Vulnerabilities > CVE-2016-1943 - Code vulnerability in multiple products

047910
CVSS 4.7 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
opensuse
mozilla
google
CWE-17
nessus

Summary

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.

Vulnerable Configurations

Part Description Count
OS
Opensuse
3
OS
Google
1
Application
Mozilla
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-128.NASL
    descriptionThis update to MozillaFirefox fixes several security issues and bugs. Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21 Mozilla NSPR was updated to 4.11. The following vulnerabilities were fixed : - CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety hazards (boo#963633) - CVE-2016-1933: Out of Memory crash when parsing GIF format images (boo#963634) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (boo#963635) - CVE-2015-7208/CVE-2016-1939: Firefox allows for control characters to be set in cookie names (boo#963637) - CVE-2016-1937: Missing delay following user click events in protocol handler dialog (boo#963641) - CVE-2016-1938: Errors in mp_div and mp_exptmod cryptographic functions in NSS (boo#963731) - CVE-2016-1942/CVE-2016-1943: Addressbar spoofing attacks (boo#963643) - CVE-2016-1944/CVE-2016-1945/CVE-2016-1946: Unsafe memory manipulation found through code inspection (boo#963644) - CVE-2016-1947: Application Reputation service disabled in Firefox 43 (boo#963645) The following change from Mozilla Firefox 43.0.4 is included : - Re-enable SHA-1 certificates to prevent outdated man-in-the-middle security devices from interfering with properly secured SSL/TLS connections
    last seen2020-06-05
    modified2016-02-03
    plugin id88549
    published2016-02-03
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/88549
    titleopenSUSE Security Update : the MozillaFirefox / mozilla-nss and mozilla-nspr (openSUSE-2016-128)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-128.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88549);
      script_version("2.8");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-7208", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1938", "CVE-2016-1939", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947");
    
      script_name(english:"openSUSE Security Update : the MozillaFirefox / mozilla-nss and mozilla-nspr (openSUSE-2016-128)");
      script_summary(english:"Check for the openSUSE-2016-128 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update to MozillaFirefox fixes several security issues and bugs.
    
    Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21
    Mozilla NSPR was updated to 4.11.
    
    The following vulnerabilities were fixed :
    
      - CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety
        hazards (boo#963633)
    
      - CVE-2016-1933: Out of Memory crash when parsing GIF
        format images (boo#963634)
    
      - CVE-2016-1935: Buffer overflow in WebGL after out of
        memory allocation (boo#963635)
    
      - CVE-2015-7208/CVE-2016-1939: Firefox allows for control
        characters to be set in cookie names (boo#963637)
    
      - CVE-2016-1937: Missing delay following user click events
        in protocol handler dialog (boo#963641)
    
      - CVE-2016-1938: Errors in mp_div and mp_exptmod
        cryptographic functions in NSS (boo#963731)
    
      - CVE-2016-1942/CVE-2016-1943: Addressbar spoofing attacks
        (boo#963643)
    
      - CVE-2016-1944/CVE-2016-1945/CVE-2016-1946: Unsafe memory
        manipulation found through code inspection (boo#963644)
    
      - CVE-2016-1947: Application Reputation service disabled
        in Firefox 43 (boo#963645)
    
    The following change from Mozilla Firefox 43.0.4 is included :
    
      - Re-enable SHA-1 certificates to prevent outdated
        man-in-the-middle security devices from interfering with
        properly secured SSL/TLS connections"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963633"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963634"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963635"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963637"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963641"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963643"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963644"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963645"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963731"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected the MozillaFirefox / mozilla-nss and mozilla-nspr packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/03");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.2|SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2 / 42.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-branding-upstream-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-buildsymbols-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-debuginfo-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-debugsource-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-devel-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-translations-common-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-translations-other-44.0-59.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libfreebl3-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libfreebl3-debuginfo-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsoftokn3-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libsoftokn3-debuginfo-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-4.11-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-debuginfo-4.11-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-debugsource-4.11-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-devel-4.11-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-certs-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-certs-debuginfo-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-debuginfo-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-debugsource-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-devel-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-sysinit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-sysinit-debuginfo-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-tools-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-tools-debuginfo-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libfreebl3-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsoftokn3-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.11-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.11-12.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.21-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-branding-upstream-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-buildsymbols-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-devel-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-translations-common-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-translations-other-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-debuginfo-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-debuginfo-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-4.11-7.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-debuginfo-4.11-7.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-debugsource-4.11-7.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-devel-4.11-7.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-debuginfo-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debuginfo-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debugsource-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-devel-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-debuginfo-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-debuginfo-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"MozillaFirefox-debugsource-44.0-12.2") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.11-7.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.11-7.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.21-9.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.21-9.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_4F00DAC01E18448195AF7AAAD63FD303.NASL
    descriptionMozilla Foundation reports : MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6) MFSA 2016-02 Out of Memory crash when parsing GIF format images MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation MFSA 2016-04 Firefox allows for control characters to be set in cookie names MFSA 2016-06 Missing delay following user click events in protocol handler dialog MFSA 2016-09 Addressbar spoofing attacks MFSA 2016-10 Unsafe memory manipulation found through code inspection MFSA 2016-11 Application Reputation service disabled in Firefox 43
    last seen2020-06-01
    modified2020-06-02
    plugin id88512
    published2016-02-02
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88512
    titleFreeBSD : mozilla -- multiple vulnerabilities (4f00dac0-1e18-4481-95af-7aaad63fd303)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88512);
      script_version("2.13");
      script_cvs_date("Date: 2018/11/21 10:46:31");
    
