Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SOLARIS10_121104-11.NASL
HistoryMar 12, 2018 - 12:00 a.m.

Solaris 10 (sparc) : 121104-11

2018-03-1200:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
32

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.927

Percentile

99.1%

JSON

SunOS 5.10: Adobe Acrobat Reader patch.
Date this patch was last updated by Sun : Nov/27/09

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(107373);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2006-5857", "CVE-2007-0045", "CVE-2007-0046");

  script_name(english:"Solaris 10 (sparc) : 121104-11");
  script_summary(english:"Check for patch 121104-11");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote host is missing Sun Security Patch number 121104-11"
  );
  script_set_attribute(
    attribute:"description", 
    value:
"SunOS 5.10: Adobe Acrobat Reader patch.
Date this patch was last updated by Sun : Nov/27/09"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://getupdates.oracle.com/readme/121104-11"
  );
  script_set_attribute(attribute:"solution", value:"Install patch 121104-11");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_cwe_id(399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:121104");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2006/12/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/11/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("solaris.inc");

showrev = get_kb_item("Host/Solaris/showrev");
if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
full_ver = os_ver[1];
os_level = os_ver[2];
if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
package_arch = package_arch[1];
if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch);
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"121104-11", obsoleted_by:"", package:"SUNWacroread", version:"1.0,REV=10.0.3.2004.12.21.12.29") < 0) flag++;

if (flag) {
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : solaris_get_report()
  );
} else {
  patch_fix = solaris_patch_fix_get();
  if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
  tested = solaris_pkg_tests_get();
  if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWacroread");
}

Related

nessus 28
redhat 2
kaspersky 1
gentoo 2
openvas 17
suse 2
cve 4
securityvulns 4
nvd 4
cvelist 4
cert 2
checkpoint_advisories 3
ubuntucve 3
prion 3
exploitdb 1
chrome 1
mozilla 1
debian 1
seebug 1
nessus
nessus
RHEL 4 : Adobe Acrobat Reader (RHSA-2007:0017)
2013-01-24 00:00:00
Solaris 10 (sparc) : 121104-11 (deprecated)
2006-11-06 00:00:00
RHEL 3 : Adobe Acrobat Reader (RHSA-2007:0021)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2007:0021) Critical: Adobe Acrobat Reader security update
2007-01-22 00:00:00
(RHSA-2007:0017) Critical: Adobe Acrobat Reader security update
2007-01-11 00:00:00
kaspersky
kaspersky
KLA10032 Multiple vulnerabilities in Adobe Acrobat & Reader
2007-01-09 00:00:00
gentoo
gentoo
Adobe Acrobat Reader: Multiple vulnerabilities
2007-01-22 00:00:00
Adobe Reader: Multiple vulnerabilities
2009-10-25 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200701-16 (acroread)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200701-16 (acroread)
2008-09-24 00:00:00
SLES9: Security update for acroread
2009-10-10 00:00:00
suse
suse
remote code execution in acroread
2007-01-22 18:37:17
remote code execution in acroread, acroread_ja
2009-10-26 13:17:31
cve
cve
CVE-2006-5857
2007-01-10 02:00:00
CVE-2007-0046
2007-01-03 21:28:00
CVE-2007-0045
2007-01-03 21:28:00
securityvulns
securityvulns
[Full-disclosure] Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite
2007-01-10 00:00:00
Adobe Reader buffer overflow
2007-01-10 00:00:00
Adobe reader plugin PDF files universal crossite scripting
2007-01-04 00:00:00
nvd
nvd
CVE-2006-5857
2006-12-31 05:00:00
CVE-2007-0046
2007-01-03 21:28:00
CVE-2007-0045
2007-01-03 21:28:00
cvelist
cvelist
CVE-2006-5857
2007-01-10 02:00:00
CVE-2007-0046
2007-01-03 20:00:00
CVE-2007-0045
2007-01-03 20:00:00
cert
cert
Adobe Acrobat allows pointer overwrite via specially crafted PDF file
2007-01-19 00:00:00
Adobe Acrobat Plug-In cross domain violation
2007-01-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader Plugin Crafted URL Double Free (CVE-2007-0046)
2010-01-24 00:00:00
Update Protection against Multiple Adobe Acrobat Vulnerabilities
2007-01-21 00:00:00
Adobe Reader Plugin Malformed URL Cross-Site Scripting (APSB07-01; CVE-2007-0045; CVE-2007-0048)
2010-01-12 00:00:00
ubuntucve
ubuntucve
CVE-2007-0046
2007-01-03 00:00:00
CVE-2007-0045
2007-01-03 00:00:00
CVE-2007-1199
2007-03-02 00:00:00
prion
prion
Double free
2007-01-03 21:28:00
Cross site scripting
2007-01-03 21:28:00
Code injection
2007-03-02 21:18:00
exploitdb
exploitdb
Adobe Acrobat Reader Plugin 7.0.x - &#039;acroreader&#039; Cross-Site Scripting
2007-01-05 00:00:00
chrome
chrome
Stable, Beta update: Yahoo! Mail and Security Fixes
2009-01-28 00:00:00
mozilla
mozilla
Improvements to help protect against Cross-Site Scripting attacks — Mozilla
2007-02-23 00:00:00
debian
debian
[SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several vulnerabilities
2007-07-22 17:43:28
seebug
seebug
Adobe Reader: Multiple vulnerabilities
2009-10-27 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.927

Percentile

99.1%

JSON
Related for SOLARIS10_121104-11.NASL
nessus28redhat2kaspersky1gentoo2openvas17suse2cve4securityvulns4nvd4cvelist4cert2checkpoint_advisories3ubuntucve3prion3exploitdb1chrome1mozilla1debian1seebug1