Vulnerabilities > CVE-2016-1943 - Code vulnerability in multiple products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 | |
| OS | 1 | |
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-128.NASL description This update to MozillaFirefox fixes several security issues and bugs. Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21 Mozilla NSPR was updated to 4.11. The following vulnerabilities were fixed : - CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety hazards (boo#963633) - CVE-2016-1933: Out of Memory crash when parsing GIF format images (boo#963634) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (boo#963635) - CVE-2015-7208/CVE-2016-1939: Firefox allows for control characters to be set in cookie names (boo#963637) - CVE-2016-1937: Missing delay following user click events in protocol handler dialog (boo#963641) - CVE-2016-1938: Errors in mp_div and mp_exptmod cryptographic functions in NSS (boo#963731) - CVE-2016-1942/CVE-2016-1943: Addressbar spoofing attacks (boo#963643) - CVE-2016-1944/CVE-2016-1945/CVE-2016-1946: Unsafe memory manipulation found through code inspection (boo#963644) - CVE-2016-1947: Application Reputation service disabled in Firefox 43 (boo#963645) The following change from Mozilla Firefox 43.0.4 is included : - Re-enable SHA-1 certificates to prevent outdated man-in-the-middle security devices from interfering with properly secured SSL/TLS connections last seen 2020-06-05 modified 2016-02-03 plugin id 88549 published 2016-02-03 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/88549 title openSUSE Security Update : the MozillaFirefox / mozilla-nss and mozilla-nspr (openSUSE-2016-128) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2016-128. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(88549); script_version("2.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-7208", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1938", "CVE-2016-1939", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947"); script_name(english:"openSUSE Security Update : the MozillaFirefox / mozilla-nss and mozilla-nspr (openSUSE-2016-128)"); script_summary(english:"Check for the openSUSE-2016-128 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update to MozillaFirefox fixes several security issues and bugs. Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21 Mozilla NSPR was updated to 4.11. The following vulnerabilities were fixed : - CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety hazards (boo#963633) - CVE-2016-1933: Out of Memory crash when parsing GIF format images (boo#963634) - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (boo#963635) - CVE-2015-7208/CVE-2016-1939: Firefox allows for control characters to be set in cookie names (boo#963637) - CVE-2016-1937: Missing delay following user click events in protocol handler dialog (boo#963641) - CVE-2016-1938: Errors in mp_div and mp_exptmod cryptographic functions in NSS (boo#963731) - CVE-2016-1942/CVE-2016-1943: Addressbar spoofing attacks (boo#963643) - CVE-2016-1944/CVE-2016-1945/CVE-2016-1946: Unsafe memory manipulation found through code inspection (boo#963644) - CVE-2016-1947: Application Reputation service disabled in Firefox 43 (boo#963645) The following change from Mozilla Firefox 43.0.4 is included : - Re-enable SHA-1 certificates to prevent outdated man-in-the-middle security devices from interfering with properly secured SSL/TLS connections" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963633" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963634" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963635" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963637" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963641" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963643" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963644" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963645" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963731" ); script_set_attribute( attribute:"solution", value:"Update the affected the MozillaFirefox / mozilla-nss and mozilla-nspr packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1"); script_set_attribute(attribute:"patch_publication_date", value:"2016/02/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.2|SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2 / 42.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-branding-upstream-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-buildsymbols-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-debuginfo-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-debugsource-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-devel-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-translations-common-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"MozillaFirefox-translations-other-44.0-59.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libfreebl3-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libfreebl3-debuginfo-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libsoftokn3-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"libsoftokn3-debuginfo-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-4.11-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-debuginfo-4.11-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-debugsource-4.11-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nspr-devel-4.11-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-certs-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-certs-debuginfo-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-debuginfo-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-debugsource-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-devel-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-sysinit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-sysinit-debuginfo-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-tools-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", reference:"mozilla-nss-tools-debuginfo-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libfreebl3-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsoftokn3-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.11-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.11-12.