support/pages/node/6964754", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2023-01-18T23:36:03", "description": "\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure or spoofing.\n\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 102.7.0esr-1~deb11u1.\n\n\nWe recommend that you upgrade your firefox-esr packages.\n\n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/firefox-esr](https://security-tracker.debian.org/tracker/firefox-esr)\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-18T00:00:00", "type": "osv", "title": "firefox-esr - security update", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-01-18T23:35:58", "id": "OSV:DSA-5322-1", "href": "https://osv.dev/vulnerability/DSA-5322-1", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-19T13:20:04", "description": "\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode, information disclosure or spoofing.\n\n\nFor Debian 10 buster, these problems have been fixed in version\n102.7.0esr-1~deb10u1.\n\n\nWe recommend that you upgrade your firefox-esr packages.\n\n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/firefox-esr>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-01-19T00:00:00", "type": "osv", "title": "firefox-esr - security update", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-01-19T13:20:00", "id": "OSV:DLA-3275-1", "href": "https://osv.dev/vulnerability/DLA-3275-1", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-20T09:20:51", "description": "\nMultiple security issues were discovered in Thunderbird, which could\nresult in denial of service or the execution of arbitrary code.\n\n\nFor Debian 10 buster, these problems have been fixed in version\n1:102.8.0-1~deb10u1.\n\n\nWe recommend that you upgrade your thunderbird packages.\n\n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/thunderbird>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-02-20T00:00:00", "type": "osv", "title": "thunderbird - security update", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-0430", "CVE-2023-0616", "CVE-2023-0767", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605", "CVE-2023-25728", "CVE-2023-25729", "CVE-2023-25730", "CVE-2023-25732", "CVE-2023-25735", "CVE-2023-25737", "CVE-2023-25739", "CVE-2023-25742", "CVE-2023-25744", "CVE-2023-25746"], "modified": "2023-02-20T09:20:49", "id": "OSV:DLA-3324-1", "href": "https://osv.dev/vulnerability/DLA-3324-1", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-18T23:53:42", "description": "\nMultiple security issues were discovered in Thunderbird, which could\nresult in denial of service or the execution of arbitrary code.\n\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 1:102.8.0-1~deb11u1.\n\n\nWe recommend that you upgrade your thunderbird packages.\n\n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/thunderbird](https://security-tracker.debian.org/tracker/thunderbird)\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-02-18T00:00:00", "type": "osv", "title": "thunderbird - security update", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-0430", "CVE-2023-0616", "CVE-2023-0767", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605", "CVE-2023-25728", "CVE-2023-25729", "CVE-2023-25730", "CVE-2023-25732", "CVE-2023-25735", "CVE-2023-25737", "CVE-2023-25739", "CVE-2023-25742", "CVE-2023-25744", "CVE-2023-25746"], "modified": "2023-02-18T23:53:41", "id": "OSV:DSA-5355-1", "href": "https://osv.dev/vulnerability/DSA-5355-1", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2023-05-17T16:41:42", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0111-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:0111-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-03-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2023-0111-1.NASL", "href": "https://www.tenable.com/plugins/nessus/170250", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2023:0111-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170250);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/07\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2023:0111-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:0111-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2023:0111-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1207119\");\n # https://lists.suse.com/pipermail/sle-security-updates/2023-January/013492.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?355444f4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-devel and / or MozillaFirefox-translations-common packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-102.7.0-112.145.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'MozillaFirefox-devel-102.7.0-112.145.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-112.145.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'MozillaFirefox-102.7.0-112.145.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'MozillaFirefox-devel-102.7.0-112.145.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-112.145.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'MozillaFirefox-102.7.0-112.145.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'MozillaFirefox-devel-102.7.0-112.145.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-112.145.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'MozillaFirefox-102.7.0-112.145.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'MozillaFirefox-devel-102.7.0-112.145.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-112.145.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-release-12.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:09", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3275 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-19T00:00:00", "type": "nessus", "title": "Debian DLA-3275-1 : firefox-esr - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceweasel", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-af", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-all", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-an", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-az", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-be", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-da", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-de", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-el", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-et", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-he", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-id", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-is", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-it", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-km", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-my", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-si", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-son", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-th", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3275.NASL", "href": "https://www.tenable.com/plugins/nessus/170183", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3275. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170183);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Debian DLA-3275-1 : firefox-esr - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3275 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2023/dla-3275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/firefox-esr\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the firefox-esr packages.\n\nFor Debian 10 buster, these problems have been fixed in version 102.7.0esr-1~deb10u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceweasel-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'firefox-esr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ach', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-af', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-all', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-an', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ar', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ast', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-az', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-be', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bg', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-br', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-bs', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ca', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ca-valencia', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cak', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cs', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-cy', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-da', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-de', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-dsb', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-el', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-en-ca', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-en-gb', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-eo', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-ar', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-cl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-es', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-es-mx', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-et', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-eu', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fa', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ff', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fi', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-fy-nl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ga-ie', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gd', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-gu-in', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-he', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hi-in', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hsb', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hu', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-hy-am', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ia', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-id', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-is', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-it', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ja', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ka', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kab', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-km', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-kn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ko', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lij', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lt', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-lv', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-mk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-mr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ms', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-my', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nb-no', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ne-np', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-nn-no', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-oc', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pa-in', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pt-br', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-pt-pt', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-rm', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ro', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ru', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sco', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-si', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-son', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sq', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-sv-se', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-szl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ta', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-te', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-th', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-tl', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-tr', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-trs', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-uk', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-ur', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-uz', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-vi', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-xh', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-zh-cn', 'reference': '102.7.0esr-1~deb10u1'},\n {'release': '10.0', 'prefix': 'iceweasel-l10n-zh-tw', 'reference': '102.7.0esr-1~deb10u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox-esr / firefox-esr-l10n-ach / firefox-esr-l10n-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:10", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0113-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-21T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2023:0113-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-03-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2023-0113-1.NASL", "href": "https://www.tenable.com/plugins/nessus/170252", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2023:0113-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170252);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/07\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2023:0113-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2023:0113-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2023:0113-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1207119\");\n # https://lists.suse.com/pipermail/sle-security-updates/2023-January/013482.