Vulnerabilities > CVE-2016-9574 - Session Fixation vulnerability in Mozilla Network Security Services

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
high complexity
mozilla
CWE-384
nessus

Summary

nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.

Vulnerable Configurations

Part Description Count
Application
Mozilla
126

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Session Credential Falsification through Forging
    An attacker creates a false but functional session credential in order to gain or usurp access to a service. Session credentials allow users to identify themselves to a service after an initial authentication without needing to resend the authentication information (usually a username and password) with every message. If an attacker is able to forge valid session credentials they may be able to bypass authentication or piggy-back off some other authenticated user's session. This attack differs from Reuse of Session IDs and Session Sidejacking attacks in that in the latter attacks an attacker uses a previous or existing credential without modification while, in a forging attack, the attacker must create their own credential, although it may be based on previously observed credentials.
  • Exploitation of Session Variables, Resource IDs and other Trusted Credentials
    Attacks on session IDs and resource IDs take advantage of the fact that some software accepts user input without verifying its authenticity. For example, a message queuing system that allows service requesters to post messages to its queue through an open channel (such as anonymous FTP), authorization is done through checking group or role membership contained in the posted message. However, there is no proof that the message itself, the information in the message (such group or role membership), or indeed the process that wrote the message to the queue are authentic and authorized to do so. Many server side processes are vulnerable to these attacks because the server to server communications have not been analyzed from a security perspective or the processes "trust" other systems because they are behind a firewall. In a similar way servers that use easy to guess or spoofable schemes for representing digital identity can also be vulnerable. Such systems frequently use schemes without cryptography and digital signatures (or with broken cryptography). Session IDs may be guessed due to insufficient randomness, poor protection (passed in the clear), lack of integrity (unsigned), or improperly correlation with access control policy enforcement points. Exposed configuration and properties files that contain system passwords, database connection strings, and such may also give an attacker an edge to identify these identifiers. The net result is that spoofing and impersonation is possible leading to an attacker's ability to break authentication, authorization, and audit controls on the system.
  • Accessing/Intercepting/Modifying HTTP Cookies
    This attack relies on the use of HTTP Cookies to store credentials, state information and other critical data on client systems. The first form of this attack involves accessing HTTP Cookies to mine for potentially sensitive data contained therein. The second form of this attack involves intercepting this data as it is transmitted from client to server. This intercepted information is then used by the attacker to impersonate the remote user/session. The third form is when the cookie's content is modified by the attacker before it is sent back to the server. Here the attacker seeks to convince the target server to operate on this falsified information.
  • Manipulating Opaque Client-based Data Tokens
    In circumstances where an application holds important data client-side in tokens (cookies, URLs, data files, and so forth) that data can be manipulated. If client or server-side application components reinterpret that data as authentication tokens or data (such as store item pricing or wallet information) then even opaquely manipulating that data may bear fruit for an Attacker. In this pattern an attacker undermines the assumption that client side tokens have been adequately protected from tampering through use of encryption or obfuscation.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-504.NASL
    descriptionMozilla-nss was updated to 3.28.4 to fix the following issues : Security issues : - CVE-2016-9574: Allow use of session tickets when there is no ticket wrapping key (boo#1015499, bmo#1320695) Non security issues : - A rare crash when initializing an SSL socket fails has been fixed (bmo#1342358) - Rare crashes in the base 64 decoder and encoder were fixed (bmo#1344380) - A carry over bug in the RNG was fixed (bmo#1345089) - Fixed hash computation (boo#1030071, bmo#1348767) This update also contains a rebuild of java-1_8_0-openjdk as the java security provider is very closely tied to the mozilla nss API.
    last seen2020-06-05
    modified2017-04-24
    plugin id99618
    published2017-04-24
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99618
    titleopenSUSE Security Update : mozilla-nss (openSUSE-2017-504)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2017-504.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99618);
      script_version("3.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-9574");
    
      script_name(english:"openSUSE Security Update : mozilla-nss (openSUSE-2017-504)");
      script_summary(english:"Check for the openSUSE-2017-504 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla-nss was updated to 3.28.4 to fix the following issues :
    
    Security issues :
    
      - CVE-2016-9574: Allow use of session tickets when there
        is no ticket wrapping key (boo#1015499, bmo#1320695)
    
    Non security issues :
    
      - A rare crash when initializing an SSL socket fails has
        been fixed (bmo#1342358)
    
      - Rare crashes in the base 64 decoder and encoder were
        fixed (bmo#1344380)
    
      - A carry over bug in the RNG was fixed (bmo#1345089)
    
      - Fixed hash computation (boo#1030071, bmo#1348767)
    
