Lucene search
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2656-1.NASLHistoryJul 13, 2015 - 12:00 a.m.
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2656-1)
2015-07-1300:00:00
Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
32
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
3.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
7.1
Confidence
Low
EPSS
0.974
Percentile
99.9%
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2656-1 advisory.
Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine.
If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. (CVE-2015-2721)
Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-2722, CVE-2015-2733)
Bob Clary, Christian Holler, Bobby Holley, Andrew McCreight, Terrence Cole, Steve Fink, Mats Palmgren, Wes Kocher, Andreas Pehrson, Tooru Fujisawa, Andrew Sutherland, and Gary Kwong discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-2724, CVE-2015-2725, CVE-2015-2726)
Armin Razmdjou discovered that opening hyperlinks with specific mouse and key combinations could allow a Chrome privileged URL to be opened without context restrictions being preserved. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. (CVE-2015-2727)
Paul Bandha discovered a type confusion bug in the Indexed DB Manager. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox.
(CVE-2015-2728)
Holger Fuhrmannek discovered an out-of-bounds read in Web Audio. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information.
(CVE-2015-2729)
Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A remote attacker could possibly use this issue to spoof ECDSA signatures. (CVE-2015-2730)
A use-after-free was discovered when a Content Policy modifies the DOM to remove a DOM object. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2015-2731)
Ronald Crane discovered multiple security vulnerabilities. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox.
(CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740)
David Keeler discovered that key pinning checks can be skipped when an overridable certificate error occurs. This allows a user to manually override an error for a fake certificate, but cannot be exploited on its own. (CVE-2015-2741)
Jonas Jenwald discovered that some internal workers were incorrectly executed with a high privilege. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this in combination with another security vulnerability, to execute arbitrary code in a privileged scope.
(CVE-2015-2743)
Matthew Green discovered a DHE key processing issue in NSS where a MITM could force a server to downgrade TLS connections to 512-bit export-grade cryptography. An attacker could potentially exploit this to impersonate the server. (CVE-2015-4000)
Tenable has extracted the preceding description block directly from the Ubuntu security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2656-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(84664);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/08/28");
script_cve_id(
"CVE-2015-2721",
"CVE-2015-2722",
"CVE-2015-2724",
"CVE-2015-2725",
"CVE-2015-2726",
"CVE-2015-2727",
"CVE-2015-2728",
"CVE-2015-2729",
"CVE-2015-2730",
"CVE-2015-2731",
"CVE-2015-2733",
"CVE-2015-2734",
"CVE-2015-2735",
"CVE-2015-2736",
"CVE-2015-2737",
"CVE-2015-2738",
"CVE-2015-2739",
"CVE-2015-2740",
"CVE-2015-2741",
"CVE-2015-2743",
"CVE-2015-4000"
);
script_bugtraq_id(74733, 75541);
script_xref(name:"USN", value:"2656-1");
script_xref(name:"CEA-ID", value:"CEA-2021-0004");
script_name(english:"Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2656-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in
the USN-2656-1 advisory.
Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine.
If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to
skip the ServerKeyExchange message and remove the forward-secrecy property. (CVE-2015-2721)
Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in some circumstances. If a user
were tricked in to opening a specially crafted website, an attacker could potentially exploit these to
cause a denial of service via application crash, or execute arbitrary code with the privileges of the user
invoking Firefox. (CVE-2015-2722, CVE-2015-2733)
Bob Clary, Christian Holler, Bobby Holley, Andrew McCreight, Terrence Cole, Steve Fink, Mats Palmgren, Wes
Kocher, Andreas Pehrson, Tooru Fujisawa, Andrew Sutherland, and Gary Kwong discovered multiple memory
safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit these to cause a denial of service via application crash, or execute arbitrary
code with the privileges of the user invoking Firefox. (CVE-2015-2724, CVE-2015-2725, CVE-2015-2726)
Armin Razmdjou discovered that opening hyperlinks with specific mouse and key combinations could allow a
Chrome privileged URL to be opened without context restrictions being preserved. If a user were tricked in
to opening a specially crafted website, an attacker could potentially exploit this to bypass security
restrictions. (CVE-2015-2727)
Paul Bandha discovered a type confusion bug in the Indexed DB Manager. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit this to cause a denial of
service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox.