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?04d3be0a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-ESPOS-release-3', 'SLE_RT-release-15.3']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-ESPOS-release-3', 'SLE_RT-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-ESPOS-release-3', 'SLE_RT-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-ESPOS-release-3', 'SLE_RT-release-15.3']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-3']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'MozillaFirefox-branding-upstream-102.7.0-150200.152.73.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'MozillaFirefox-devel-102.7.0-150200.152.73.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'MozillaFirefox-102.7.0-150200.152.73.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.3']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150200.152.73.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.3']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150200.152.73.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-branding-upstream / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:32", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5322 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-19T00:00:00", "type": "nessus", "title": "Debian DSA-5322-1 : firefox-esr - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firefox-esr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5322.NASL", "href": "https://www.tenable.com/plugins/nessus/170157", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5322. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170157);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Debian DSA-5322-1 : firefox-esr - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5322 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/firefox-esr\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2023/dsa-5322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/firefox-esr\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the firefox-esr packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 102.7.0esr-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ach\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ca-valencia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-cl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-gu-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hi-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ne-np\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sco\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-son\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-trs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firefox-esr-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'firefox-esr', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ach', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-af', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-all', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-an', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ar', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ast', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-az', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-be', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bg', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bn', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-br', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-bs', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ca', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ca-valencia', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cak', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cs', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-cy', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-da', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-de', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-dsb', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-el', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-en-ca', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-en-gb', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-eo', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-ar', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-cl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-es', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-es-mx', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-et', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-eu', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fa', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ff', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fi', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fr', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-fy-nl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ga-ie', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gd', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gn', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-gu-in', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-he', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hi-in', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hr', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hsb', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hu', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-hy-am', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ia', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-id', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-is', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-it', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ja', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ka', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kab', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kk', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-km', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-kn', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ko', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lij', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lt', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-lv', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-mk', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-mr', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ms', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-my', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nb-no', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ne-np', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-nn-no', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-oc', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pa-in', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pt-br', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-pt-pt', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-rm', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ro', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ru', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sco', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-si', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sk', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-son', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sq', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sr', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-sv-se', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-szl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ta', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-te', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-th', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-tl', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-tr', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-trs', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-uk', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-ur', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-uz', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-vi', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-xh', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-zh-cn', 'reference': '102.7.0esr-1~deb11u1'},\n {'release': '11.0', 'prefix': 'firefox-esr-l10n-zh-tw', 'reference': '102.7.0esr-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox-esr / firefox-esr-l10n-ach / firefox-esr-l10n-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:11", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0112-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-21T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:0112-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-03-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillafirefox", "p-cpe:/a:novell:suse_linux:mozillafirefox-devel", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-common", "p-cpe:/a:novell:suse_linux:mozillafirefox-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2023-0112-1.NASL", "href": "https://www.tenable.com/plugins/nessus/170246", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2023:0112-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170246);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/07\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2023:0112-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:0112-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2023:0112-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1207119\");\n # https://lists.suse.com/pipermail/sle-security-updates/2023-January/013488.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?80f80558\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaFirefox, MozillaFirefox-devel, MozillaFirefox-translations-common and / or MozillaFirefox-\ntranslations-other packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaFirefox-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-devel-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'MozillaFirefox-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-devel-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-devel-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150000.150.71.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'MozillaFirefox-102.7.0-150000.150.71.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-devel-102.7.0-150000.150.71.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-translations-common-102.7.0-150000.150.71.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'MozillaFirefox-translations-other-102.7.0-150000.150.71.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaFirefox / MozillaFirefox-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T02:42:24", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0295 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2023:0295)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0295.NASL", "href": "https://www.tenable.com/plugins/nessus/170281", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0295. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170281);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"RHSA\", value:\"2023:0295\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2023:0295)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0295 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el8_4', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:34:16", "description": "The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0285 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 9 : firefox (RHSA-2023:0285)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_aus:9.2", "cpe:/o:redhat:rhel_e4s:9.2", "cpe:/o:redhat:rhel_eus:9.2", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0285.NASL", "href": "https://www.tenable.com/plugins/nessus/170274", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0285. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170274);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"RHSA\", value:\"2023:0285\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"RHEL 9 : firefox (RHSA-2023:0285)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0285 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel9/9.2/x86_64/appstream/debug',\n 'content/aus/rhel9/9.2/x86_64/appstream/os',\n 'content/aus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel9/9.2/x86_64/baseos/debug',\n 'content/aus/rhel9/9.2/x86_64/baseos/os',\n 'content/aus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.2/aarch64/appstream/os',\n 'content/e4s/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.2/aarch64/baseos/os',\n 'content/e4s/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/appstream/debug',\n 'content/e4s/rhel9/9.2/s390x/appstream/os',\n 'content/e4s/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/baseos/debug',\n 'content/e4s/rhel9/9.2/s390x/baseos/os',\n 'content/e4s/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.2/s390x/highavailability/os',\n 'content/e4s/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/sap/debug',\n 'content/e4s/rhel9/9.2/s390x/sap/os',\n 'content/e4s/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.2/x86_64/appstream/os',\n 'content/e4s/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.2/x86_64/baseos/os',\n 'content/e4s/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap/os',\n 'content/e4s/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/appstream/debug',\n 'content/eus/rhel9/9.2/aarch64/appstream/os',\n 'content/eus/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/baseos/debug',\n 'content/eus/rhel9/9.2/aarch64/baseos/os',\n 'content/eus/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.2/aarch64/highavailability/os',\n 'content/eus/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.2/aarch64/supplementary/os',\n 'content/eus/rhel9/9.