    This update also contains a rebuild of java-1_8_0-openjdk as the java
    security provider is very closely tied to the mozilla nss API."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1015499"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1030071"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected mozilla-nss packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-accessibility");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-src");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/04/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/04/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.1|SUSE42\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1 / 42.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-accessibility-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-debugsource-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-demo-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-devel-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-headless-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-javadoc-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"java-1_8_0-openjdk-src-1.8.0.121-25.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libfreebl3-debuginfo-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libsoftokn3-debuginfo-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-certs-debuginfo-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debuginfo-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-debugsource-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-devel-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-sysinit-debuginfo-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"mozilla-nss-tools-debuginfo-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.28.4-41.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-accessibility-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-debugsource-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-demo-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-devel-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-headless-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-javadoc-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"java-1_8_0-openjdk-src-1.8.0.121-10.2.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libfreebl3-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libfreebl3-debuginfo-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libsoftokn3-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libsoftokn3-debuginfo-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-certs-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-certs-debuginfo-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-debuginfo-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-debugsource-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-devel-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-sysinit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-sysinit-debuginfo-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-tools-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mozilla-nss-tools-debuginfo-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libfreebl3-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libsoftokn3-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"mozilla-nss-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.28.4-40.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.28.4-40.3.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1248-1.NASL
    descriptionMozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox (bsc#1035082) - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2 - MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor - MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling - MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions - MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection - MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation - MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel - MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection - MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor - MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data - MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing - MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes - MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding - MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing - MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events - MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs : - Update to NSS 3.29.5 : - MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed. - MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed. - CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499). - requires NSPR >= 4.13.1 - Update to NSS 3.29.3 - enables TLS 1.3 by default - Fixed a bug in hash computation (and build with GCC 7 which complains about shifts of boolean values). (bsc#1030071, bmo#1348767) - Update to NSS 3.28.3 This is a patch release to fix binary compatibility issues. - Update to NSS 3.28.1 This is a patch release to update the list of root CA certificates. - The following CA certificates were Removed CN = Buypass Class 2 CA 1 CN = Root CA Generalitat Valenciana OU = RSA Security 2048 V3 - The following CA certificates were Added OU = AC RAIZ FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN = Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust Global Root 2 CN = Symantec Class 1 Public Primary Certification Authority - G4 CN = Symantec Class 1 Public Primary Certification Authority - G6 CN = Symantec Class 2 Public Primary Certification Authority - G4 CN = Symantec Class 2 Public Primary Certification Authority - G6 - The version number of the updated root CA list has been set to 2.11 - Update to NSS 3.28 New functionality : - NSS includes support for TLS 1.3 draft -18. This includes a number of improvements to TLS 1.3 : - The signed certificate timestamp, used in certificate transparency, is supported in TLS 1.3. - Key exporters for TLS 1.3 are supported. This includes the early key exporter, which can be used if 0-RTT is enabled. Note that there is a difference between TLS 1.3 and key exporters in older versions of TLS. TLS 1.3 does not distinguish between an empty context and no context. - The TLS 1.3 (draft) protocol can be enabled, by defining NSS_ENABLE_TLS_1_3=1 when building NSS. - NSS includes support for the X25519 key exchange algorithm, which is supported and enabled by default in all versions of TLS. Notable Changes : - NSS can no longer be compiled with support for additional elliptic curves. This was previously possible by replacing certain NSS source files. - NSS will now detect the presence of tokens that support additional elliptic curves and enable those curves for use in TLS. Note that this detection has a one-off performance cost, which can be avoided by using the SSL_NamedGroupConfig function to limit supported groups to those that NSS provides. - PKCS#11 bypass for TLS is no longer supported and has been removed. - Support for
    last seen2020-06-01
    modified2020-06-02
    plugin id100151
    published2017-05-12
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100151
    titleSUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nss, mozilla-nspr, java-1_8_0-openjdk (SUSE-SU-2017:1248-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2017:1248-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(100151);
      script_version("3.6");
      script_cvs_date("Date: 2019/09/11 11:22:15");
    
      script_cve_id("CVE-2016-1950", "CVE-2016-2834", "CVE-2016-8635", "CVE-2016-9574", "CVE-2017-5429", "CVE-2017-5432", "CVE-2017-5433", "CVE-2017-5434", "CVE-2017-5435", "CVE-2017-5436", "CVE-2017-5437", "CVE-2017-5438", "CVE-2017-5439", "CVE-2017-5440", "CVE-2017-5441", "CVE-2017-5442", "CVE-2017-5443", "CVE-2017-5444", "CVE-2017-5445", "CVE-2017-5446", "CVE-2017-5447", "CVE-2017-5448", "CVE-2017-5459", "CVE-2017-5460", "CVE-2017-5461", "CVE-2017-5462", "CVE-2017-5464", "CVE-2017-5465", "CVE-2017-5469");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nss, mozilla-nspr, java-1_8_0-openjdk (SUSE-SU-2017:1248-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla
    NSS was updated to support TLS 1.3 (close to release draft) and
    various new ciphers, PRFs, Diffie Hellman key agreement and support
    for more hashes. Security issues fixed in Firefox (bsc#1035082)
    
      - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in
        flex-generated code
    
      - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in
        Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1
    
      - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray
        Length() during XSLT processing
    
      - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr
        during XSLT processing
    
      - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent
        library
    
      - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with
        malicious font in Graphite 2
    
      - MFSA 2017-11/CVE-2017-5435: Use-after-free during
        transaction processing in the editor
    
      - MFSA 2017-11/CVE-2017-5434: Use-after-free during focus
        handling
    
      - MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL
        animation functions
    
      - MFSA 2017-11/CVE-2017-5432: Use-after-free in text input
        selection
    
      - MFSA 2017-11/CVE-2017-5464: Memory corruption with
        accessibility and DOM manipulation
    
      - MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in
        ConvolvePixel
    
      - MFSA 2017-11/CVE-2017-5460: Use-after-free in frame
        selection
    
      - MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in
        ClearKeyDecryptor
    
      - MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when
        HTTP/2 DATA frames are sent with incorrect data
    
      - MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during
        glyph processing
    
      - MFSA 2017-11/CVE-2017-5444: Buffer overflow while
        parsing application/http-index-format content
    
      - MFSA 2017-11/CVE-2017-5445: Uninitialized values used
        while parsing application/http-index-format content
    
      - MFSA 2017-11/CVE-2017-5442: Use-after-free during style
        changes
    
      - MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during
        BinHex decoding
    
      - MFSA 2017-11/CVE-2017-5440: Use-after-free in
        txExecutionState destructor during XSLT processing
    
      - MFSA 2017-11/CVE-2017-5441: Use-after-free with
        selection during scroll events
    
      - MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL
        Mozilla NSS was updated to 3.29.5, bringing new features
        and fixing bugs :
    
      - Update to NSS 3.29.5 :
    
      - MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64
        decoder and encoder were fixed.
    
      - MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG
        was fixed.
    
      - CVE-2016-9574: Remote DoS during session handshake when
        using SessionTicket extention and ECDHE-ECDSA
        (bsc#1015499).
    
      - requires NSPR >= 4.13.1
    
      - Update to NSS 3.29.3
    
      - enables TLS 1.3 by default
    
      - Fixed a bug in hash computation (and build with GCC 7
        which complains about shifts of boolean values).
        (bsc#1030071, bmo#1348767)
    
      - Update to NSS 3.28.3 This is a patch release to fix
        binary compatibility issues.
    
      - Update to NSS 3.28.1 This is a patch release to update
        the list of root CA certificates.
    
