Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)

CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly

CVE-2009-2654 firefox: URL bar spoofing vulnerability

CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes

CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine crashes

CVE-2009-3076 Firefox 3.0.14 Insufficient warning for PKCS11 module
installation and removal

CVE-2009-3077 Firefox 3.5.3 3.0.14 TreeColumns dangling pointer
vulnerability

Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause SeaMonkey to crash
or, potentially, execute arbitrary code with the privileges of the
user running SeaMonkey. (CVE-2009-3072, CVE-2009-3075)

A use-after-free flaw was found in SeaMonkey. An attacker could use
this flaw to crash SeaMonkey or, potentially, execute arbitrary code
with the privileges of the user running SeaMonkey. (CVE-2009-3077)

Dan Kaminsky discovered flaws in the way browsers such as SeaMonkey
handle NULL characters in a certificate. If an attacker is able to get
a carefully-crafted certificate signed by a Certificate Authority
trusted by SeaMonkey, the attacker could use the certificate during a
man-in-the-middle attack and potentially confuse SeaMonkey into
accepting it by mistake. (CVE-2009-2408)

Descriptions in the dialogs when adding and removing PKCS #11 modules
were not informative. An attacker able to trick a user into installing
a malicious PKCS #11 module could use this flaw to install their own
Certificate Authority certificates on a user's machine, making it
possible to trick the user into believing they are viewing a trusted
site or, potentially, execute arbitrary code with the privileges of
the user running SeaMonkey. (CVE-2009-3076)

A flaw was found in the way SeaMonkey displays the address bar when
window.open() is called in a certain way. An attacker could use this
flaw to conceal a malicious URL, possibly tricking a user into
believing they are viewing a trusted site. (CVE-2009-2654)

Dan Kaminsky found that browsers still accept certificates with MD2
hash signatures, even though MD2 is no longer considered a
cryptographically strong algorithm. This could make it easier for an
attacker to create a malicious certificate that would be treated as
trusted by a browser. NSS (provided by SeaMonkey) now disables the use
of MD2 and MD4 algorithms inside signatures by default.
(CVE-2009-2409)

After installing the update, SeaMonkey must be restarted for the
changes to take effect.

See also :

http://www.nessus.org/u?bc11d588

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60665 ()

Bugtraq ID:

CVE ID: CVE-2009-2408
CVE-2009-2409
CVE-2009-2654
CVE-2009-3072
CVE-2009-3075
CVE-2009-3076
CVE-2009-3077