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.2/ppc64le/appstream/os',\n 'content/eus/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.2/ppc64le/baseos/os',\n 'content/eus/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap/os',\n 'content/eus/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/appstream/debug',\n 'content/eus/rhel9/9.2/s390x/appstream/os',\n 'content/eus/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/baseos/debug',\n 'content/eus/rhel9/9.2/s390x/baseos/os',\n 'content/eus/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/highavailability/debug',\n 'content/eus/rhel9/9.2/s390x/highavailability/os',\n 'content/eus/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/sap/debug',\n 'content/eus/rhel9/9.2/s390x/sap/os',\n 'content/eus/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/supplementary/debug',\n 'content/eus/rhel9/9.2/s390x/supplementary/os',\n 'content/eus/rhel9/9.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/appstream/debug',\n 'content/eus/rhel9/9.2/x86_64/appstream/os',\n 'content/eus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/baseos/debug',\n 'content/eus/rhel9/9.2/x86_64/baseos/os',\n 'content/eus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.2/x86_64/highavailability/os',\n 'content/eus/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap/debug',\n 'content/eus/rhel9/9.2/x86_64/sap/os',\n 'content/eus/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.2/x86_64/supplementary/os',\n 'content/eus/rhel9/9.2/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:34:16", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0288 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2023:0288)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0288.NASL", "href": "https://www.tenable.com/plugins/nessus/170283", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0288. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170283);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0288\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2023:0288)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0288 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0288\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:34:17", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0456 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "RHEL 7 : thunderbird (RHSA-2023:0456)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0456.NASL", "href": "https://www.tenable.com/plugins/nessus/170645", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0456. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170645);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0456\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 7 : thunderbird (RHSA-2023:0456)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0456 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0456\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el7_9', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-102.7.1-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:35:00", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0460 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2023:0460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0460.NASL", "href": "https://www.tenable.com/plugins/nessus/170649", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0460. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170649);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0460\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2023:0460)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0460 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el8_4', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:35:01", "description": "The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0461 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "RHEL 9 : thunderbird (RHSA-2023:0461)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:9.0", "cpe:/o:redhat:rhel_eus:9.0", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0461.NASL", "href": "https://www.tenable.com/plugins/nessus/170641", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0461. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170641);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0461\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 9 : thunderbird (RHSA-2023:0461)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0461 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '9.0')) audit(AUDIT_OS_NOT, 'Red Hat 9.0', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel9/9.0/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.0/aarch64/appstream/os',\n 'content/e4s/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.0/aarch64/baseos/os',\n 'content/e4s/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/appstream/debug',\n 'content/e4s/rhel9/9.0/s390x/appstream/os',\n 'content/e4s/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/baseos/debug',\n 'content/e4s/rhel9/9.0/s390x/baseos/os',\n 'content/e4s/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.0/s390x/highavailability/os',\n 'content/e4s/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/sap/debug',\n 'content/e4s/rhel9/9.0/s390x/sap/os',\n 'content/e4s/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.0/x86_64/appstream/os',\n 'content/e4s/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.0/x86_64/baseos/os',\n 'content/e4s/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/nfv/debug',\n 'content/e4s/rhel9/9.0/x86_64/nfv/os',\n 'content/e4s/rhel9/9.0/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/rt/debug',\n 'content/e4s/rhel9/9.0/x86_64/rt/os',\n 'content/e4s/rhel9/9.0/x86_64/rt/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap/os',\n 'content/e4s/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/appstream/debug',\n 'content/eus/rhel9/9.0/aarch64/appstream/os',\n 'content/eus/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/baseos/debug',\n 'content/eus/rhel9/9.0/aarch64/baseos/os',\n 'content/eus/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.0/aarch64/highavailability/os',\n 'content/eus/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.0/aarch64/supplementary/os',\n 'content/eus/rhel9/9.0/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.0/ppc64le/appstream/os',\n 'content/eus/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.0/ppc64le/baseos/os',\n 'content/eus/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap/os',\n 'content/eus/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/appstream/debug',\n 'content/eus/rhel9/9.0/s390x/appstream/os',\n 'content/eus/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/baseos/debug',\n 'content/eus/rhel9/9.0/s390x/baseos/os',\n 'content/eus/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/highavailability/debug',\n 'content/eus/rhel9/9.0/s390x/highavailability/os',\n 'content/eus/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/sap/debug',\n 'content/eus/rhel9/9.0/s390x/sap/os',\n 'content/eus/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/supplementary/debug',\n 'content/eus/rhel9/9.0/s390x/supplementary/os',\n 'content/eus/rhel9/9.0/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/appstream/debug',\n 'content/eus/rhel9/9.0/x86_64/appstream/os',\n 'content/eus/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/baseos/debug',\n 'content/eus/rhel9/9.0/x86_64/baseos/os',\n 'content/eus/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.0/x86_64/highavailability/os',\n 'content/eus/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap/debug',\n 'content/eus/rhel9/9.0/x86_64/sap/os',\n 'content/eus/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.0/x86_64/supplementary/os',\n 'content/eus/rhel9/9.0/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:36:16", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0462 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2023:0462)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0462.NASL", "href": "https://www.tenable.com/plugins/nessus/170634", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0462. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170634);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0462\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2023:0462)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0462 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.6')) audit(AUDIT_OS_NOT, 'Red Hat 8.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:36:36", "description": "The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0476 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-26T00:00:00", "type": "nessus", "title": "RHEL 9 : thunderbird (RHSA-2023:0476)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_aus:9.2", "cpe:/o:redhat:rhel_e4s:9.2", "cpe:/o:redhat:rhel_eus:9.2", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0476.NASL", "href": "https://www.tenable.com/plugins/nessus/170685", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0476. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170685);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0476\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 9 : thunderbird (RHSA-2023:0476)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0476 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel9/9.2/x86_64/appstream/debug',\n 'content/aus/rhel9/9.2/x86_64/appstream/os',\n 'content/aus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel9/9.2/x86_64/baseos/debug',\n 'content/aus/rhel9/9.2/x86_64/baseos/os',\n 'content/aus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.2/aarch64/appstream/os',\n 'content/e4s/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.2/aarch64/baseos/os',\n 'content/e4s/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/appstream/debug',\n 'content/e4s/rhel9/9.2/s390x/appstream/os',\n 'content/e4s/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/baseos/debug',\n 'content/e4s/rhel9/9.2/s390x/baseos/os',\n 'content/e4s/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.2/s390x/highavailability/os',\n 'content/e4s/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/sap/debug',\n 'content/e4s/rhel9/9.2/s390x/sap/os',\n 'content/e4s/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.2/x86_64/appstream/os',\n 'content/e4s/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.2/x86_64/baseos/os',\n 'content/e4s/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap/os',\n 'content/e4s/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/appstream/debug',\n 'content/eus/rhel9/9.2/aarch64/appstream/os',\n 'content/eus/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/baseos/debug',\n 'content/eus/rhel9/9.2/aarch64/baseos/os',\n 'content/eus/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.2/aarch64/highavailability/os',\n 'content/eus/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.2/aarch64/supplementary/os',\n 'content/eus/rhel9/9.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.2/ppc64le/appstream/os',\n 'content/eus/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.2/ppc64le/baseos/os',\n 'content/eus/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap/os',\n 'content/eus/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/appstream/debug',\n 'content/eus/rhel9/9.2/s390x/appstream/os',\n 'content/eus/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/baseos/debug',\n 'content/eus/rhel9/9.2/s390x/baseos/os',\n 'content/eus/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/highavailability/debug',\n 'content/eus/rhel9/9.2/s390x/highavailability/os',\n 'content/eus/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/sap/debug',\n 'content/eus/rhel9/9.2/s390x/sap/os',\n 'content/eus/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/supplementary/debug',\n 'content/eus/rhel9/9.2/s390x/supplementary/os',\n 'content/eus/rhel9/9.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/appstream/debug',\n 'content/eus/rhel9/9.2/x86_64/appstream/os',\n 'content/eus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/baseos/debug',\n 'content/eus/rhel9/9.2/x86_64/baseos/os',\n 'content/eus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.2/x86_64/highavailability/os',\n 'content/eus/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap/debug',\n 'content/eus/rhel9/9.2/x86_64/sap/os',\n 'content/eus/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.2/x86_64/supplementary/os',\n 'content/eus/rhel9/9.2/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:34:35", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0463 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2023:0463)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0463.NASL", "href": "https://www.tenable.com/plugins/nessus/170648", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0463. