Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-1704.NASL
HistoryJan 15, 2009 - 12:00 a.m.

Debian DSA-1704-1 : xulrunner - several vulnerabilities

2009-01-1500:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.044

Percentile

92.6%

JSON

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems :

  • CVE-2008-5500 Jesse Ruderman discovered that the layout engine is vulnerable to DoS attacks that might trigger memory corruption and an integer overflow. (MFSA 2008-60)

  • CVE-2008-5503 Boris Zbarsky discovered that an information disclosure attack could be performed via XBL bindings. (MFSA 2008-61)

  • CVE-2008-5506 Marius Schilder discovered that it is possible to obtain sensible data via a XMLHttpRequest. (MFSA 2008-64)

  • CVE-2008-5507 Chris Evans discovered that it is possible to obtain sensible data via a JavaScript URL. (MFSA 2008-65)

  • CVE-2008-5508 Chip Salzenberg discovered possible phishing attacks via URLs with leading whitespaces or control characters.
    (MFSA 2008-66)

  • CVE-2008-5511 It was discovered that it is possible to perform cross-site scripting attacks via an XBL binding to an ‘unloaded document.’ (MFSA 2008-68)

  • CVE-2008-5512 It was discovered that it is possible to run arbitrary JavaScript with chrome privileges via unknown vectors.
    (MFSA 2008-68)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-1704. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(35378);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2008-5500", "CVE-2008-5503", "CVE-2008-5506", "CVE-2008-5507", "CVE-2008-5508", "CVE-2008-5511", "CVE-2008-5512");
  script_bugtraq_id(32925);
  script_xref(name:"DSA", value:"1704");

  script_name(english:"Debian DSA-1704-1 : xulrunner - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems :

  - CVE-2008-5500
    Jesse Ruderman discovered that the layout engine is
    vulnerable to DoS attacks that might trigger memory
    corruption and an integer overflow. (MFSA 2008-60)

  - CVE-2008-5503
    Boris Zbarsky discovered that an information disclosure
    attack could be performed via XBL bindings. (MFSA
    2008-61)

  - CVE-2008-5506
    Marius Schilder discovered that it is possible to obtain
    sensible data via a XMLHttpRequest. (MFSA 2008-64)

  - CVE-2008-5507
    Chris Evans discovered that it is possible to obtain
    sensible data via a JavaScript URL. (MFSA 2008-65)

  - CVE-2008-5508
    Chip Salzenberg discovered possible phishing attacks via
    URLs with leading whitespaces or control characters.
    (MFSA 2008-66)

  - CVE-2008-5511
    It was discovered that it is possible to perform
    cross-site scripting attacks via an XBL binding to an
    'unloaded document.' (MFSA 2008-68)

  - CVE-2008-5512
    It was discovered that it is possible to run arbitrary
    JavaScript with chrome privileges via unknown vectors.
    (MFSA 2008-68)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2008-5500"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2008-5503"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2008-5506"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2008-5507"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2008-5508"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2008-5511"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2008-5512"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2009/dsa-1704"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the xulrunner packages.

For the stable distribution (etch) these problems have been fixed in
version 1.8.0.15~pre080614i-0etch1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 79, 200, 264, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xulrunner");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/01/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/01/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"4.0", prefix:"libmozillainterfaces-java", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libmozjs-dev", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libmozjs0d", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libmozjs0d-dbg", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libnspr4-0d", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libnspr4-0d-dbg", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libnspr4-dev", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libnss3-0d", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libnss3-0d-dbg", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libnss3-dev", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libnss3-tools", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libsmjs-dev", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libsmjs1", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libxul-common", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libxul-dev", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libxul0d", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"libxul0d-dbg", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"python-xpcom", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"spidermonkey-bin", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"xulrunner", reference:"1.8.0.15~pre080614i-0etch1")) flag++;
if (deb_check(release:"4.0", prefix:"xulrunner-gnome-support", reference:"1.8.0.15~pre080614i-0etch1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

Related

ubuntu 5
openvas 110
nessus 40
osv 2
debian 2
fedora 29
redhat 2
oraclelinux 2
centos 3
suse 2
securityvulns 1
freebsd 1
ubuntu
ubuntu
Thunderbird vulnerabilities
2009-01-06 00:00:00
Firefox vulnerabilities
2008-12-18 00:00:00
Thunderbird vulnerabilities
2009-01-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-701-2)
2009-01-13 00:00:00
Ubuntu Update for firefox vulnerabilities USN-690-3
2009-03-23 00:00:00
Ubuntu USN-701-2 (mozilla-thunderbird)
2009-01-13 00:00:00
nessus
nessus
Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-701-2)
2013-03-09 00:00:00
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2009:012)
2009-04-23 00:00:00
openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-383)
2009-07-21 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-01-14 00:00:00
iceweasel - several vulnerabilities
2009-01-15 00:00:00
debian
debian
[SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities
2009-01-14 20:28:56
[SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities
2009-01-15 22:03:27
fedora
fedora
[SECURITY] Fedora 9 Update: seamonkey-1.1.14-1.fc9
2008-12-21 08:44:36
[SECURITY] Fedora 8 Update: seamonkey-1.1.14-1.fc8
2008-12-21 08:25:27
[SECURITY] Fedora 10 Update: seamonkey-1.1.14-1.fc10
2008-12-21 08:40:41
redhat
redhat
(RHSA-2009:0002) Moderate: thunderbird security update
2009-01-07 00:00:00
(RHSA-2008:1037) Critical: seamonkey security update
2008-12-16 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2009-01-07 00:00:00
seamonkey security update
2008-12-17 00:00:00
centos
centos
thunderbird security update
2009-01-08 14:35:58
seamonkey security update
2008-12-17 15:28:51
seamonkey security update
2008-12-22 02:56:59
suse
suse
remote code execution in MozillaFirefox,seamonkey
2008-12-19 13:50:24
remote code execution in MozillaFirefox,MozillaThunderbird,mozilla
2009-01-14 11:55:45
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple seucrity vulnerabilities
2008-12-19 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-12-17 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.044

Percentile

92.6%

JSON
Related for DEBIAN_DSA-1704.NASL
ubuntu5openvas110nessus40osv2debian2fedora29redhat2oraclelinux2centos3suse2securityvulns1freebsd1