      - The following CA certificates were Removed CN = Buypass
        Class 2 CA 1 CN = Root CA Generalitat Valenciana OU =
        RSA Security 2048 V3
    
      - The following CA certificates were Added OU = AC RAIZ
        FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN
        = Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust
        Global Root 2 CN = Symantec Class 1 Public Primary
        Certification Authority - G4 CN = Symantec Class 1
        Public Primary Certification Authority - G6 CN =
        Symantec Class 2 Public Primary Certification Authority
        - G4 CN = Symantec Class 2 Public Primary Certification
        Authority - G6
    
      - The version number of the updated root CA list has been
        set to 2.11
    
      - Update to NSS 3.28 New functionality :
    
      - NSS includes support for TLS 1.3 draft -18. This
        includes a number of improvements to TLS 1.3 :
    
      - The signed certificate timestamp, used in certificate
        transparency, is supported in TLS 1.3.
    
      - Key exporters for TLS 1.3 are supported. This includes
        the early key exporter, which can be used if 0-RTT is
        enabled. Note that there is a difference between TLS 1.3
        and key exporters in older versions of TLS. TLS 1.3 does
        not distinguish between an empty context and no context.
    
      - The TLS 1.3 (draft) protocol can be enabled, by defining
        NSS_ENABLE_TLS_1_3=1 when building NSS.
    
      - NSS includes support for the X25519 key exchange
        algorithm, which is supported and enabled by default in
        all versions of TLS. Notable Changes :
    
      - NSS can no longer be compiled with support for
        additional elliptic curves. This was previously possible
        by replacing certain NSS source files.
    
      - NSS will now detect the presence of tokens that support
        additional elliptic curves and enable those curves for
        use in TLS. Note that this detection has a one-off
        performance cost, which can be avoided by using the
        SSL_NamedGroupConfig function to limit supported groups
        to those that NSS provides.
    
      - PKCS#11 bypass for TLS is no longer supported and has
        been removed.
    
      - Support for 'export' grade SSL/TLS cipher suites has
        been removed.
    
      - NSS now uses the signature schemes definition in TLS
        1.3. This also affects TLS 1.2. NSS will now only
        generate signatures with the combinations of hash and
        signature scheme that are defined in TLS 1.3, even when
        negotiating TLS 1.2.
    
      - This means that SHA-256 will only be used with P-256
        ECDSA certificates, SHA-384 with P-384 certificates, and
        SHA-512 with P-521 certificates. SHA-1 is permitted (in
        TLS 1.2 only) with any certificate for backward
        compatibility reasons.
    
      - NSS will now no longer assume that default signature
        schemes are supported by a peer if there was no commonly
        supported signature scheme.
    
      - NSS will now check if RSA-PSS signing is supported by
        the token that holds the private key prior to using it
        for TLS.
    
      - The certificate validation code contains checks to no
        longer trust certificates that are issued by old WoSign
        and StartCom CAs after October 21, 2016. This is
        equivalent to the behavior that Mozilla will release
        with Firefox 51.
    
      - Update to NSS 3.27.2
    
      - Fixed SSL_SetTrustAnchors leaks (bmo#1318561)
    
      - raised the minimum softokn/freebl version to 3.28 as
        reported in (boo#1021636)
    
      - Update to NSS 3.26.2 New Functionality :
    
      - the selfserv test utility has been enhanced to support
        ALPN (HTTP/1.1) and 0-RTT
    
      - added support for the System-wide crypto policy
        available on Fedora Linux see
        http://fedoraproject.org/wiki/Changes/CryptoPolicy
    
      - introduced build flag NSS_DISABLE_LIBPKIX that allows
        compilation of NSS without the libpkix library Notable
        Changes :
    
      - The following CA certificate was Added CN = ISRG Root X1
    
      - NPN is disabled and ALPN is enabled by default
    
      - the NSS test suite now completes with the experimental
        TLS 1.3 code enabled
    
      - several test improvements and additions, including a
        NIST known answer test Changes in 3.26.2
    
      - MD5 signature algorithms sent by the server in
        CertificateRequest messages are now properly ignored.
        Previously, with rare server configurations, an MD5
        signature algorithm might have been selected for client
        authentication and caused the client to abort the
        connection soon after.
    
      - Update to NSS 3.25 New functionality :
    
      - Implemented DHE key agreement for TLS 1.3
    
      - Added support for ChaCha with TLS 1.3
    
      - Added support for TLS 1.2 ciphersuites that use SHA384
        as the PRF
    
      - In previous versions, when using client authentication
        with TLS 1.2, NSS only supported certificate_verify
        messages that used the same signature hash algorithm as
        used by the PRF. This limitation has been removed.
        Notable changes :
    
      - An SSL socket can no longer be configured to allow both
        TLS 1.3 and SSLv3
    
      - Regression fix: NSS no longer reports a failure if an
        application attempts to disable the SSLv2 protocol.
    
      - The list of trusted CA certificates has been updated to
        version 2.8
    
      - The following CA certificate was Removed Sonera Class1
        CA
    
      - The following CA certificates were Added Hellenic
        Academic and Research Institutions RootCA 2015 Hellenic
        Academic and Research Institutions ECC RootCA 2015
        Certplus Root CA G1 Certplus Root CA G2 OpenTrust Root
        CA G1 OpenTrust Root CA G2 OpenTrust Root CA G3
    
      - Update to NSS 3.24 New functionality :
    
      - NSS softoken has been updated with the latest National
        Institute of Standards and Technology (NIST) guidance
        (as of 2015) :
    
      - Software integrity checks and POST functions are
        executed on shared library load. These checks have been
        disabled by default, as they can cause a performance
        regression. To enable these checks, you must define
        symbol NSS_FORCE_FIPS when building NSS.
    
      - Counter mode and Galois/Counter Mode (GCM) have checks
        to prevent counter overflow.
    
      - Additional CSPs are zeroed in the code.
    
      - NSS softoken uses new guidance for how many Rabin-Miller
        tests are needed to verify a prime based on prime size.
    