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170648);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0463\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2023:0463)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0463 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:35", "description": "The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:0463 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-27T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : thunderbird (ALSA-2023:0463)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:alma:linux:thunderbird", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream"], "id": "ALMA_LINUX_ALSA-2023-0463.NASL", "href": "https://www.tenable.com/plugins/nessus/170698", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:0463.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170698);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"ALSA\", value:\"2023:0463\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"AlmaLinux 8 : thunderbird (ALSA-2023:0463)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2023:0463 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2023-0463.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-102.7.1-1.el8_7.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-102.7.1-1.el8_7.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:34", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0459 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2023:0459)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0459.NASL", "href": "https://www.tenable.com/plugins/nessus/170633", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0459. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170633);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0459\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2023:0459)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0459 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0459\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:50", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0294 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2023:0294)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0294.NASL", "href": "https://www.tenable.com/plugins/nessus/170424", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0294. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170424);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0294\");\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2023:0294)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0294 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:51", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0296 advisory.\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : firefox (ELSA-2023-0296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2023-0296.NASL", "href": "https://www.tenable.com/plugins/nessus/170481", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0296.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170481);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Oracle Linux 7 : firefox (ELSA-2023-0296)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2023-0296 advisory.\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0296.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-102.7.0-1.0.1.el7_9', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.0.1.el7_9', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:09", "description": "The version of mozilla-firefox installed on the remote host is prior to 102.7.0esr / 109.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-018-04 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-18T00:00:00", "type": "nessus", "title": "Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-018-04)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:mozilla-firefox", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:15.0"], "id": "SLACKWARE_SSA_2023-018-04.NASL", "href": "https://www.tenable.com/plugins/nessus/170152", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2023-018-04. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170152);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-018-04)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to mozilla-firefox.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of mozilla-firefox installed on the remote host is prior to 102.7.0esr / 109.0. It is, therefore, affected\nby multiple vulnerabilities as referenced in the SSA:2023-018-04 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected mozilla-firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mozilla-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '102.7.0esr', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i686' },\n { 'fixed_version' : '102.7.0esr', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '109.0', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '109.0', 'product' : 'mozilla-firefox', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:14", "description": "The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2023:0456-1 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Calls to console.log allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-28T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2023:0456)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo"], "id": "SL_20230127_THUNDERBIRD_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/170754", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170754);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n script_xref(name:\"RHSA\", value:\"RHSA-2023:0456\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2023:0456)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SLSA-2023:0456-1 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Calls to console.log allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20230456-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Scientific Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nvar os_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-102.7.1-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-debuginfo-102.7.1-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird / thunderbird-debuginfo');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:32", "description": "The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2023:0296-1 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Calls to console.log allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2023:0296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:firefox", "p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo"], "id": "SL_20230123_FIREFOX_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/170452", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170452);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n script_xref(name:\"RHSA\", value:\"RHSA-2023:0296\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2023:0296)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SLSA-2023:0296-1 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Calls to console.log allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20230296-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox and / or firefox-debuginfo packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Scientific Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nvar os_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-102.7.0-1.el7_9', 'cpu':'i686', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debuginfo-102.7.0-1.el7_9', 'cpu':'i686', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-debuginfo-102.7.0-1.el7_9', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-debuginfo');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:33", "description": "The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:0456 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-30T00:00:00", "type": "nessus", "title": "CentOS 7 : thunderbird (CESA-2023:0456)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2023-0456.NASL", "href": "https://www.tenable.com/plugins/nessus/170858", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0456 and\n# CentOS Errata and Security Advisory 2023:0456 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170858);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n script_xref(name:\"RHSA\", value:\"2023:0456\");\n\n script_name(english:\"CentOS 7 : thunderbird (CESA-2023:0456)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2023:0456 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2023-January/086354.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?59d8a960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-102.7.1-1.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:15", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0288 advisory.\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : firefox (ELSA-2023-0288)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2023-0288.NASL", "href": "https://www.tenable.com/plugins/nessus/170507", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0288.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170507);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Oracle Linux 8 : firefox (ELSA-2023-0288)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2023-0288 advisory.\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0288.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-102.7.0-1.0.1.el8_7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.0.1.el8_7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:39:45", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0456 advisory.\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : thunderbird (ELSA-2023-0456)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2023-0456.NASL", "href": "https://www.tenable.com/plugins/nessus/170636", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0456.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170636);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"Oracle Linux 7 : thunderbird (ELSA-2023-0456)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2023-0456 advisory.\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0456.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-102.7.1-1.0.1.el7_9', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-102.7.1-1.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:39:45", "description": "The version of Thunderbird installed on the remote Windows host is prior to 102.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-03 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-26T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 102.7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_102_7.NASL", "href": "https://www.tenable.com/plugins/nessus/170669", "sourceData": "#%NASL_MIN_LEVEL 80900\n## \n# (C) Tenable, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2023-03.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170669);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"Mozilla Thunderbird < 102.7\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A mail client installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote Windows host is prior to 102.7. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2023-03 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird version 102.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar port = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nvar installs = get_kb_list('SMB/Mozilla/Thunderbird/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Thunderbird');\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'102.7', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:15", "description": "The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:0288 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : firefox (ALSA-2023:0288)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["p-cpe:/a:alma:linux:firefox", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream"], "id": "ALMA_LINUX_ALSA-2023-0288.NASL", "href": "https://www.tenable.com/plugins/nessus/170549", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:0288.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170549);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"ALSA\", value:\"2023:0288\");\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"AlmaLinux 8 : firefox (ALSA-2023:0288)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2023:0288 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2023-0288.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-102.7.0-1.el8_7.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.el8_7.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:55", "description": "The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0476 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-27T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : thunderbird (ELSA-2023-0476)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2023-0476.NASL", "href": "https://www.tenable.com/plugins/nessus/170699", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0476.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170699);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"Oracle Linux 9 : thunderbird (ELSA-2023-0476)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2023-0476 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0476.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-102.7.1-1.0.1.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-102.7.1-1.0.1.