Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_0_OPENOFFICE_ORG-100622.NASL
HistoryJul 19, 2010 - 12:00 a.m.

openSUSE Security Update : OpenOffice_org (openSUSE-SU-2010:0386-1)

2010-07-1900:00:00
This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.062 Low

EPSS

Percentile

93.6%

JSON

This update of OpenOffice_org does not allow macros written in Python to be executed without permission, CVE-2010-0395.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update OpenOffice_org-2581.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(47755);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2010-0395");

  script_name(english:"openSUSE Security Update : OpenOffice_org (openSUSE-SU-2010:0386-1)");
  script_summary(english:"Check for the OpenOffice_org-2581 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update of OpenOffice_org does not allow macros written in Python
to be executed without permission, CVE-2010-0395."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=607095"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2010-07/msg00016.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected OpenOffice_org packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-branding-upstream");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-calc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-draw");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-filters");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-gnome");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-icon-themes-prebuilt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-impress");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-kde");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-mailmerge");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-math");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-mono");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-officebean");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-pyuno");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-sdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-testtool");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:OpenOffice_org-writer");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/06/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/19");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-base-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-branding-upstream-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-calc-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-devel-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-draw-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-filters-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-gnome-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-icon-themes-prebuilt-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-impress-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-kde-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-mailmerge-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-math-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-mono-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-officebean-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-pyuno-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-sdk-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-testtool-2.4.0.14-1.8") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"OpenOffice_org-writer-2.4.0.14-1.8") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "OpenOffice");
}
VendorProductVersionCPE
novellopensuseopenoffice_orgp-cpe:/a:novell:opensuse:openoffice_org
novellopensuseopenoffice_org-basep-cpe:/a:novell:opensuse:openoffice_org-base
novellopensuseopenoffice_org-branding-upstreamp-cpe:/a:novell:opensuse:openoffice_org-branding-upstream
novellopensuseopenoffice_org-calcp-cpe:/a:novell:opensuse:openoffice_org-calc
novellopensuseopenoffice_org-develp-cpe:/a:novell:opensuse:openoffice_org-devel
novellopensuseopenoffice_org-drawp-cpe:/a:novell:opensuse:openoffice_org-draw
novellopensuseopenoffice_org-filtersp-cpe:/a:novell:opensuse:openoffice_org-filters
novellopensuseopenoffice_org-gnomep-cpe:/a:novell:opensuse:openoffice_org-gnome
novellopensuseopenoffice_org-icon-themes-prebuiltp-cpe:/a:novell:opensuse:openoffice_org-icon-themes-prebuilt
novellopensuseopenoffice_org-impressp-cpe:/a:novell:opensuse:openoffice_org-impress
Rows per page:
1-10 of 201

Related

nvd 1
openvas 19
nessus 19
cve 1
debian 4
cvelist 1
ubuntu 1
centos 1
osv 1
fedora 4
ubuntucve 1
veracode 1
redhat 1
prion 1
gentoo 1
securityvulns 2
oracle 1
nvd
nvd
CVE-2010-0395
2010-06-10 00:30:07
openvas
openvas
RedHat Update for openoffice.org RHSA-2010:0459-01
2010-06-11 00:00:00
RedHat Update for openoffice.org RHSA-2010:0459-01
2010-06-11 00:00:00
CentOS Update for openoffice.org-base CESA-2010:0459 centos5 i386
2011-08-09 00:00:00
nessus
nessus
openSUSE Security Update : OpenOffice_org-base-drivers-postgresql (openSUSE-SU-2010:0386-1)
2010-07-19 00:00:00
SuSE 11 / 11.1 Security Update : OpenOffice_org (SAT Patch Numbers 2586 / 2589)
2010-12-02 00:00:00
Fedora 12 : openoffice.org-3.1.1-19.32.fc12 (2010-9576)
2010-07-01 00:00:00
cve
cve
CVE-2010-0395
2010-06-10 00:30:07
debian
debian
[Backports-security-announce] Security update for openoffice.org
2010-06-06 10:15:12
[Backports-security-announce] Security update for openoffice.org
2010-06-06 10:09:09
[Backports-security-announce] Security update for openoffice.org
2010-06-06 10:09:09
cvelist
cvelist
CVE-2010-0395
2010-06-10 00:00:00
ubuntu
ubuntu
OpenOffice.org vulnerability
2010-06-08 00:00:00
centos
centos
openoffice.org security update
2010-06-15 16:14:36
osv
osv
openoffice.org - arbitrary code execution
2010-06-05 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: openoffice.org-3.2.0-12.24.fc13
2010-06-07 22:26:51
[SECURITY] Fedora 11 Update: openoffice.org-3.1.1-19.13.fc11
2010-06-07 22:26:04
[SECURITY] Fedora 12 Update: openoffice.org-3.1.1-19.32.fc12
2010-06-07 22:16:55
ubuntucve
ubuntucve
CVE-2010-0395
2010-06-08 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:45:15
redhat
redhat
(RHSA-2010:0459) Moderate: openoffice.org security update
2010-06-07 00:00:00
prion
prion
Code injection
2010-06-10 00:30:00
gentoo
gentoo
OpenOffice, LibreOffice: Multiple vulnerabilities
2014-08-31 00:00:00
securityvulns
securityvulns
Oracle Critical Patch Update Advisory - October 2010
2010-10-13 00:00:00
Oracle / Sun / Peoplesoft applications multiple security vulnerabilities
2011-07-18 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2010
2010-10-12 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.062 Low

EPSS

Percentile

93.6%

JSON
Related for SUSE_11_0_OPENOFFICE_ORG-100622.NASL
nvd1openvas19nessus19cve1debian4cvelist1ubuntu1centos1osv1fedora4ubuntucve1veracode1redhat1prion1gentoo1securityvulns2oracle1