      - NSS softoken has also been updated to allow NSS to run
        in FIPS Level 1 (no password). This mode is triggered by
        setting the database password to the empty string. In
        FIPS mode, you may move from Level 1 to Level 2 (by
        setting an appropriate password), but not the reverse.
    
      - A SSL_ConfigServerCert function has been added for
        configuring SSL/TLS server sockets with a certificate
        and private key. Use this new function in place of
        SSL_ConfigSecureServer,
        SSL_ConfigSecureServerWithCertChain,
        SSL_SetStapledOCSPResponses, and
        SSL_SetSignedCertTimestamps. SSL_ConfigServerCert
        automatically determines the certificate type from the
        certificate and private key. The caller is no longer
        required to use SSLKEAType explicitly to select a 'slot'
        into which the certificate is configured (which
        incorrectly identifies a key agreement type rather than
        a certificate). Separate functions for configuring
        Online Certificate Status Protocol (OCSP) responses or
        Signed Certificate Timestamps are not needed, since
        these can be added to the optional
        SSLExtraServerCertData struct provided to
        SSL_ConfigServerCert. Also, partial support for RSA
        Probabilistic Signature Scheme (RSA-PSS) certificates
        has been added. Although these certificates can be
        configured, they will not be used by NSS in this
        version.
    
      - Deprecate the member attribute authAlgorithm of type
        SSLCipherSuiteInfo. Instead, applications should use the
        newly added attribute authType.
    
      - Add a shared library (libfreeblpriv3) on Linux platforms
        that define FREEBL_LOWHASH.
    
      - Remove most code related to SSL v2, including the
        ability to actively send a SSLv2-compatible client
        hello. However, the server-side implementation of the
        SSL/TLS protocol still supports processing of received
        v2-compatible client hello messages.
    
      - Disable (by default) NSS support in optimized builds for
        logging SSL/TLS key material to a logfile if the
        SSLKEYLOGFILE environment variable is set. To enable the
        functionality in optimized builds, you must define the
        symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS.
    
      - Update NSS to protect it against the Cachebleed attack.
    
      - Disable support for DTLS compression.
    
      - Improve support for TLS 1.3. This includes support for
        DTLS 1.3. Note that TLS 1.3 support is experimental and
        not suitable for production use.
    
      - Update to NSS 3.23 New functionality :
    
      - ChaCha20/Poly1305 cipher and TLS cipher suites now
        supported
    
      - Experimental-only support TLS 1.3 1-RTT mode (draft-11).
        This code is not ready for production use. Notable
        changes :
    
      - The list of TLS extensions sent in the TLS handshake has
        been reordered to increase compatibility of the Extended
        Master Secret with with servers
    
      - The build time environment variable NSS_ENABLE_ZLIB has
        been renamed to NSS_SSL_ENABLE_ZLIB
    
      - The build time environment variable
        NSS_DISABLE_CHACHAPOLY was added, which can be used to
        prevent compilation of the ChaCha20/Poly1305 code.
    
      - The following CA certificates were Removed
    
      - Staat der Nederlanden Root CA
    
      - NetLock Minositett Kozjegyzoi (Class QA)
        Tanusitvanykiado
    
      - NetLock Kozjegyzoi (Class A) Tanusitvanykiado
    
      - NetLock Uzleti (Class B) Tanusitvanykiado
    
      - NetLock Expressz (Class C) Tanusitvanykiado
    
      - VeriSign Class 1 Public PCA - G2
    
      - VeriSign Class 3 Public PCA
    
      - VeriSign Class 3 Public PCA - G2
    
      - CA Disig
    
      - The following CA certificates were Added
    
      + SZAFIR ROOT CA2
    
      + Certum Trusted Network CA 2
    
      - The following CA certificate had the Email trust bit
        turned on
    
      + Actalis Authentication Root CA Security fixes :
    
      - CVE-2016-2834: Memory safety bugs (boo#983639)
        MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034
        bmo#1241037
    
      - Update to NSS 3.22.3
    
      - Increase compatibility of TLS extended master secret,
        don't send an empty TLS extension last in the handshake
        (bmo#1243641)
    
      - Fixed a heap-based buffer overflow related to the
        parsing of certain ASN.1 structures. An attacker could
        create a specially crafted certificate which, when
        parsed by NSS, would cause a crash or execution of
        arbitrary code with the permissions of the user.
        (CVE-2016-1950, bmo#1245528)
    
      - Update to NSS 3.22.2 New functionality :
    
      - RSA-PSS signatures are now supported (bmo#1215295)
    
      - Pseudorandom functions based on hashes other than SHA-1
        are now supported
    
      - Enforce an External Policy on NSS from a config file
        (bmo#1009429)
    
      - CVE-2016-8635: Fix for DH small subgroup confinement
        attack (bsc#1015547) Mozilla NSPR was updated to version
        4.13.1: The previously released version 4.13 had changed
        pipes to be nonblocking by default, and as a
        consequence, PollEvent was changed to not block on
        clear. The NSPR development team received reports that
        these changes caused regressions in some applications
        that use NSPR, and it has been decided to revert the
        changes made in NSPR 4.13. NSPR 4.13.1 restores the
        traditional behavior of pipes and PollEvent. Mozilla
        NSPR update to version 4.13 had these changes :
    
      - PL_strcmp (and others) were fixed to return consistent
        results when one of the arguments is NULL.
    
      - PollEvent was fixed to not block on clear.
    
      - Pipes are always nonblocking.
    
      - PR_GetNameForIdentity: added thread safety lock and
        bound checks.
    
      - Removed the PLArena freelist.
    
      - Avoid some integer overflows.
    