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:57", "description": "The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:0296 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-30T00:00:00", "type": "nessus", "title": "CentOS 7 : firefox (CESA-2023:0296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["p-cpe:/a:centos:centos:firefox", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2023-0296.NASL", "href": "https://www.tenable.com/plugins/nessus/170851", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0296 and\n# CentOS Errata and Security Advisory 2023:0296 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170851);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n script_xref(name:\"RHSA\", value:\"2023:0296\");\n\n script_name(english:\"CentOS 7 : firefox (CESA-2023:0296)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2023:0296 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2023-January/086353.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b1edd034\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'firefox-102.7.0-1.el7.centos', 'cpu':'i686', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:41:50", "description": "The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:0285 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : firefox (ALSA-2023:0285)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["p-cpe:/a:alma:linux:firefox", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream"], "id": "ALMA_LINUX_ALSA-2023-0285.NASL", "href": "https://www.tenable.com/plugins/nessus/170566", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:0285.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170566);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"ALSA\", value:\"2023:0285\");\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"AlmaLinux 9 : firefox (ALSA-2023:0285)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2023:0285 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2023-0285.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-102.7.0-1.el9_1.alma', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.el9_1.alma', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:10", "description": "The version of Firefox ESR installed on the remote Windows host is prior to 102.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-02 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-17T00:00:00", "type": "nessus", "title": "Mozilla Firefox ESR < 102.7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MOZILLA_FIREFOX_102_7_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/170102", "sourceData": "#%NASL_MIN_LEVEL 80900\n## \n# (C) Tenable, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2023-02.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170102);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Mozilla Firefox ESR < 102.7\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote Windows host is prior to 102.7. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2023-02 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 102.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar port = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nvar installs = get_kb_list('SMB/Mozilla/Firefox/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'102.7', min:'102.0.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:13", "description": "The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0285 advisory.\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : firefox (ELSA-2023-0285)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:firefox"], "id": "ORACLELINUX_ELSA-2023-0285.NASL", "href": "https://www.tenable.com/plugins/nessus/170510", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0285.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170510);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Oracle Linux 9 : firefox (ELSA-2023-0285)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2023-0285 advisory.\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0285.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'firefox-102.7.0-1.0.1.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.0.1.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:26", "description": "The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-02 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-17T00:00:00", "type": "nessus", "title": "Mozilla Firefox ESR < 102.7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MACOS_FIREFOX_102_7_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/170101", "sourceData": "#%NASL_MIN_LEVEL 80900\n## \n# (C) Tenable, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2023-02.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170101);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Mozilla Firefox ESR < 102.7\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.7. It is, therefore, affected\nby multiple vulnerabilities as referenced in the mfsa2023-02 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 102.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar kb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nvar version = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\nvar path = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nvar is_esr = get_kb_item(kb_base+'/is_esr');\nif (isnull(is_esr)) audit(AUDIT_NOT_INST, 'Mozilla Firefox ESR');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:TRUE, fix:'102.7', min:'102.0.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:39:32", "description": "The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-03 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-26T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird < 102.7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOS_THUNDERBIRD_102_7.NASL", "href": "https://www.tenable.com/plugins/nessus/170670", "sourceData": "#%NASL_MIN_LEVEL 80900\n## \n# (C) Tenable, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2023-03.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170670);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"Mozilla Thunderbird < 102.7\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A mail client installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.7. It is, therefore, affected\nby multiple vulnerabilities as referenced in the mfsa2023-03 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.\n (CVE-2022-46871)\n\n - Due to the Thunderbird GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. (CVE-2022-46877)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.6.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird version 102.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar kb_base = 'MacOSX/Thunderbird';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nvar version = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\nvar path = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nvar is_esr = get_kb_item(kb_base+'/is_esr');\nif (is_esr) exit(0, 'The Mozilla Thunderbird installation is in the ESR branch.');\n\nmozilla_check_version(version:version, path:path, product:'thunderbird', esr:FALSE, fix:'102.7', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:35:00", "description": "The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0286 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 9 : firefox (RHSA-2023:0286)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:9.0", "cpe:/o:redhat:rhel_eus:9.0", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0286.NASL", "href": "https://www.tenable.com/plugins/nessus/170390", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0286. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170390);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"RHSA\", value:\"2023:0286\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"RHEL 9 : firefox (RHSA-2023:0286)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0286 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '9.0')) audit(AUDIT_OS_NOT, 'Red Hat 9.0', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel9/9.0/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.0/aarch64/appstream/os',\n 'content/e4s/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.0/aarch64/baseos/os',\n 'content/e4s/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/appstream/debug',\n 'content/e4s/rhel9/9.0/s390x/appstream/os',\n 'content/e4s/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/baseos/debug',\n 'content/e4s/rhel9/9.0/s390x/baseos/os',\n 'content/e4s/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.0/s390x/highavailability/os',\n 'content/e4s/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/sap/debug',\n 'content/e4s/rhel9/9.0/s390x/sap/os',\n 'content/e4s/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.0/x86_64/appstream/os',\n 'content/e4s/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.0/x86_64/baseos/os',\n 'content/e4s/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/nfv/debug',\n 'content/e4s/rhel9/9.0/x86_64/nfv/os',\n 'content/e4s/rhel9/9.0/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/rt/debug',\n 'content/e4s/rhel9/9.0/x86_64/rt/os',\n 'content/e4s/rhel9/9.0/x86_64/rt/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap/os',\n 'content/e4s/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/appstream/debug',\n 'content/eus/rhel9/9.0/aarch64/appstream/os',\n 'content/eus/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/baseos/debug',\n 'content/eus/rhel9/9.0/aarch64/baseos/os',\n 'content/eus/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.0/aarch64/highavailability/os',\n 'content/eus/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.0/aarch64/supplementary/os',\n 'content/eus/rhel9/9.0/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.0/ppc64le/appstream/os',\n 'content/eus/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.0/ppc64le/baseos/os',\n 'content/eus/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap/os',\n 'content/eus/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/appstream/debug',\n 'content/eus/rhel9/9.0/s390x/appstream/os',\n 'content/eus/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/baseos/debug',\n 'content/eus/rhel9/9.0/s390x/baseos/os',\n 'content/eus/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/highavailability/debug',\n 'content/eus/rhel9/9.0/s390x/highavailability/os',\n 'content/eus/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/sap/debug',\n 'content/eus/rhel9/9.0/s390x/sap/os',\n 'content/eus/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/supplementary/debug',\n 'content/eus/rhel9/9.0/s390x/supplementary/os',\n 'content/eus/rhel9/9.0/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/appstream/debug',\n 'content/eus/rhel9/9.0/x86_64/appstream/os',\n 'content/eus/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/baseos/debug',\n 'content/eus/rhel9/9.0/x86_64/baseos/os',\n 'content/eus/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.0/x86_64/highavailability/os',\n 'content/eus/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap/debug',\n 'content/eus/rhel9/9.0/x86_64/sap/os',\n 'content/eus/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.0/x86_64/supplementary/os',\n 'content/eus/rhel9/9.0/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:35:00", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0296 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : firefox (RHSA-2023:0296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0296.NASL", "href": "https://www.tenable.com/plugins/nessus/170282", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0296. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170282);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"RHSA\", value:\"2023:0296\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"RHEL 7 : firefox (RHSA-2023:0296)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0296 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0296\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el7_9', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:39:32", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0463 advisory.\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-26T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : thunderbird (ELSA-2023-0463)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-02-03T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2023-0463.NASL", "href": "https://www.tenable.com/plugins/nessus/170667", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0463.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170667);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"Oracle Linux 8 : thunderbird (ELSA-2023-0463)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2023-0463 advisory.\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0463.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'thunderbird-102.7.1-1.0.1.el8_7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-102.7.1-1.0.1.el8_7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T02:42:26", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0289 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2023:0289)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0289.NASL", "href": "https://www.tenable.com/plugins/nessus/170402", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0289. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170402);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"RHSA\", value:\"2023:0289\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2023:0289)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0289 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.6')) audit(AUDIT_OS_NOT, 'Red Hat 8.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:35:01", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0457 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "RHEL 8 : thunderbird (RHSA-2023:0457)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:thunderbird"], "id": "REDHAT-RHSA-2023-0457.NASL", "href": "https://www.tenable.com/plugins/nessus/170635", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0457. