Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-082.nasl < prev next >

Wrap

Text File | 2005-01-14 | 5KB | 190 lines

# # (C) Tenable Network Security # # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:082 # if ( ! defined_func("bn_random") ) exit(0); if(description) { script_id(14331); script_version ("$Revision: 1.2 $"); script_cve_id("CAN-2004-0597", "CAN-2004-0598", "CAN-2004-0599"); name["english"] = "MDKSA-2004:082: mozilla"; script_name(english:name["english"]); desc["english"] = " The remote host is missing the patch for the advisory MDKSA-2004:082 (mozilla). A number of security vulnerabilities in mozilla are addressed by this update for Mandrakelinux 10.0 users, including a fix for frame spoofing, a fixed popup XPInstall/security dialog bug, a fix for untrusted chrome calls, a fix for SSL certificate spoofing, a fix for stealing secure HTTP Auth passwords via DNS spoofing, a fix for insecure matching of cert names for non-FQDNs, a fix for focus redefinition from another domain, a fix for a SOAP parameter overflow, a fix for text drag on file entry, a fix for certificate DoS, and a fix for lock icon and cert spoofing. Additionally, mozilla for both Mandrakelinux 9.2 and 10.0 have been rebuilt to use the system libjpeg and libpng which addresses vulnerabilities discovered in libpng (ref: MDKSA-2004:079). Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:082 Risk factor : High"; script_description(english:desc["english"]); summary["english"] = "Check for the version of the mozilla package"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security"); family["english"] = "Mandrake Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Mandrake/rpm-list"); exit(0); } include("rpm.inc"); if ( rpm_check( reference:"libnspr4-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libnspr4-devel-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libnss3-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libnss3-devel-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-devel-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-enigmail-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-enigmime-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-irc-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-js-debugger-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-mail-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-spellchecker-1.6-12.1.100mdk", release:"MDK10.0", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libnspr4-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libnspr4-devel-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libnss3-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"libnss3-devel-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-devel-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-dom-inspector-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-enigmail-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-enigmime-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-irc-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-js-debugger-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-mail-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if ( rpm_check( reference:"mozilla-spellchecker-1.4-13.3.92mdk", release:"MDK9.2", yank:"mdk") ) { security_hole(0); exit(0); } if (rpm_exists(rpm:"mozilla-", release:"MDK10.0") || rpm_exists(rpm:"mozilla-", release:"MDK9.2") ) { set_kb_item(name:"CAN-2004-0597", value:TRUE); set_kb_item(name:"CAN-2004-0598", value:TRUE); set_kb_item(name:"CAN-2004-0599", value:TRUE); }