      script_cve_id("CVE-2015-7208", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1939", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947");
    
      script_name(english:"FreeBSD : mozilla -- multiple vulnerabilities (4f00dac0-1e18-4481-95af-7aaad63fd303)");
      script_summary(english:"Checks for updated packages in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote FreeBSD host is missing one or more security-related
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Foundation reports :
    
    MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
    
    MFSA 2016-02 Out of Memory crash when parsing GIF format images
    
    MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation
    
    MFSA 2016-04 Firefox allows for control characters to be set in cookie
    names
    
    MFSA 2016-06 Missing delay following user click events in protocol
    handler dialog
    
    MFSA 2016-09 Addressbar spoofing attacks
    
    MFSA 2016-10 Unsafe memory manipulation found through code inspection
    
    MFSA 2016-11 Application Reputation service disabled in Firefox 43"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-01/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-02/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-02/"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-03/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-03/"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-04/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-04/"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-06/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-06/"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-09/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-09/"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-10/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/"
      );
      # https://www.mozilla.org/security/advisories/mfsa2016-11/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-11/"
      );
      # https://vuxml.freebsd.org/freebsd/4f00dac0-1e18-4481-95af-7aaad63fd303.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?93ab233f"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:firefox-esr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:libxul");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:linux-firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:linux-seamonkey");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:linux-thunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:seamonkey");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:thunderbird");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/01/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"firefox<44.0,1")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"linux-firefox<44.0,1")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"seamonkey<2.41")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"linux-seamonkey<2.41")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"firefox-esr<38.6.0,1")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"libxul<38.6.0")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"thunderbird<38.6.0")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"linux-thunderbird<38.6.0")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-131.NASL
    descriptionThis update fixes the following security related issues by updating packages to a more recent version : Update of NSPR to 4.11 Update of NSS to 3.21 Update of Firefox to 44.0 - MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 Miscellaneous memory safety hazards - MFSA 2016-02/CVE-2016-1933 (bmo#1231761) Out of Memory crash when parsing GIF format images - MFSA 2016-03/CVE-2016-1935 (bmo#1220450) Buffer overflow in WebGL after out of memory allocation - MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784) Firefox allows for control characters to be set in cookie names - MFSA 2016-06/CVE-2016-1937 (bmo#724353) Missing delay following user click events in protocol handler dialog - MFSA 2016-07/CVE-2016-1938 (bmo#1190248) Errors in mp_div and mp_exptmod cryptographic functions in NSS (fixed by requiring NSS 3.21) - MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590) Addressbar spoofing attacks - MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946 (bmo#1186621, bmo#1214782, bmo#1232096) Unsafe memory manipulation found through code inspection - MFSA 2016-11/CVE-2016-1947 (bmo#1237103) Application Reputation service disabled in Firefox 43
    last seen2020-06-05
    modified2016-02-03
    plugin id88552
    published2016-02-03
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/88552
    titleopenSUSE Security Update : Mozilla Firefox (openSUSE-2016-131)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-131.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88552);
      script_version("2.8");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-7208", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1938", "CVE-2016-1939", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947");
    
      script_name(english:"openSUSE Security Update : Mozilla Firefox (openSUSE-2016-131)");
      script_summary(english:"Check for the openSUSE-2016-131 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update fixes the following security related issues by updating
    packages to a more recent version :
    
    Update of NSPR to 4.11 Update of NSS to 3.21 Update of Firefox to 44.0
    
      - MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 Miscellaneous
        memory safety hazards
    
      - MFSA 2016-02/CVE-2016-1933 (bmo#1231761) Out of Memory
        crash when parsing GIF format images
    
      - MFSA 2016-03/CVE-2016-1935 (bmo#1220450) Buffer overflow
        in WebGL after out of memory allocation
    
      - MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423,
        bmo#1233784) Firefox allows for control characters to be
        set in cookie names
    