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170635);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0457\");\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2023:0457)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0457 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'thunderbird-102.7.1-1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'thunderbird-102.7.1-1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:34:59", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0290 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 8 : firefox (RHSA-2023:0290)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:firefox"], "id": "REDHAT-RHSA-2023-0290.NASL", "href": "https://www.tenable.com/plugins/nessus/170411", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0290. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170411);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0517-S\");\n script_xref(name:\"RHSA\", value:\"2023:0290\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"RHEL 8 : firefox (RHSA-2023:0290)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0290 advisory.\n\n - Mozilla: libusrsctp library out of date (CVE-2022-46871)\n\n - Mozilla: Fullscreen notification bypass (CVE-2022-46877)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2162344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(77, 120, 185, 357, 450, 829, 1104, 1385);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'firefox-102.7.0-1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'firefox-102.7.0-1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:10", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5816-1 advisory.\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5816-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-23597", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23604", "CVE-2023-23605", "CVE-2023-23606"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:firefox", "p-cpe:/a:canonical:ubuntu_linux:firefox-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant", "p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu", "p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols"], "id": "UBUNTU_USN-5816-1.NASL", "href": "https://www.tenable.com/plugins/nessus/170280", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5816-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170280);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2023-23597\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23604\",\n \"CVE-2023-23605\",\n \"CVE-2023-23606\"\n );\n script_xref(name:\"USN\", value:\"5816-1\");\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5816-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5816-1 advisory.\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child\n process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this\n new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document\n via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some\n of these bugs showed evidence of memory corruption and we presume that with enough effort some of these\n could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5816-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-23603\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2023-23605\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-geckodriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'firefox', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-dev', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-af', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-an', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-as', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-az', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-be', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-br', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-da', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-de', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-el', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-en', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-es', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-et', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-he', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-id', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-is', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-it', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-km', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-my', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-or', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-si', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-te', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-th', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '109.0+build2-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-dev', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-geckodriver', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-af', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-an', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-as', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-az', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-be', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-br', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cak', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-da', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-de', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-el', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-en', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-es', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-et', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gn', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-he', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ia', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-id', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-is', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-it', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kab', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-km', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-my', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ne', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-or', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-si', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-szl', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-te', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-th', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-ur', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '109.0+build2-0ubuntu0.20.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-dev / firefox-geckodriver / firefox-locale-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:42", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0329-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. (CVE-2023-0430)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-02-14T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2023:0329-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-0430", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-03-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mozillathunderbird", "p-cpe:/a:novell:suse_linux:mozillathunderbird-translations-common", "p-cpe:/a:novell:suse_linux:mozillathunderbird-translations-other", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2023-0329-1.NASL", "href": "https://www.tenable.com/plugins/nessus/171427", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2023:0329-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171427);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/07\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-0430\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2023:0329-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2023:0329-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2023:0329-1 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a\n revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to\n 102.7.0 were affected by this bug. (CVE-2023-0430)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1207119\");\n # https://lists.suse.com/pipermail/sle-security-updates/2023-February/013713.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?85cde1d6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-0430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2023-23605\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected MozillaThunderbird, MozillaThunderbird-translations-common and / or MozillaThunderbird-translations-\nother packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'MozillaThunderbird-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'s390x', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'s390x', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'s390x', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-packagehub-subpackages-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-102.7.1-150200.8.102.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'sle-we-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'MozillaThunderbird-102.7.1-150200.8.102.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'MozillaThunderbird-translations-common-102.7.1-150200.8.102.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'MozillaThunderbird-translations-other-102.7.1-150200.8.102.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':['openSUSE-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'MozillaThunderbird / MozillaThunderbird-translations-common / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:26", "description": "The version of Firefox installed on the remote macOS or Mac OS X host is prior to 109.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-01 advisory.\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other operating systems are unaffected. (CVE-2023-23600)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-17T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 109.0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-23597", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23600", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23604", "CVE-2023-23605", "CVE-2023-23606"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOS_FIREFOX_109_0.NASL", "href": "https://www.tenable.com/plugins/nessus/170100", "sourceData": "#%NASL_MIN_LEVEL 80900\n## \n# (C) Tenable, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2023-01.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170100);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2023-23597\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23600\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23604\",\n \"CVE-2023-23605\",\n \"CVE-2023-23606\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Mozilla Firefox < 109.0\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote macOS or Mac OS X host is prior to 109.0. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the mfsa2023-01 advisory.\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child\n process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this\n new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Per origin notification permissions were being stored in a way that didn't take into account what browsing\n context the permission was granted in. This lead to the possibility of notifications to be displayed\n during different browsing sessions. This bug only affects Firefox for Android. Other operating systems are\n unaffected. (CVE-2023-23600)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document\n via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some\n of these bugs showed evidence of memory corruption and we presume that with enough effort some of these\n could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 109.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-23606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar kb_base = 'MacOSX/Firefox';\nget_kb_item_or_exit(kb_base+'/Installed');\n\nvar version = get_kb_item_or_exit(kb_base+'/Version', exit_code:1);\nvar path = get_kb_item_or_exit(kb_base+'/Path', exit_code:1);\n\nvar is_esr = get_kb_item(kb_base+'/is_esr');\nif (is_esr) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(version:version, path:path, product:'firefox', esr:FALSE, fix:'109.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:49", "description": "The version of Firefox installed on the remote Windows host is prior to 109.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-01 advisory.\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other operating systems are unaffected. (CVE-2023-23600)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-17T00:00:00", "type": "nessus", "title": "Mozilla Firefox < 109.0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2023-23597", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23600", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23604", "CVE-2023-23605", "CVE-2023-23606"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_109_0.NASL", "href": "https://www.tenable.com/plugins/nessus/170099", "sourceData": "#%NASL_MIN_LEVEL 80900\n## \n# (C) Tenable, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2023-01.