Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2004-082.NASL
HistoryAug 22, 2004 - 12:00 a.m.

Mandrake Linux Security Advisory : mozilla (MDKSA-2004:082)

2004-08-2200:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
33

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.6%

JSON

A number of security vulnerabilities in mozilla are addressed by this update for Mandrakelinux 10.0 users, including a fix for frame spoofing, a fixed popup XPInstall/security dialog bug, a fix for untrusted chrome calls, a fix for SSL certificate spoofing, a fix for stealing secure HTTP Auth passwords via DNS spoofing, a fix for insecure matching of cert names for non-FQDNs, a fix for focus redefinition from another domain, a fix for a SOAP parameter overflow, a fix for text drag on file entry, a fix for certificate DoS, and a fix for lock icon and cert spoofing.

Additionally, mozilla for both Mandrakelinux 9.2 and 10.0 have been rebuilt to use the system libjpeg and libpng which addresses vulnerabilities discovered in libpng (ref: MDKSA-2004:079).

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandrake Linux Security Advisory MDKSA-2004:082. 
# The text itself is copyright (C) Mandriva S.A.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14331);
  script_version("1.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2004-0597", "CVE-2004-0598", "CVE-2004-0599", "CVE-2004-0718", "CVE-2004-0722", "CVE-2004-0757", "CVE-2004-0758", "CVE-2004-0759", "CVE-2004-0760", "CVE-2004-0761", "CVE-2004-0762", "CVE-2004-0763", "CVE-2004-0764", "CVE-2004-0765", "CVE-2004-0779", "CVE-2004-1449", "CVE-2005-1937");
  script_xref(name:"MDKSA", value:"2004:082");

  script_name(english:"Mandrake Linux Security Advisory : mozilla (MDKSA-2004:082)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandrake Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A number of security vulnerabilities in mozilla are addressed by this
update for Mandrakelinux 10.0 users, including a fix for frame
spoofing, a fixed popup XPInstall/security dialog bug, a fix for
untrusted chrome calls, a fix for SSL certificate spoofing, a fix for
stealing secure HTTP Auth passwords via DNS spoofing, a fix for
insecure matching of cert names for non-FQDNs, a fix for focus
redefinition from another domain, a fix for a SOAP parameter overflow,
a fix for text drag on file entry, a fix for certificate DoS, and a
fix for lock icon and cert spoofing.

Additionally, mozilla for both Mandrakelinux 9.2 and 10.0 have been
rebuilt to use the system libjpeg and libpng which addresses
vulnerabilities discovered in libpng (ref: MDKSA-2004:079)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.mozilla.org/show_bug.cgi?id=149478"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=162020"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.mozilla.org/show_bug.cgi?id=206859"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.mozilla.org/show_bug.cgi?id=226278"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=229374"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=234058"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=236618"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.mozilla.org/show_bug.cgi?id=239580"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=240053"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=244965"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=246448"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=249004"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugzilla.mozilla.org/show_bug.cgi?id=253121"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.mozilla.org/show_bug.cgi?id=86028"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64nspr4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64nspr4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64nss3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64nss3-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libnspr4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libnspr4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libnss3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libnss3-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-dom-inspector");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-enigmail");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-enigmime");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-irc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-js-debugger");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-mail");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mozilla-spellchecker");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/08/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/22");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64nspr4-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64nspr4-devel-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64nss3-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64nss3-devel-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libnspr4-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libnspr4-devel-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libnss3-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libnss3-devel-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-devel-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-dom-inspector-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-enigmail-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-enigmime-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-irc-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-js-debugger-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-mail-1.6-12.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"mozilla-spellchecker-1.6-12.1.100mdk", yank:"mdk")) flag++;

if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64nspr4-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64nspr4-devel-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64nss3-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64nss3-devel-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libnspr4-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libnspr4-devel-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libnss3-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libnss3-devel-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-devel-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-dom-inspector-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-enigmail-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-enigmime-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-irc-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-js-debugger-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-mail-1.4-13.3.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"mozilla-spellchecker-1.4-13.3.92mdk", yank:"mdk")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxlib64nspr4p-cpe:/a:mandriva:linux:lib64nspr4
mandrivalinuxlib64nspr4-develp-cpe:/a:mandriva:linux:lib64nspr4-devel
mandrivalinuxlib64nss3p-cpe:/a:mandriva:linux:lib64nss3
mandrivalinuxlib64nss3-develp-cpe:/a:mandriva:linux:lib64nss3-devel
mandrivalinuxlibnspr4p-cpe:/a:mandriva:linux:libnspr4
mandrivalinuxlibnspr4-develp-cpe:/a:mandriva:linux:libnspr4-devel
mandrivalinuxlibnss3p-cpe:/a:mandriva:linux:libnss3
mandrivalinuxlibnss3-develp-cpe:/a:mandriva:linux:libnss3-devel
mandrivalinuxmozillap-cpe:/a:mandriva:linux:mozilla
mandrivalinuxmozilla-develp-cpe:/a:mandriva:linux:mozilla-devel
Rows per page:
1-10 of 191