      - fixed several comments. This update also contains
        java-1_8_0-openjdk that needed to be rebuilt against the
        new mozilla-nss version.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # http://fedoraproject.org/wiki/Changes/CryptoPolicy
      script_set_attribute(
        attribute:"see_also",
        value:"https://fedoraproject.org/wiki/Changes/CryptoPolicy"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1015499"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1015547"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1021636"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1026102"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1030071"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1035082"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=983639"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-1950/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-2834/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-8635/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-9574/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5429/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5432/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5433/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5434/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5435/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5436/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5437/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5438/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5439/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5440/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5441/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5442/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5443/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5444/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5445/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5446/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5447/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5448/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5459/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5460/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5461/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5462/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5464/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5465/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5469/"
      );
      # https://www.suse.com/support/update/announcement/2017/suse-su-20171248-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?5ac0c30e"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t
    patch SUSE-SLE-SDK-12-SP2-2017-748=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t
    patch SUSE-SLE-SDK-12-SP1-2017-748=1
    
    SUSE Linux Enterprise Server for SAP 12:zypper in -t patch
    SUSE-SLE-SAP-12-2017-748=1
    
    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
    patch SUSE-SLE-RPI-12-SP2-2017-748=1
    
    SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
    SUSE-SLE-SERVER-12-SP2-2017-748=1
    
    SUSE Linux Enterprise Server 12-SP1:zypper in -t patch
    SUSE-SLE-SERVER-12-SP1-2017-748=1
    
    SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-2017-748=1
    
    SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP2-2017-748=1
    
    SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP1-2017-748=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfreebl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfreebl3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfreebl3-hmac");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsoftokn3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsoftokn3-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsoftokn3-hmac");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nspr-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nspr-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nspr-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-certs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-certs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-sysinit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-sysinit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/05/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0|1|2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0/1/2", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(1|2)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP1/2", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-debuginfo-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-debugsource-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"MozillaFirefox-translations-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-debugsource-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-demo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-devel-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-headless-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libfreebl3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libfreebl3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libfreebl3-hmac-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libsoftokn3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libsoftokn3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libsoftokn3-hmac-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nspr-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nspr-debuginfo-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nspr-debugsource-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-certs-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-certs-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-debugsource-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-sysinit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-sysinit-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-tools-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-tools-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libfreebl3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libfreebl3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libfreebl3-hmac-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libsoftokn3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libsoftokn3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libsoftokn3-hmac-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nspr-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nspr-debuginfo-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-certs-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-sysinit-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-debuginfo-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-debugsource-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-devel-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"MozillaFirefox-translations-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libfreebl3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libfreebl3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libfreebl3-hmac-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsoftokn3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsoftokn3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsoftokn3-hmac-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nspr-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nspr-debuginfo-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nspr-debugsource-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nspr-devel-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-certs-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-certs-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-debugsource-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-devel-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-sysinit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-sysinit-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-tools-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-tools-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libfreebl3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libfreebl3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libfreebl3-hmac-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsoftokn3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsoftokn3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libsoftokn3-hmac-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nspr-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nspr-debuginfo-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-certs-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-sysinit-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debugsource-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-translations-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-debugsource-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-demo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-devel-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfreebl3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfreebl3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfreebl3-hmac-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-hmac-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-debugsource-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-debugsource-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-tools-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-tools-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfreebl3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfreebl3-hmac-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-hmac-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"MozillaFirefox-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"MozillaFirefox-debugsource-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"MozillaFirefox-translations-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-debugsource-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libfreebl3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libfreebl3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libfreebl3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libsoftokn3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libsoftokn3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nspr-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nspr-debugsource-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-certs-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-debugsource-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-sysinit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-tools-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"mozilla-nss-tools-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debuginfo-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-debugsource-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"MozillaFirefox-translations-45.9.0esr-105.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-debugsource-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-23.4")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libfreebl3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libfreebl3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libfreebl3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libfreebl3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsoftokn3-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-32bit-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-debuginfo-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nspr-debugsource-4.13.1-18.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-certs-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-debugsource-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-sysinit-debuginfo-32bit-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-tools-3.29.5-57.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"mozilla-nss-tools-debuginfo-3.29.5-57.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / mozilla-nss / mozilla-nspr / java-1_8_0-openjdk");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1175-1.NASL
    descriptionMozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox (bsc#1035082) - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2 - MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor - MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling - MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions - MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection - MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation - MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel - MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection - MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor - MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data - MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing - MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content - MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes - MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding - MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing - MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events - MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs : - Update to NSS 3.29.5 : - MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed. - MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed. - CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499). - requires NSPR >= 4.13.1 - Update to NSS 3.29.3 - enables TLS 1.3 by default - Fixed a bug in hash computation (and build with GCC 7 which complains about shifts of boolean values). (bsc#1030071, bmo#1348767) - Update to NSS 3.28.3 This is a patch release to fix binary compatibility issues. - Update to NSS 3.28.1 This is a patch release to update the list of root CA certificates. - The following CA certificates were Removed CN = Buypass Class 2 CA 1 CN = Root CA Generalitat Valenciana OU = RSA Security 2048 V3 - The following CA certificates were Added OU = AC RAIZ FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN = Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust Global Root 2 CN = Symantec Class 1 Public Primary Certification Authority - G4 CN = Symantec Class 1 Public Primary Certification Authority - G6 CN = Symantec Class 2 Public Primary Certification Authority - G4 CN = Symantec Class 2 Public Primary Certification Authority - G6 - The version number of the updated root CA list has been set to 2.11 - Update to NSS 3.28 New functionality : - NSS includes support for TLS 1.3 draft -18. This includes a number of improvements to TLS 1.3 : - The signed certificate timestamp, used in certificate transparency, is supported in TLS 1.3. - Key exporters for TLS 1.3 are supported. This includes the early key exporter, which can be used if 0-RTT is enabled. Note that there is a difference between TLS 1.3 and key exporters in older versions of TLS. TLS 1.3 does not distinguish between an empty context and no context. - The TLS 1.3 (draft) protocol can be enabled, by defining NSS_ENABLE_TLS_1_3=1 when building NSS. - NSS includes support for the X25519 key exchange algorithm, which is supported and enabled by default in all versions of TLS. Notable Changes : - NSS can no longer be compiled with support for additional elliptic curves. This was previously possible by replacing certain NSS source files. - NSS will now detect the presence of tokens that support additional elliptic curves and enable those curves for use in TLS. Note that this detection has a one-off performance cost, which can be avoided by using the SSL_NamedGroupConfig function to limit supported groups to those that NSS provides. - PKCS#11 bypass for TLS is no longer supported and has been removed. - Support for
    last seen2020-06-01
    modified2020-06-02
    plugin id99992
    published2017-05-05
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99992
    titleSUSE SLES11 Security Update : MozillaFirefox, mozilla-nss, mozilla-nspr (SUSE-SU-2017:1175-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2017:1175-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(99992);
      script_version("3.6");
      script_cvs_date("Date: 2019/09/11 11:22:15");
    