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170099);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2023-23597\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23600\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23604\",\n \"CVE-2023-23605\",\n \"CVE-2023-23606\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0048-S\");\n\n script_name(english:\"Mozilla Firefox < 109.0\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox installed on the remote Windows host is prior to 109.0. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2023-01 advisory.\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child\n process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this\n new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain\n MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to\n <code>DataTransfer.setData</code>. (CVE-2023-23598)\n\n - When copying a network request from the developer tools panel as a curl command the output was not being\n properly sanitized and could allow arbitrary commands to be hidden within. (CVE-2023-23599)\n\n - Per origin notification permissions were being stored in a way that didn't take into account what browsing\n context the permission was granted in. This lead to the possibility of notifications to be displayed\n during different browsing sessions. This bug only affects Firefox for Android. Other operating systems are\n unaffected. (CVE-2023-23600)\n\n - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which\n could lead to website spoofing attacks (CVE-2023-23601)\n\n - A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy\n connect-src header to be ignored. This could lead to connections to restricted origins from inside\n WebWorkers. (CVE-2023-23602)\n\n - Regular expressions used to filter out forbidden properties and values from style directives in calls to\n <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated\n from the browser. (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document\n via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and\n Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough\n effort some of these could have been exploited to run arbitrary code. (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some\n of these bugs showed evidence of memory corruption and we presume that with enough effort some of these\n could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox version 109.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2023-23606\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nvar port = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nvar installs = get_kb_list('SMB/Mozilla/Firefox/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'109.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:47:25", "description": "The remote host is affected by the vulnerability described in GLSA-202305-13 (Mozilla Thunderbird: Multiple Vulnerabilities)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46872)\n\n - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6. (CVE-2022-46874)\n\n - The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46875)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46878)\n\n - A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. (CVE-2022-46880)\n\n - An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46881)\n\n - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46882)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-03T00:00:00", "type": "nessus", "title": "GLSA-202305-13 : Mozilla Thunderbird: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46872", "CVE-2022-46874", "CVE-2022-46875", "CVE-2022-46877", "CVE-2022-46878", "CVE-2022-46880", "CVE-2022-46881", "CVE-2022-46882", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605"], "modified": "2023-05-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:thunderbird", "p-cpe:/a:gentoo:linux:thunderbird-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202305-13.NASL", "href": "https://www.tenable.com/plugins/nessus/175051", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202305-13.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175051);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46872\",\n \"CVE-2022-46874\",\n \"CVE-2022-46875\",\n \"CVE-2022-46877\",\n \"CVE-2022-46878\",\n \"CVE-2022-46880\",\n \"CVE-2022-46881\",\n \"CVE-2022-46882\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\"\n );\n\n script_name(english:\"GLSA-202305-13 : Mozilla Thunderbird: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202305-13 (Mozilla Thunderbird: Multiple\nVulnerabilities)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary\n files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating\n systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird <\n 102.6. (CVE-2022-46872)\n\n - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a\n malicious extension in its place. This could potentially led to user confusion and the execution of\n malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6,\n but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird\n 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox\n ESR < 102.6. (CVE-2022-46874)\n\n - The executable file warning was not presented when downloading .atloc and .ftploc files, which can run\n commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other\n operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and\n Thunderbird < 102.6. (CVE-2022-46875)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory\n safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we\n presume that with enough effort some of these could have been exploited to run arbitrary code. This\n vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46878)\n\n - A missing check related to tex units could have led to a use-after-free and potentially exploitable\n crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact\n of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects\n Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. (CVE-2022-46880)\n\n - An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a\n potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and\n Thunderbird < 102.6. (CVE-2022-46881)\n\n - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability\n affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46882)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202305-13\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=885815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=891217\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Mozilla Thunderbird binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=mail-client/thunderbird-bin-102.7.0\n \nAll Mozilla Thunderbird users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=mail-client/thunderbird-102.7.0\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46882\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:thunderbird-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude('qpkg.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/Gentoo/release')) audit(AUDIT_OS_NOT, 'Gentoo');\nif (!get_kb_item('Host/Gentoo/qpkg-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : 'mail-client/thunderbird',\n 'unaffected' : make_list(\"ge 102.7.0\"),\n 'vulnerable' : make_list(\"lt 102.7.0\")\n },\n {\n 'name' : 'mail-client/thunderbird-bin',\n 'unaffected' : make_list(\"ge 102.7.0\"),\n 'vulnerable' : make_list(\"lt 102.7.0\")\n }\n];\n\nforeach var package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Mozilla Thunderbird');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:47:08", "description": "The remote host is affected by the vulnerability described in GLSA-202305-06 (Mozilla Firefox: Multiple Vulnerabilities)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46872)\n\n - Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox < 108. (CVE-2022-46873)\n\n - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6. (CVE-2022-46874)\n\n - The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46875)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46878)\n\n - Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108. (CVE-2022-46879)\n\n - A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. (CVE-2022-46880)\n\n - An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46881)\n\n - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46882)\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other operating systems are unaffected. (CVE-2023-23600)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-03T00:00:00", "type": "nessus", "title": "GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46872", "CVE-2022-46873", "CVE-2022-46874", "CVE-2022-46875", "CVE-2022-46877", "CVE-2022-46878", "CVE-2022-46879", "CVE-2022-46880", "CVE-2022-46881", "CVE-2022-46882", "CVE-2023-23597", "CVE-2023-23598", "CVE-2023-23599", "CVE-2023-23600", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23604", "CVE-2023-23605", "CVE-2023-23606"], "modified": "2023-05-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:firefox", "p-cpe:/a:gentoo:linux:firefox-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202305-06.NASL", "href": "https://www.tenable.com/plugins/nessus/175044", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202305-06.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175044);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/03\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46872\",\n \"CVE-2022-46873\",\n \"CVE-2022-46874\",\n \"CVE-2022-46875\",\n \"CVE-2022-46877\",\n \"CVE-2022-46878\",\n \"CVE-2022-46879\",\n \"CVE-2022-46880\",\n \"CVE-2022-46881\",\n \"CVE-2022-46882\",\n \"CVE-2023-23597\",\n \"CVE-2023-23598\",\n \"CVE-2023-23599\",\n \"CVE-2023-23600\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23604\",\n \"CVE-2023-23605\",\n \"CVE-2023-23606\"\n );\n\n script_name(english:\"GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202305-06 (Mozilla Firefox: Multiple Vulnerabilities)\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary\n files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating\n systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird <\n 102.6. (CVE-2022-46872)\n\n - Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able\n to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject\n executable script. This would be severely constrained by the specified Content Security Policy of the\n document. This vulnerability affects Firefox < 108. (CVE-2022-46873)\n\n - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a\n malicious extension in its place. This could potentially led to user confusion and the execution of\n malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6,\n but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird\n 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox\n ESR < 102.6. (CVE-2022-46874)\n\n - The executable file warning was not presented when downloading .atloc and .ftploc files, which can run\n commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other\n operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and\n Thunderbird < 102.6. (CVE-2022-46875)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory\n safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we\n presume that with enough effort some of these could have been exploited to run arbitrary code. This\n vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46878)\n\n - Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla\n Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of\n memory corruption and we presume that with enough effort some of these could have been exploited to run\n arbitrary code. This vulnerability affects Firefox < 108. (CVE-2022-46879)\n\n - A missing check related to tex units could have led to a use-after-free and potentially exploitable\n crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact\n of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects\n Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6. (CVE-2022-46880)\n\n - An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a\n potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and\n Thunderbird < 102.6. (CVE-2022-46881)\n\n - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability\n affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6. (CVE-2022-46882)\n\n - A compromised web child process could disable web security opening restrictions, leading to a new child\n process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this\n new process could be exploited again leading to arbitrary file read. (CVE-2023-23597)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599)\n\n - Per origin notification permissions were being stored in a way that didn't take into account what browsing\n context the permission was granted in. This lead to the possibility of notifications to be displayed\n during different browsing sessions. This bug only affects Firefox for Android. Other operating systems are\n unaffected. (CVE-2023-23600)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document\n via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks.\n (CVE-2023-23604)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some\n of these bugs showed evidence of memory corruption and we presume that with enough effort some of these\n could have been exploited to run arbitrary code. (CVE-2023-23606)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202305-06\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=885813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=891213\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Mozilla Firefox ESR binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/firefox-bin-102.7.0:esr\n \nAll Mozilla Firefox ESR users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/firefox-102.7.0:esr\n \nAll Mozilla Firefox binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/firefox-bin-109.0:rapid\n \nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/firefox-109.0:rapid\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46882\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:firefox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude('qpkg.