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.21-25.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-branding-upstream-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-buildsymbols-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-devel-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-translations-common-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"MozillaFirefox-translations-other-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-debuginfo-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-debuginfo-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-4.11-7.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-debuginfo-4.11-7.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-debugsource-4.11-7.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nspr-devel-4.11-7.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-debuginfo-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debuginfo-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debugsource-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-devel-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-debuginfo-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-debuginfo-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"MozillaFirefox-debugsource-44.0-12.2") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.11-7.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.11-7.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.21-9.1") ) flag++; if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.21-9.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc"); }NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_4F00DAC01E18448195AF7AAAD63FD303.NASL description Mozilla Foundation reports : MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6) MFSA 2016-02 Out of Memory crash when parsing GIF format images MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation MFSA 2016-04 Firefox allows for control characters to be set in cookie names MFSA 2016-06 Missing delay following user click events in protocol handler dialog MFSA 2016-09 Addressbar spoofing attacks MFSA 2016-10 Unsafe memory manipulation found through code inspection MFSA 2016-11 Application Reputation service disabled in Firefox 43 last seen 2020-06-01 modified 2020-06-02 plugin id 88512 published 2016-02-02 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88512 title FreeBSD : mozilla -- multiple vulnerabilities (4f00dac0-1e18-4481-95af-7aaad63fd303) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2018 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(88512); script_version("2.13"); script_cvs_date("Date: 2018/11/21 10:46:31"); script_cve_id("CVE-2015-7208", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1939", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947"); script_name(english:"FreeBSD : mozilla -- multiple vulnerabilities (4f00dac0-1e18-4481-95af-7aaad63fd303)"); script_summary(english:"Checks for updated packages in pkg_info output"); script_set_attribute( attribute:"synopsis", value: "The remote FreeBSD host is missing one or more security-related updates." ); script_set_attribute( attribute:"description", value: "Mozilla Foundation reports : MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6) MFSA 2016-02 Out of Memory crash when parsing GIF format images MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation MFSA 2016-04 Firefox allows for control characters to be set in cookie names MFSA 2016-06 Missing delay following user click events in protocol handler dialog MFSA 2016-09 Addressbar spoofing attacks MFSA 2016-10 Unsafe memory manipulation found through code inspection MFSA 2016-11 Application Reputation service disabled in Firefox 43" ); # https://www.mozilla.org/security/advisories/mfsa2016-01/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/" ); # https://www.mozilla.org/security/advisories/mfsa2016-02/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-02/" ); # https://www.mozilla.org/security/advisories/mfsa2016-03/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-03/" ); # https://www.mozilla.org/security/advisories/mfsa2016-04/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-04/" ); # https://www.mozilla.org/security/advisories/mfsa2016-06/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-06/" ); # https://www.mozilla.org/security/advisories/mfsa2016-09/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-09/" ); # https://www.mozilla.org/security/advisories/mfsa2016-10/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/" ); # https://www.mozilla.org/security/advisories/mfsa2016-11/ script_set_attribute( attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-11/" ); # https://vuxml.freebsd.org/freebsd/4f00dac0-1e18-4481-95af-7aaad63fd303.