      - MFSA 2016-06/CVE-2016-1937 (bmo#724353) Missing delay
        following user click events in protocol handler dialog
    
      - MFSA 2016-07/CVE-2016-1938 (bmo#1190248) Errors in
        mp_div and mp_exptmod cryptographic functions in NSS
        (fixed by requiring NSS 3.21)
    
      - MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082,
        bmo#1228590) Addressbar spoofing attacks
    
      - MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946
        (bmo#1186621, bmo#1214782, bmo#1232096) Unsafe memory
        manipulation found through code inspection
    
      - MFSA 2016-11/CVE-2016-1947 (bmo#1237103) Application
        Reputation service disabled in Firefox 43"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected Mozilla Firefox packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/03");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-branding-upstream-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-buildsymbols-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-debuginfo-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-debugsource-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-devel-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-translations-common-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-translations-other-44.0-103.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libfreebl3-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libfreebl3-debuginfo-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsoftokn3-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"libsoftokn3-debuginfo-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-4.11-28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-debuginfo-4.11-28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-debugsource-4.11-28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-devel-4.11-28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-certs-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-certs-debuginfo-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-debuginfo-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-debugsource-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-devel-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-sysinit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-sysinit-debuginfo-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-tools-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-tools-debuginfo-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libfreebl3-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.11-28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.11-28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.21-68.1") ) flag++;
    if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.21-68.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc");
    }
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201605-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201605-06 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and Thunderbird. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impacts. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id91379
    published2016-05-31
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91379
    titleGLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201605-06.
    #
    # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(91379);
      script_version("2.6");
      script_cvs_date("Date: 2019/08/12 17:35:38");
    
      script_cve_id("CVE-2015-2708", "CVE-2015-2709", "CVE-2015-2710", "CVE-2015-2711", "CVE-2015-2712", "CVE-2015-2713", "CVE-2015-2714", "CVE-2015-2715", "CVE-2015-2716", "CVE-2015-2717", "CVE-2015-2718", "CVE-2015-2721", "CVE-2015-4000", "CVE-2015-4473", "CVE-2015-4474", "CVE-2015-4475", "CVE-2015-4477", "CVE-2015-4478", "CVE-2015-4479", "CVE-2015-4480", "CVE-2015-4481", "CVE-2015-4482", "CVE-2015-4483", "CVE-2015-4484", "CVE-2015-4485", "CVE-2015-4486", "CVE-2015-4487", "CVE-2015-4488", "CVE-2015-4489", "CVE-2015-4490", "CVE-2015-4491", "CVE-2015-4492", "CVE-2015-4493", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7575", "CVE-2016-1523", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1938", "CVE-2016-1939", "CVE-2016-1940", "CVE-2016-1941", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947", "CVE-2016-1948", "CVE-2016-1949", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1969", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802");
      script_xref(name:"GLSA", value:"201605-06");
    
      script_name(english:"GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201605-06
    (Mozilla Products: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and
          Thunderbird. Please review the CVE identifiers referenced below for
          details.
      
    Impact :
    
        A remote attacker could entice a user to view a specially crafted web
          page or email, possibly resulting in execution of arbitrary code or a
          Denial of Service condition. Furthermore, a remote attacker may be able
          to perform Man-in-the-Middle attacks, obtain sensitive information, spoof
          the address bar, conduct clickjacking attacks, bypass security
          restrictions and protection mechanisms, or have other unspecified
          impacts.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201605-06"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All NSS users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=dev-libs/nss-3.22.2'
        All Thunderbird users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=mail-client/thunderbird-38.7.0'
        All users of the Thunderbird binary package should upgrade to the latest
          version:
          # emerge --sync
          # emerge --ask --oneshot --verbose
          '>=mail-client/thunderbird-bin-38.7.0'
        All Firefox 38.7.x users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=www-client/firefox-38.7.0'
        All users of the Firefox 38.7.x binary package should upgrade to the
          latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=www-client/firefox-bin-38.7.0'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:firefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:firefox-bin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:thunderbird");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:thunderbird-bin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/14");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/05/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/31");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"dev-libs/nspr", unaffected:make_list("ge 4.12"), vulnerable:make_list("lt 4.12"))) flag++;
    if (qpkg_check(package:"dev-libs/nss", unaffected:make_list("ge 3.22.2"), vulnerable:make_list("lt 3.22.2"))) flag++;
    if (qpkg_check(package:"www-client/firefox-bin", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++;
    if (qpkg_check(package:"www-client/firefox", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++;
    if (qpkg_check(package:"mail-client/thunderbird-bin", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++;
    if (qpkg_check(package:"mail-client/thunderbird", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Mozilla Products");
    }