The version of mozilla-thunderbird installed on the remote host is prior to 115.8.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-065-01 advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
#
# The descriptive text and package checks in this plugin were
# extracted from Slackware Security Advisory SSA:2024-065-01. The text
# itself is copyright (C) Slackware Linux, Inc.
##
include('compat.inc');
if (description)
{
script_id(191562);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/05");
script_cve_id("CVE-2024-1936");
script_name(english:"Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2024-065-01)");
script_set_attribute(attribute:"synopsis", value:
"The remote Slackware Linux host is missing a security update to mozilla-thunderbird.");
script_set_attribute(attribute:"description", value:
"The version of mozilla-thunderbird installed on the remote host is prior to 115.8.1. It is, therefore, affected by a
vulnerability as referenced in the SSA:2024-065-01 advisory.
- The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary
other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email
message, the user might accidentally leak the confidential subject to a third party. While this update
fixes the bug and avoids future message contamination, it does not automatically repair existing
contaminations. Users are advised to use the repair folder functionality, which is available from the
context menu of email folders, which will erase incorrect subject assignments. This vulnerability affects
Thunderbird < 115.8.1. (CVE-2024-1936)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# http://www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.366976
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6ae6d203");
script_set_attribute(attribute:"solution", value:
"Upgrade the affected mozilla-thunderbird package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-1936");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/03/04");
script_set_attribute(attribute:"patch_publication_date", value:"2024/03/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:15.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Slackware Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
exit(0);
}
include("slackware.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
var flag = 0;
var constraints = [
{ 'fixed_version' : '115.8.1', 'product' : 'mozilla-thunderbird', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i686' },
{ 'fixed_version' : '115.8.1', 'product' : 'mozilla-thunderbird', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' },
{ 'fixed_version' : '115.8.1', 'product' : 'mozilla-thunderbird', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i686' },
{ 'fixed_version' : '115.8.1', 'product' : 'mozilla-thunderbird', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }
];
foreach var constraint (constraints) {
var pkg_arch = constraint['arch'];
var arch = NULL;
if (pkg_arch == "x86_64") {
arch = pkg_arch;
}
if (slackware_check(osver:constraint['os_version'],
arch:arch,
pkgname:constraint['product'],
pkgver:constraint['fixed_version'],
pkgarch:pkg_arch,
pkgnum:constraint['service_pack'])) flag++;
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : slackware_report_get()
);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
slackware | slackware_linux | mozilla-thunderbird | p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird |
slackware | slackware_linux | cpe:/o:slackware:slackware_linux | |
slackware | slackware_linux | 15.0 | cpe:/o:slackware:slackware_linux:15.0 |