(CVE-2015-2728)
Holger Fuhrmannek discovered an out-of-bounds read in Web Audio. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to obtain sensitive information.
(CVE-2015-2729)
Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A
remote attacker could possibly use this issue to spoof ECDSA signatures. (CVE-2015-2730)
A use-after-free was discovered when a Content Policy modifies the DOM to remove a DOM object. If a user
were tricked in to opening a specially crafted website, an attacker could potentially exploit this to
cause a denial of service via application crash or execute arbitrary code with the priviliges of the user
invoking Firefox. (CVE-2015-2731)
Ronald Crane discovered multiple security vulnerabilities. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit these to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the user invoking Firefox.
(CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740)
David Keeler discovered that key pinning checks can be skipped when an overridable certificate error
occurs. This allows a user to manually override an error for a fake certificate, but cannot be exploited
on its own. (CVE-2015-2741)
Jonas Jenwald discovered that some internal workers were incorrectly executed with a high privilege. If a
user were tricked in to opening a specially crafted website, an attacker could potentially exploit this in
combination with another security vulnerability, to execute arbitrary code in a privileged scope.
(CVE-2015-2743)
Matthew Green discovered a DHE key processing issue in NSS where a MITM could force a server to downgrade
TLS connections to 512-bit export-grade cryptography. An attacker could potentially exploit this to
impersonate the server. (CVE-2015-4000)
Tenable has extracted the preceding description block directly from the Ubuntu security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2656-1");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-2740");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2015-4000");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/21");
script_set_attribute(attribute:"patch_publication_date", value:"2015/07/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-globalmenu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-af");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-an");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ar");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-as");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ast");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-az");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-be");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-br");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-bs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ca");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-da");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-de");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-el");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-en");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-es");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-eu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-fy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ga");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-he");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hsb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-hy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-id");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-is");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ja");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ka");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-km");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-kn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ku");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-lv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mai");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-mr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-nso");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-oc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-or");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ru");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-si");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sq");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-sw");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ta");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-th");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-tr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-uz");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-vi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hans");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zh-hant");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-locale-zu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox-testsuite");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '14.04', 'pkgname': 'firefox', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-dev', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-globalmenu', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-af', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-an', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ar', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-as', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ast', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-az', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-be', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-bg', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-bn', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-br', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-bs', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ca', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-cs', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-csb', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-cy', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-da', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-de', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-el', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-en', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-eo', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-es', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-et', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-eu', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fa', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fi', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fr', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-fy', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ga', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-gd', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-gl', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-gu', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-he', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hi', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hr', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hsb', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hu', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-hy', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-id', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-is', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-it', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