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?93ab233f" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:firefox-esr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:libxul"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:linux-firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:linux-seamonkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:linux-thunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:seamonkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:thunderbird"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/01/26"); script_set_attribute(attribute:"patch_publication_date", value:"2016/02/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"firefox<44.0,1")) flag++; if (pkg_test(save_report:TRUE, pkg:"linux-firefox<44.0,1")) flag++; if (pkg_test(save_report:TRUE, pkg:"seamonkey<2.41")) flag++; if (pkg_test(save_report:TRUE, pkg:"linux-seamonkey<2.41")) flag++; if (pkg_test(save_report:TRUE, pkg:"firefox-esr<38.6.0,1")) flag++; if (pkg_test(save_report:TRUE, pkg:"libxul<38.6.0")) flag++; if (pkg_test(save_report:TRUE, pkg:"thunderbird<38.6.0")) flag++; if (pkg_test(save_report:TRUE, pkg:"linux-thunderbird<38.6.0")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-131.NASL description This update fixes the following security related issues by updating packages to a more recent version : Update of NSPR to 4.11 Update of NSS to 3.21 Update of Firefox to 44.0 - MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 Miscellaneous memory safety hazards - MFSA 2016-02/CVE-2016-1933 (bmo#1231761) Out of Memory crash when parsing GIF format images - MFSA 2016-03/CVE-2016-1935 (bmo#1220450) Buffer overflow in WebGL after out of memory allocation - MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784) Firefox allows for control characters to be set in cookie names - MFSA 2016-06/CVE-2016-1937 (bmo#724353) Missing delay following user click events in protocol handler dialog - MFSA 2016-07/CVE-2016-1938 (bmo#1190248) Errors in mp_div and mp_exptmod cryptographic functions in NSS (fixed by requiring NSS 3.21) - MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590) Addressbar spoofing attacks - MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946 (bmo#1186621, bmo#1214782, bmo#1232096) Unsafe memory manipulation found through code inspection - MFSA 2016-11/CVE-2016-1947 (bmo#1237103) Application Reputation service disabled in Firefox 43 last seen 2020-06-05 modified 2016-02-03 plugin id 88552 published 2016-02-03 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/88552 title openSUSE Security Update : Mozilla Firefox (openSUSE-2016-131) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2016-131. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(88552); script_version("2.8"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2015-7208", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1938", "CVE-2016-1939", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947"); script_name(english:"openSUSE Security Update : Mozilla Firefox (openSUSE-2016-131)"); script_summary(english:"Check for the openSUSE-2016-131 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes the following security related issues by updating packages to a more recent version : Update of NSPR to 4.11 Update of NSS to 3.21 Update of Firefox to 44.0 - MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 Miscellaneous memory safety hazards - MFSA 2016-02/CVE-2016-1933 (bmo#1231761) Out of Memory crash when parsing GIF format images - MFSA 2016-03/CVE-2016-1935 (bmo#1220450) Buffer overflow in WebGL after out of memory allocation - MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784) Firefox allows for control characters to be set in cookie names - MFSA 2016-06/CVE-2016-1937 (bmo#724353) Missing delay following user click events in protocol handler dialog - MFSA 2016-07/CVE-2016-1938 (bmo#1190248) Errors in mp_div and mp_exptmod cryptographic functions in NSS (fixed by requiring NSS 3.21) - MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590) Addressbar spoofing attacks - MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946 (bmo#1186621, bmo#1214782, bmo#1232096) Unsafe memory manipulation found through code inspection - MFSA 2016-11/CVE-2016-1947 (bmo#1237103) Application Reputation service disabled in Firefox 43" ); script_set_attribute( attribute:"solution", value:"Update the affected Mozilla Firefox packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nspr-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"patch_publication_date", value:"2016/02/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-branding-upstream-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-buildsymbols-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-debuginfo-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-debugsource-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-devel-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-translations-common-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"MozillaFirefox-translations-other-44.0-103.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libfreebl3-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libfreebl3-debuginfo-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libsoftokn3-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"libsoftokn3-debuginfo-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-4.11-28.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-debuginfo-4.11-28.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-debugsource-4.11-28.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nspr-devel-4.11-28.