      script_cve_id("CVE-2016-1950", "CVE-2016-2834", "CVE-2016-8635", "CVE-2016-9574", "CVE-2017-5429", "CVE-2017-5432", "CVE-2017-5433", "CVE-2017-5434", "CVE-2017-5435", "CVE-2017-5436", "CVE-2017-5437", "CVE-2017-5438", "CVE-2017-5439", "CVE-2017-5440", "CVE-2017-5441", "CVE-2017-5442", "CVE-2017-5443", "CVE-2017-5444", "CVE-2017-5445", "CVE-2017-5446", "CVE-2017-5447", "CVE-2017-5448", "CVE-2017-5459", "CVE-2017-5460", "CVE-2017-5461", "CVE-2017-5462", "CVE-2017-5464", "CVE-2017-5465", "CVE-2017-5469");
    
      script_name(english:"SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss, mozilla-nspr (SUSE-SU-2017:1175-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla
    NSS was updated to support TLS 1.3 (close to release draft) and
    various new ciphers, PRFs, Diffie Hellman key agreement and support
    for more hashes. Security issues fixed in Firefox (bsc#1035082)
    
      - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in
        flex-generated code
    
      - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in
        Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1
    
      - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray
        Length() during XSLT processing
    
      - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr
        during XSLT processing
    
      - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent
        library
    
      - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with
        malicious font in Graphite 2
    
      - MFSA 2017-11/CVE-2017-5435: Use-after-free during
        transaction processing in the editor
    
      - MFSA 2017-11/CVE-2017-5434: Use-after-free during focus
        handling
    
      - MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL
        animation functions
    
      - MFSA 2017-11/CVE-2017-5432: Use-after-free in text input
        selection
    
      - MFSA 2017-11/CVE-2017-5464: Memory corruption with
        accessibility and DOM manipulation
    
      - MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in
        ConvolvePixel
    
      - MFSA 2017-11/CVE-2017-5460: Use-after-free in frame
        selection
    
      - MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in
        ClearKeyDecryptor
    
      - MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when
        HTTP/2 DATA frames are sent with incorrect data
    
      - MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during
        glyph processing
    
      - MFSA 2017-11/CVE-2017-5444: Buffer overflow while
        parsing application/http-index-format content
    
      - MFSA 2017-11/CVE-2017-5445: Uninitialized values used
        while parsing application/http-index-format content
    
      - MFSA 2017-11/CVE-2017-5442: Use-after-free during style
        changes
    
      - MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during
        BinHex decoding
    
      - MFSA 2017-11/CVE-2017-5440: Use-after-free in
        txExecutionState destructor during XSLT processing
    
      - MFSA 2017-11/CVE-2017-5441: Use-after-free with
        selection during scroll events
    
      - MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL
        Mozilla NSS was updated to 3.29.5, bringing new features
        and fixing bugs :
    
      - Update to NSS 3.29.5 :
    
      - MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64
        decoder and encoder were fixed.
    
      - MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG
        was fixed.
    
      - CVE-2016-9574: Remote DoS during session handshake when
        using SessionTicket extention and ECDHE-ECDSA
        (bsc#1015499).
    
      - requires NSPR >= 4.13.1
    
      - Update to NSS 3.29.3
    
      - enables TLS 1.3 by default
    
      - Fixed a bug in hash computation (and build with GCC 7
        which complains about shifts of boolean values).
        (bsc#1030071, bmo#1348767)
    
      - Update to NSS 3.28.3 This is a patch release to fix
        binary compatibility issues.
    
      - Update to NSS 3.28.1 This is a patch release to update
        the list of root CA certificates.
    
      - The following CA certificates were Removed CN = Buypass
        Class 2 CA 1 CN = Root CA Generalitat Valenciana OU =
        RSA Security 2048 V3
    
      - The following CA certificates were Added OU = AC RAIZ
        FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN
        = Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust
        Global Root 2 CN = Symantec Class 1 Public Primary
        Certification Authority - G4 CN = Symantec Class 1
        Public Primary Certification Authority - G6 CN =
        Symantec Class 2 Public Primary Certification Authority
        - G4 CN = Symantec Class 2 Public Primary Certification
        Authority - G6
    
      - The version number of the updated root CA list has been
        set to 2.11
    
      - Update to NSS 3.28 New functionality :
    
      - NSS includes support for TLS 1.3 draft -18. This
        includes a number of improvements to TLS 1.3 :
    
      - The signed certificate timestamp, used in certificate
        transparency, is supported in TLS 1.3.
    
      - Key exporters for TLS 1.3 are supported. This includes
        the early key exporter, which can be used if 0-RTT is
        enabled. Note that there is a difference between TLS 1.3
        and key exporters in older versions of TLS. TLS 1.3 does
        not distinguish between an empty context and no context.
    
      - The TLS 1.3 (draft) protocol can be enabled, by defining
        NSS_ENABLE_TLS_1_3=1 when building NSS.
    
      - NSS includes support for the X25519 key exchange
        algorithm, which is supported and enabled by default in
        all versions of TLS. Notable Changes :
    
      - NSS can no longer be compiled with support for
        additional elliptic curves. This was previously possible
        by replacing certain NSS source files.
    
      - NSS will now detect the presence of tokens that support
        additional elliptic curves and enable those curves for
        use in TLS. Note that this detection has a one-off
        performance cost, which can be avoided by using the
        SSL_NamedGroupConfig function to limit supported groups
        to those that NSS provides.
    
      - PKCS#11 bypass for TLS is no longer supported and has
        been removed.
    
      - Support for 'export' grade SSL/TLS cipher suites has
        been removed.
    
      - NSS now uses the signature schemes definition in TLS
        1.3. This also affects TLS 1.2. NSS will now only
        generate signatures with the combinations of hash and
        signature scheme that are defined in TLS 1.3, even when
        negotiating TLS 1.2.
    