ja', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ka', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-kk', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-km', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-kn', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ko', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ku', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-lg', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-lt', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-lv', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mai', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mk', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ml', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mn', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-mr', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ms', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nb', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nl', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nn', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-nso', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-oc', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-or', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-pa', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-pl', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-pt', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ro', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ru', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-si', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sk', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sl', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sq', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sr', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sv', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-sw', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-ta', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-te', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-th', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-tr', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-uk', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-uz', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-vi', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-xh', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-zh-hans', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-zh-hant', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-locale-zu', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-mozsymbols', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'},
{'osver': '14.04', 'pkgname': 'firefox-testsuite', 'pkgver': '39.0+build5-0ubuntu0.14.04.1'}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
var extra = '';
extra += ubuntu_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-dev / firefox-globalmenu / firefox-locale-af / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | firefox-locale-it | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-it |
| canonical | ubuntu_linux | firefox-locale-ko | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ko |
| canonical | ubuntu_linux | firefox-locale-ro | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-ro |
| canonical | ubuntu_linux | firefox-locale-xh | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-xh |
| canonical | ubuntu_linux | firefox-locale-pa | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-pa |
| canonical | ubuntu_linux | firefox-locale-te | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-te |
| canonical | ubuntu_linux | firefox-locale-csb | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-csb |
| canonical | ubuntu_linux | firefox-locale-gu | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-gu |
| canonical | ubuntu_linux | firefox-locale-et | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-et |
| canonical | ubuntu_linux | firefox-locale-cy | p-cpe:/a:canonical:ubuntu_linux:firefox-locale-cy |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2721
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2722
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2725
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2728
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2741
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
ubuntu.com/security/notices/USN-2656-1
Related
openvas
openvas
Ubuntu: Security Advisory (USN-2656-2)
2015-07-16 00:00:00
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1229-1)
2015-07-14 00:00:00
Ubuntu: Security Advisory (USN-2656-1)
2015-07-10 00:00:00
suse
suse
Security update for MozillaFirefox, mozilla-nss (important)
2015-07-13 11:07:56
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-07-20 11:08:17
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-07-20 12:08:39
ubuntu
ubuntu
Firefox vulnerabilities
2015-07-15 00:00:00
Firefox vulnerabilities
2015-07-09 00:00:00
Thunderbird vulnerabilities
2015-07-20 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : firefox vulnerabilities (USN-2656-2) (Logjam)
2015-07-16 00:00:00
openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2015-480) (Logjam)
2015-07-14 00:00:00
Firefox ESR < 38.1 Multiple Vulnerabilities (Logjam)
2015-07-07 00:00:00
veracode
veracode
Buffer Overflow
2019-05-02 05:40:24
Buffer Overflow
2019-05-02 05:40:24
Buffer Overflow
2019-05-02 05:40:25
kaspersky
kaspersky
KLA10622 Multiple vulnerabilities in Mozilla products
2015-07-02 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-07-13 00:00:00
centos
centos
firefox security update
2015-07-06 14:50:33
thunderbird security update
2015-07-20 18:55:36
nss security update
2015-08-24 18:12:13
oraclelinux
oraclelinux
firefox security update
2015-07-03 00:00:00
thunderbird security update
2015-07-20 00:00:00
nss security, bug fix, and enhancement update
2015-08-24 00:00:00
redhat
redhat
(RHSA-2015:1207) Critical: firefox security update
2015-07-02 00:00:00
(RHSA-2015:1455) Important: thunderbird security update
2015-07-20 00:00:00
(RHSA-2015:1664) Moderate: nss security, bug fix, and enhancement update
2015-08-24 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-07-03 00:00:00
thunderbird: multiple issues
2015-07-11 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-07-02 00:00:00
mageia
mageia
Updated firefox package fixes security vulnerability
2015-07-05 20:22:03
Updated thunderbird package fixes security vulnerabilities
2015-07-27 20:18:02
osv
osv
iceweasel - security update
2015-07-04 00:00:00
nss - security update
2015-09-27 00:00:00
nss - security update
2015-08-17 00:00:00
debian
debian
[SECURITY] [DSA 3300-1] iceweasel security update
2015-07-03 22:06:18
[SECURITY] [DSA 3324-1] icedove security update
2015-08-01 17:09:46
[SECURITY] [DLA 315-1] nss security update
2015-09-27 11:36:03
mozilla
mozilla
Vulnerabilities found through code inspection — Mozilla
2015-07-02 00:00:00
Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1) — Mozilla
2015-07-02 00:00:00
Use-after-free in workers while using XMLHttpRequest — Mozilla
2015-07-02 00:00:00
ibm
ibm
ubuntucve
ubuntucve
prion
prion
Design/Logic Flaw
2015-07-06 02:01:00
Buffer overflow
2015-07-06 02:01:00
Memory corruption
2015-07-06 02:01:00
cvelist
cvelist
nvd
nvd
cve
cve
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
3.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
7.1
Confidence
Low
EPSS
0.974
Percentile
99.9%
Related for UBUNTU_USN-2656-1.NASL