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/Gentoo/release')) audit(AUDIT_OS_NOT, 'Gentoo');\nif (!get_kb_item('Host/Gentoo/qpkg-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : 'www-client/firefox',\n 'unaffected' : make_list(\"ge 102.7.0\", \"lt 102.0.0\"),\n 'vulnerable' : make_list(\"lt 102.7.0\")\n },\n {\n 'name' : 'www-client/firefox',\n 'unaffected' : make_list(\"ge 109.0\", \"lt 103.0.0\"),\n 'vulnerable' : make_list(\"lt 109.0\")\n },\n {\n 'name' : 'www-client/firefox-bin',\n 'unaffected' : make_list(\"ge 102.7.0\", \"lt 102.0.0\"),\n 'vulnerable' : make_list(\"lt 102.7.0\")\n },\n {\n 'name' : 'www-client/firefox-bin',\n 'unaffected' : make_list(\"ge 109.0\", \"lt 103.0.0\"),\n 'vulnerable' : make_list(\"lt 109.0\")\n }\n];\n\nforeach var package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n# This plugin has a different number of unaffected and vulnerable versions for\n# one or more packages. To ensure proper detection, a separate line should be \n# used for each fixed/vulnerable version pair.\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Mozilla Firefox');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:43:51", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3324 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. (CVE-2023-0430)\n\n - If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. (CVE-2023-0616)\n\n - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. (CVE-2023-0767)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Content security policy leak in violation reports using iframes (CVE-2023-25728)\n\n - Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. (CVE-2023-25729)\n\n - A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks.\n (CVE-2023-25730)\n\n - When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write.\n (CVE-2023-25732)\n\n - Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy.\n (CVE-2023-25735)\n\n - An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. (CVE-2023-25737)\n\n - Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. (CVE-2023-25739)\n\n - When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. (CVE-2023-25742)\n\n - Mozilla developers Kershaw Chang and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-25744)\n\n - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.7.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-25746)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-02-20T00:00:00", "type": "nessus", "title": "Debian DLA-3324-1 : thunderbird - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-46871", "CVE-2022-46877", "CVE-2023-0430", "CVE-2023-0616", "CVE-2023-0767", "CVE-2023-23598", "CVE-2023-23601", "CVE-2023-23602", "CVE-2023-23603", "CVE-2023-23605", "CVE-2023-25728", "CVE-2023-25729", "CVE-2023-25730", "CVE-2023-25732", "CVE-2023-25735", "CVE-2023-25737", "CVE-2023-25739", "CVE-2023-25742", "CVE-2023-25744", "CVE-2023-25746"], "modified": "2023-03-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:calendar-google-provider", "p-cpe:/a:debian:debian_linux:thunderbird", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-af", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-all", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-de", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-mx", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-et", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-he", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-id", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-is", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-it", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-th", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3324.NASL", "href": "https://www.tenable.com/plugins/nessus/171642", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3324. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171642);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/17\");\n\n script_cve_id(\n \"CVE-2022-46871\",\n \"CVE-2022-46877\",\n \"CVE-2023-0430\",\n \"CVE-2023-0616\",\n \"CVE-2023-0767\",\n \"CVE-2023-23598\",\n \"CVE-2023-23601\",\n \"CVE-2023-23602\",\n \"CVE-2023-23603\",\n \"CVE-2023-23605\",\n \"CVE-2023-25728\",\n \"CVE-2023-25729\",\n \"CVE-2023-25730\",\n \"CVE-2023-25732\",\n \"CVE-2023-25735\",\n \"CVE-2023-25737\",\n \"CVE-2023-25739\",\n \"CVE-2023-25742\",\n \"CVE-2023-25744\",\n \"CVE-2023-25746\"\n );\n script_xref(name:\"IAVA\", value:\"2023-A-0056-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0063-S\");\n script_xref(name:\"IAVA\", value:\"2023-A-0106-S\");\n\n script_name(english:\"Debian DLA-3324-1 : thunderbird - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3324 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This\n vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in\n potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a\n revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to\n 102.7.0 were affected by this bug. (CVE-2023-0430)\n\n - If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to\n process and display the message, which could cause Thunderbird's user interface to lock up and no longer\n respond to the user's actions. An attacker could send a crafted message with this structure to attempt a\n DoS attack. (CVE-2023-0616)\n\n - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory\n writes via PKCS 12 Safe Bag attributes being mishandled. (CVE-2023-0767)\n\n - Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598)\n\n - Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601)\n\n - Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers\n (CVE-2023-23602)\n\n - Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive\n (CVE-2023-23603)\n\n - Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605)\n\n - Mozilla: Content security policy leak in violation reports using iframes (CVE-2023-25728)\n\n - Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code>\n resulting in extensions being able to open them without user interaction via\n <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or\n interacting with software already installed on the system. (CVE-2023-25729)\n\n - A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force\n the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks.\n (CVE-2023-25730)\n\n - When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being\n encoded was not correctly calculated potentially leading to an out of bounds memory write.\n (CVE-2023-25732)\n\n - Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to\n be stored in the main compartment resulting in a use-after-free after unwrapping the proxy.\n (CVE-2023-25735)\n\n - An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined\n behavior. (CVE-2023-25737)\n\n - Module load requests that failed were not being checked as to whether or not they were cancelled causing a\n use-after-free in <code>ScriptLoadContext</code>. (CVE-2023-25739)\n\n - When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab\n to crash. (CVE-2023-25742)\n\n - Mozilla developers Kershaw Chang and the Mozilla Fuzzing Team reported memory safety bugs present in\n Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume\n that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2023-25744)\n\n - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.7.\n Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of\n these could have been exploited to run arbitrary code. (CVE-2023-25746)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/thunderbird\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2023/dla-3324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-46871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-46877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-0430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-0616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-0767\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-23605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25730\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25742\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2023-25746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/thunderbird\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the thunderbird packages.\n\nFor Debian 10 buster, these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-46871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:calendar-google-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-mx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'calendar-google-provider', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-af', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-all', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ar', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ast', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-be', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-bg', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-br', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ca', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cak', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cs', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-cy', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-da', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-de', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-dsb', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-el', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-en-ca', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-en-gb', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-es-ar', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-es-es', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-es-mx', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-et', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-eu', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fi', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fr', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-fy-nl', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ga-ie', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-gd', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-gl', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-he', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hr', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hsb', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hu', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-hy-am', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-id', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-is', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-it', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ja', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ka', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-kab', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-kk', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ko', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-lt', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-lv', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ms', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nb-no', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nl', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-nn-no', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pa-in', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pl', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pt-br', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-pt-pt', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-rm', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ro', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-ru', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sk', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sl', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sq', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sr', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-sv-se', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-th', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-tr', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-uk', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-uz', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-vi', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-zh-cn', 'reference': '1:102.8.0-1~deb10u1'},\n {'release': '10.0', 'prefix': 'thunderbird-l10n-zh-tw', 'reference': '1:102.8.0-1~deb10u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'calendar-google-provider / thunderbird / thunderbird-l10n-af / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:44:28", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5355 advisory.\n\n - An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108. (CVE-2022-46871)\n\n - By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108. (CVE-2022-46877)\n\n - Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. (CVE-2023-0430)\n\n - If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. (CVE-2023-0616)\n\n - An attacker could construct a PKCS 12 cert bundle in such a way that coul