      - This means that SHA-256 will only be used with P-256
        ECDSA certificates, SHA-384 with P-384 certificates, and
        SHA-512 with P-521 certificates. SHA-1 is permitted (in
        TLS 1.2 only) with any certificate for backward
        compatibility reasons.
    
      - NSS will now no longer assume that default signature
        schemes are supported by a peer if there was no commonly
        supported signature scheme.
    
      - NSS will now check if RSA-PSS signing is supported by
        the token that holds the private key prior to using it
        for TLS.
    
      - The certificate validation code contains checks to no
        longer trust certificates that are issued by old WoSign
        and StartCom CAs after October 21, 2016. This is
        equivalent to the behavior that Mozilla will release
        with Firefox 51.
    
      - Update to NSS 3.27.2
    
      - Fixed SSL_SetTrustAnchors leaks (bmo#1318561)
    
      - raised the minimum softokn/freebl version to 3.28 as
        reported in (boo#1021636)
    
      - Update to NSS 3.26.2 New Functionality :
    
      - the selfserv test utility has been enhanced to support
        ALPN (HTTP/1.1) and 0-RTT
    
      - added support for the System-wide crypto policy
        available on Fedora Linux see
        http://fedoraproject.org/wiki/Changes/CryptoPolicy
    
      - introduced build flag NSS_DISABLE_LIBPKIX that allows
        compilation of NSS without the libpkix library Notable
        Changes :
    
      - The following CA certificate was Added CN = ISRG Root X1
    
      - NPN is disabled and ALPN is enabled by default
    
      - the NSS test suite now completes with the experimental
        TLS 1.3 code enabled
    
      - several test improvements and additions, including a
        NIST known answer test Changes in 3.26.2
    
      - MD5 signature algorithms sent by the server in
        CertificateRequest messages are now properly ignored.
        Previously, with rare server configurations, an MD5
        signature algorithm might have been selected for client
        authentication and caused the client to abort the
        connection soon after.
    
      - Update to NSS 3.25 New functionality :
    
      - Implemented DHE key agreement for TLS 1.3
    
      - Added support for ChaCha with TLS 1.3
    
      - Added support for TLS 1.2 ciphersuites that use SHA384
        as the PRF
    
      - In previous versions, when using client authentication
        with TLS 1.2, NSS only supported certificate_verify
        messages that used the same signature hash algorithm as
        used by the PRF. This limitation has been removed.
        Notable changes :
    
      - An SSL socket can no longer be configured to allow both
        TLS 1.3 and SSLv3
    
      - Regression fix: NSS no longer reports a failure if an
        application attempts to disable the SSLv2 protocol.
    
      - The list of trusted CA certificates has been updated to
        version 2.8
    
      - The following CA certificate was Removed Sonera Class1
        CA
    
      - The following CA certificates were Added Hellenic
        Academic and Research Institutions RootCA 2015 Hellenic
        Academic and Research Institutions ECC RootCA 2015
        Certplus Root CA G1 Certplus Root CA G2 OpenTrust Root
        CA G1 OpenTrust Root CA G2 OpenTrust Root CA G3
    
      - Update to NSS 3.24 New functionality :
    
      - NSS softoken has been updated with the latest National
        Institute of Standards and Technology (NIST) guidance
        (as of 2015) :
    
      - Software integrity checks and POST functions are
        executed on shared library load. These checks have been
        disabled by default, as they can cause a performance
        regression. To enable these checks, you must define
        symbol NSS_FORCE_FIPS when building NSS.
    
      - Counter mode and Galois/Counter Mode (GCM) have checks
        to prevent counter overflow.
    
      - Additional CSPs are zeroed in the code.
    
      - NSS softoken uses new guidance for how many Rabin-Miller
        tests are needed to verify a prime based on prime size.
    
      - NSS softoken has also been updated to allow NSS to run
        in FIPS Level 1 (no password). This mode is triggered by
        setting the database password to the empty string. In
        FIPS mode, you may move from Level 1 to Level 2 (by
        setting an appropriate password), but not the reverse.
    
      - A SSL_ConfigServerCert function has been added for
        configuring SSL/TLS server sockets with a certificate
        and private key. Use this new function in place of
        SSL_ConfigSecureServer,
        SSL_ConfigSecureServerWithCertChain,
        SSL_SetStapledOCSPResponses, and
        SSL_SetSignedCertTimestamps. SSL_ConfigServerCert
        automatically determines the certificate type from the
        certificate and private key. The caller is no longer
        required to use SSLKEAType explicitly to select a 'slot'
        into which the certificate is configured (which
        incorrectly identifies a key agreement type rather than
        a certificate). Separate functions for configuring
        Online Certificate Status Protocol (OCSP) responses or
        Signed Certificate Timestamps are not needed, since
        these can be added to the optional
        SSLExtraServerCertData struct provided to
        SSL_ConfigServerCert. Also, partial support for RSA
        Probabilistic Signature Scheme (RSA-PSS) certificates
        has been added. Although these certificates can be
        configured, they will not be used by NSS in this
        version.
    
      - Deprecate the member attribute authAlgorithm of type
        SSLCipherSuiteInfo. Instead, applications should use the
        newly added attribute authType.
    
      - Add a shared library (libfreeblpriv3) on Linux platforms
        that define FREEBL_LOWHASH.
    
      - Remove most code related to SSL v2, including the
        ability to actively send a SSLv2-compatible client
        hello. However, the server-side implementation of the
        SSL/TLS protocol still supports processing of received
        v2-compatible client hello messages.
    
      - Disable (by default) NSS support in optimized builds for
        logging SSL/TLS key material to a logfile if the
        SSLKEYLOGFILE environment variable is set. To enable the
        functionality in optimized builds, you must define the
        symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS.
    
      - Update NSS to protect it against the Cachebleed attack.
    
      - Disable support for DTLS compression.
    
      - Improve support for TLS 1.3. This includes support for
        DTLS 1.3. Note that TLS 1.3 support is experimental and
        not suitable for production use.
    
