Test ID:	1.3.6.1.4.1.25623.1.0.59007
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2007-213-01)
Summary:	The remote host is missing an update for the 'firefox' package(s) announced via the SSA:2007-213-01 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox' package(s) announced via the SSA:2007-213-01 advisory. Vulnerability Insight: New mozilla-firefox packages are available for Slackware 11.0 and 12.0 to fix security issues. Note that Firefox 1.5.x has reached its EOL (end of life) and is no longer being updated by mozilla.com. Users of Firefox 1.5.x are encouraged to upgrade to Firefox 2.x. Since we use the official Firefox binaries, these packages should work equally well on earlier Slackware systems. More details about the security issues may be found at this link: [link moved to references] Here are the details from the Slackware 12.0 ChangeLog: +--------------------------+ patches/packages/mozilla-firefox-2.0.0.6-i686-1.tgz: Upgraded to firefox-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'firefox' package(s) on Slackware 11.0, Slackware 12.0. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3844 1018479 http://securitytracker.com/id?1018479 1018480 http://securitytracker.com/id?1018480 1018481 http://securitytracker.com/id?1018481 103177 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1 20070801 FLEA-2007-0039-1 firefox http://www.securityfocus.com/archive/1/475265/100/200/threaded 20070803 FLEA-2007-0040-1 thunderbird http://www.securityfocus.com/archive/1/475450/30/5550/threaded 201516 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1 25142 http://www.securityfocus.com/bid/25142 26234 http://secunia.com/advisories/26234 26258 http://secunia.com/advisories/26258 26288 http://secunia.com/advisories/26288 26303 http://secunia.com/advisories/26303 26309 http://secunia.com/advisories/26309 26331 http://secunia.com/advisories/26331 26335 http://secunia.com/advisories/26335 26393 http://secunia.com/advisories/26393 26460 http://secunia.com/advisories/26460 26572 http://secunia.com/advisories/26572 27276 http://secunia.com/advisories/27276 27298 http://secunia.com/advisories/27298 27325 http://secunia.com/advisories/27325 27326 http://secunia.com/advisories/27326 27327 http://secunia.com/advisories/27327 27356 http://secunia.com/advisories/27356 27414 http://secunia.com/advisories/27414 27680 http://secunia.com/advisories/27680 28135 http://secunia.com/advisories/28135 28363 http://secunia.com/advisories/28363 ADV-2007-3587 http://www.vupen.com/english/advisories/2007/3587 ADV-2007-4256 http://www.vupen.com/english/advisories/2007/4256 ADV-2008-0082 http://www.vupen.com/english/advisories/2008/0082 DSA-1344 http://www.debian.org/security/2007/dsa-1344 DSA-1345 http://www.debian.org/security/2007/dsa-1345 DSA-1346 http://www.debian.org/security/2007/dsa-1346 DSA-1391 http://www.debian.org/security/2007/dsa-1391 FEDORA-2007-2601 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html FEDORA-2007-3431 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html GLSA-200708-09 http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml HPSBUX02153 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 HPSBUX02156 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 MDKSA-2007:152 http://www.mandriva.com/security/advisories?name=MDKSA-2007:152 MDVSA-2007:047 http://www.mandriva.com/security/advisories?name=MDVSA-2007:047 MDVSA-2008:047 http://www.mandriva.com/security/advisories?name=MDVSA-2008:047 RHSA-2007:0979 http://www.redhat.com/support/errata/RHSA-2007-0979.html RHSA-2007:0980 http://www.redhat.com/support/errata/RHSA-2007-0980.html RHSA-2007:0981 http://www.redhat.com/support/errata/RHSA-2007-0981.html SSA:2007-213-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101 SSRT061181 SSRT061236 SUSE-SA:2007:057 http://www.novell.com/linux/security/advisories/2007_57_mozilla.html USN-493-1 http://www.ubuntu.com/usn/usn-493-1 USN-503-1 http://www.ubuntu.com/usn/usn-503-1 http://bugzilla.mozilla.org/show_bug.cgi?id=388121 http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html http://www.mozilla.org/security/announce/2007/mfsa2007-26.html https://issues.rpath.com/browse/RPL-1600 oval:org.mitre.oval:def:9493 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9493 Common Vulnerability Exposure (CVE) ID: CVE-2007-3845 25053 http://www.securityfocus.com/bid/25053 http://bugzilla.mozilla.org/show_bug.cgi?id=389580 http://www.mozilla.org/security/announce/2007/mfsa2007-27.html https://bugzilla.mozilla.org/show_bug.cgi?id=389106
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.