References

Related

openvas 48
nessus 40
slackware 3
redhat 2
suse 8
gentoo 2
securityvulns 7
f5 2
freebsd 10
osv 5
debian 5
ubuntucve 5
cve 17
nvd 17
cvelist 16
cert 9
checkpoint_advisories 3
openvas
openvas
Slackware Advisory SSA:2004-223-01 Mozilla
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2004-223-01)
2012-09-10 00:00:00
SLES9: Security update for Mozilla
2009-10-10 00:00:00
nessus
nessus
Slackware 10.0 / 9.1 / current : Mozilla (SSA:2004-223-01)
2005-07-13 00:00:00
RHEL 2.1 / 3 : mozilla (RHSA-2004:421)
2004-08-05 00:00:00
GLSA-200408-22 : Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities
2004-08-30 00:00:00
slackware
slackware
[slackware-security] Mozilla
2004-08-10 21:17:12
libpng
2004-08-09 20:40:50
[slackware-security] imagemagick
2004-08-10 21:26:39
redhat
redhat
(RHSA-2004:421) mozilla security update
2004-08-04 00:00:00
(RHSA-2004:402) libpng security update
2004-08-04 00:00:00
suse
suse
remote file disclosure in samba
2004-10-05 14:57:32
remote DoS condition in apache2
2004-09-06 13:51:41
remote code execution in cups
2004-09-15 14:45:26
gentoo
gentoo
Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities
2004-08-23 00:00:00
libpng: Numerous vulnerabilities
2004-08-05 00:00:00
securityvulns
securityvulns
[ GLSA 200408-22 ] Mozilla, Firefox, Thunderbird: New releases fix vulnerabilities
2004-08-25 00:00:00
US-CERT Technical Cyber Security Alert TA04-217A -- Multiple Vulnerabilities in libpng
2004-08-05 00:00:00
CESA-2004-001: libpng
2004-08-05 00:00:00
f5
f5
Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
2007-05-17 04:00:00
SOL4009 - Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
2007-05-16 00:00:00
freebsd
freebsd
libpng stack-based buffer overflow and other code concerns
2004-08-04 00:00:00
mozilla -- automated file upload
2004-04-28 00:00:00
mozilla -- POP client heap overflow
2004-07-22 00:00:00
osv
osv
mozilla - frame injection spoofing
2005-08-17 00:00:00
mozilla-firefox - frame injection spoofing
2005-08-15 00:00:00
libpng - several vulnerabilities
2004-08-04 00:00:00
debian
debian
[SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability
2005-08-15 11:02:20
[SECURITY] [DSA 777-1] New Mozilla packages fix frame injection spoofing vulnerability
2005-08-17 09:27:19
[SECURITY] [DSA 536-1] New libpng, libpng3 packages fix multiple vulnerabilities
2004-08-05 02:10:24
ubuntucve
ubuntucve
CVE-2005-1937
2005-06-14 00:00:00
CVE-2004-0598
2004-11-23 00:00:00
CVE-2004-0597
2004-11-23 00:00:00
cve
cve
CVE-2005-1937
2005-06-14 04:00:00
CVE-2004-1449
2005-02-13 05:00:00
CVE-2004-0760
2004-08-18 04:00:00
nvd
nvd
CVE-2005-1937
2005-06-14 04:00:00
CVE-2004-1449
2004-12-31 05:00:00
CVE-2004-0765
2004-08-18 04:00:00
cvelist
cvelist
CVE-2005-1937
2005-06-13 04:00:00
CVE-2004-1449
2005-02-13 05:00:00
CVE-2004-0760
2004-08-03 04:00:00
cert
cert
libpng png_handle_iCCP() NULL pointer dereference
2004-08-04 00:00:00
libpng contains integer overflows in progressive display image reading
2004-08-04 00:00:00
libpng png_handle_sPLT() integer overflow
2004-08-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla SOAPParameter Integer Overflow (CVE-2004-0722)
2010-03-15 00:00:00
libpng Transparency Chunk Length Buffer Overflow (CVE-2004-0597)
2010-02-21 00:00:00
Mozilla Firefox onunload SSL Certificate Spoofing (CVE-2004-0763)
2009-11-19 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.6%

JSON
Related for MANDRAKE_MDKSA-2004-082.NASL
openvas48nessus40slackware3redhat2suse8gentoo2securityvulns7f52freebsd10osv5debian5ubuntucve5cve17nvd17cvelist16cert9checkpoint_advisories3