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-certs-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-certs-debuginfo-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-debuginfo-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-debugsource-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-devel-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-sysinit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-sysinit-debuginfo-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-tools-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"mozilla-nss-tools-debuginfo-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libfreebl3-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.11-28.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.11-28.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.21-68.1") ) flag++; if ( rpm_check(release:"SUSE13.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.21-68.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / MozillaFirefox-branding-upstream / etc"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201605-06.NASL description The remote host is affected by the vulnerability described in GLSA-201605-06 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and Thunderbird. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impacts. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 91379 published 2016-05-31 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91379 title GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201605-06. # # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(91379); script_version("2.6"); script_cvs_date("Date: 2019/08/12 17:35:38"); script_cve_id("CVE-2015-2708", "CVE-2015-2709", "CVE-2015-2710", "CVE-2015-2711", "CVE-2015-2712", "CVE-2015-2713", "CVE-2015-2714", "CVE-2015-2715", "CVE-2015-2716", "CVE-2015-2717", "CVE-2015-2718", "CVE-2015-2721", "CVE-2015-4000", "CVE-2015-4473", "CVE-2015-4474", "CVE-2015-4475", "CVE-2015-4477", "CVE-2015-4478", "CVE-2015-4479", "CVE-2015-4480", "CVE-2015-4481", "CVE-2015-4482", "CVE-2015-4483", "CVE-2015-4484", "CVE-2015-4485", "CVE-2015-4486", "CVE-2015-4487", "CVE-2015-4488", "CVE-2015-4489", "CVE-2015-4490", "CVE-2015-4491", "CVE-2015-4492", "CVE-2015-4493", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7575", "CVE-2016-1523", "CVE-2016-1930", "CVE-2016-1931", "CVE-2016-1933", "CVE-2016-1935", "CVE-2016-1937", "CVE-2016-1938", "CVE-2016-1939", "CVE-2016-1940", "CVE-2016-1941", "CVE-2016-1942", "CVE-2016-1943", "CVE-2016-1944", "CVE-2016-1945", "CVE-2016-1946", "CVE-2016-1947", "CVE-2016-1948", "CVE-2016-1949", "CVE-2016-1950", "CVE-2016-1952", "CVE-2016-1953", "CVE-2016-1954", "CVE-2016-1955", "CVE-2016-1956", "CVE-2016-1957", "CVE-2016-1958", "CVE-2016-1959", "CVE-2016-1960", "CVE-2016-1961", "CVE-2016-1962", "CVE-2016-1963", "CVE-2016-1964", "CVE-2016-1965", "CVE-2016-1966", "CVE-2016-1967", "CVE-2016-1968", "CVE-2016-1969", "CVE-2016-1970", "CVE-2016-1971", "CVE-2016-1972", "CVE-2016-1973", "CVE-2016-1974", "CVE-2016-1975", "CVE-2016-1976", "CVE-2016-1977", "CVE-2016-1978", "CVE-2016-1979", "CVE-2016-2790", "CVE-2016-2791", "CVE-2016-2792", "CVE-2016-2793", "CVE-2016-2794", "CVE-2016-2795", "CVE-2016-2796", "CVE-2016-2797", "CVE-2016-2798", "CVE-2016-2799", "CVE-2016-2800", "CVE-2016-2801", "CVE-2016-2802"); script_xref(name:"GLSA", value:"201605-06"); script_name(english:"GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201605-06 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and Thunderbird. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impacts. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201605-06" ); script_set_attribute( attribute:"solution", value: "All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-libs/nss-3.22.2' All Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/thunderbird-38.7.0' All users of the Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/thunderbird-bin-38.7.0' All Firefox 38.7.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/firefox-38.7.0' All users of the Firefox 38.7.x binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/firefox-bin-38.7.0'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:firefox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:firefox-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:nspr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:nss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:thunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:thunderbird-bin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/14"); script_set_attribute(attribute:"patch_publication_date", value:"2016/05/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/31"); script_set_attribute(attribute:"in_the_news", value:"true"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-libs/nspr", unaffected:make_list("ge 4.12"), vulnerable:make_list("lt 4.12"))) flag++; if (qpkg_check(package:"dev-libs/nss", unaffected:make_list("ge 3.22.2"), vulnerable:make_list("lt 3.22.2"))) flag++; if (qpkg_check(package:"www-client/firefox-bin", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++; if (qpkg_check(package:"www-client/firefox", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++; if (qpkg_check(package:"mail-client/thunderbird-bin", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++; if (qpkg_check(package:"mail-client/thunderbird", unaffected:make_list("ge 38.7.0"), vulnerable:make_list("lt 38.7.0"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Mozilla Products"); }
References
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
- http://www.mozilla.org/security/announce/2016/mfsa2016-09.html
- http://www.securityfocus.com/bid/81948
- http://www.securitytracker.com/id/1034825
- https://bugzilla.mozilla.org/show_bug.cgi?id=1228590
- https://security.gentoo.org/glsa/201605-06