      - Update to NSS 3.23 New functionality :
    
      - ChaCha20/Poly1305 cipher and TLS cipher suites now
        supported
    
      - Experimental-only support TLS 1.3 1-RTT mode (draft-11).
        This code is not ready for production use. Notable
        changes :
    
      - The list of TLS extensions sent in the TLS handshake has
        been reordered to increase compatibility of the Extended
        Master Secret with with servers
    
      - The build time environment variable NSS_ENABLE_ZLIB has
        been renamed to NSS_SSL_ENABLE_ZLIB
    
      - The build time environment variable
        NSS_DISABLE_CHACHAPOLY was added, which can be used to
        prevent compilation of the ChaCha20/Poly1305 code.
    
      - The following CA certificates were Removed
    
      - Staat der Nederlanden Root CA
    
      - NetLock Minositett Kozjegyzoi (Class QA)
        Tanusitvanykiado
    
      - NetLock Kozjegyzoi (Class A) Tanusitvanykiado
    
      - NetLock Uzleti (Class B) Tanusitvanykiado
    
      - NetLock Expressz (Class C) Tanusitvanykiado
    
      - VeriSign Class 1 Public PCA - G2
    
      - VeriSign Class 3 Public PCA
    
      - VeriSign Class 3 Public PCA - G2
    
      - CA Disig
    
      - The following CA certificates were Added
    
      + SZAFIR ROOT CA2
    
      + Certum Trusted Network CA 2
    
      - The following CA certificate had the Email trust bit
        turned on
    
      + Actalis Authentication Root CA Security fixes :
    
      - CVE-2016-2834: Memory safety bugs (boo#983639)
        MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034
        bmo#1241037
    
      - Update to NSS 3.22.3
    
      - Increase compatibility of TLS extended master secret,
        don't send an empty TLS extension last in the handshake
        (bmo#1243641)
    
      - Fixed a heap-based buffer overflow related to the
        parsing of certain ASN.1 structures. An attacker could
        create a specially crafted certificate which, when
        parsed by NSS, would cause a crash or execution of
        arbitrary code with the permissions of the user.
        (CVE-2016-1950, bmo#1245528)
    
      - Update to NSS 3.22.2 New functionality :
    
      - RSA-PSS signatures are now supported (bmo#1215295)
    
      - Pseudorandom functions based on hashes other than SHA-1
        are now supported
    
      - Enforce an External Policy on NSS from a config file
        (bmo#1009429)
    
      - CVE-2016-8635: Fix for DH small subgroup confinement
        attack (bsc#1015547) Mozilla NSPR was updated to version
        4.13.1: The previously released version 4.13 had changed
        pipes to be nonblocking by default, and as a
        consequence, PollEvent was changed to not block on
        clear. The NSPR development team received reports that
        these changes caused regressions in some applications
        that use NSPR, and it has been decided to revert the
        changes made in NSPR 4.13. NSPR 4.13.1 restores the
        traditional behavior of pipes and PollEvent. Mozilla
        NSPR update to version 4.13 had these changes :
    
      - PL_strcmp (and others) were fixed to return consistent
        results when one of the arguments is NULL.
    
      - PollEvent was fixed to not block on clear.
    
      - Pipes are always nonblocking.
    
      - PR_GetNameForIdentity: added thread safety lock and
        bound checks.
    
      - Removed the PLArena freelist.
    
      - Avoid some integer overflows.
    
      - fixed several comments.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # http://fedoraproject.org/wiki/Changes/CryptoPolicy
      script_set_attribute(
        attribute:"see_also",
        value:"https://fedoraproject.org/wiki/Changes/CryptoPolicy"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1015499"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1015547"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1021636"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1030071"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1035082"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=983639"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-1950/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-2834/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-8635/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-9574/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5429/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5432/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5433/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5434/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5435/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5436/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5437/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5438/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5439/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5440/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5441/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5442/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5443/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5444/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5445/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5446/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5447/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5448/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5459/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5460/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5461/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5462/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5464/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5465/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-5469/"
      );
      # https://www.suse.com/support/update/announcement/2017/suse-su-20171175-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f98b96d4"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE OpenStack Cloud 5:zypper in -t patch
    sleclo50sp3-MozillaFirefox-13090=1
    
    SUSE Manager Proxy 2.1:zypper in -t patch
    slemap21-MozillaFirefox-13090=1
    
    SUSE Manager 2.1:zypper in -t patch sleman21-MozillaFirefox-13090=1
    
    SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
    patch sdksp4-MozillaFirefox-13090=1
    
    SUSE Linux Enterprise Server 11-SP4:zypper in -t patch
    slessp4-MozillaFirefox-13090=1
    
    SUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch
    slessp3-MozillaFirefox-13090=1
    
    SUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch
    sleposp3-MozillaFirefox-13090=1
    
    SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
    dbgsp4-MozillaFirefox-13090=1
    
    SUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch
    dbgsp3-MozillaFirefox-13090=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfreebl3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsoftokn3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nspr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mozilla-nss-tools");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/05/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/05");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES11" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP3/4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libfreebl3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libsoftokn3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.13.1-32.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"mozilla-nss-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libfreebl3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libsoftokn3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"mozilla-nspr-32bit-4.13.1-32.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"mozilla-nss-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"MozillaFirefox-45.9.0esr-71.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"MozillaFirefox-translations-45.9.0esr-71.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"libfreebl3-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"libsoftokn3-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"mozilla-nspr-4.13.1-32.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"mozilla-nss-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"mozilla-nss-tools-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"libfreebl3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"libsoftokn3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"mozilla-nspr-32bit-4.13.1-32.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"mozilla-nss-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"libfreebl3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"libsoftokn3-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mozilla-nspr-32bit-4.13.1-32.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"mozilla-nss-32bit-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"MozillaFirefox-45.9.0esr-71.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"MozillaFirefox-translations-45.9.0esr-71.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"libfreebl3-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"libsoftokn3-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"mozilla-nspr-4.13.1-32.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"mozilla-nss-3.29.5-46.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"mozilla-nss-tools-3.29.5-46.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox / mozilla-nss / mozilla-nspr");
    }