SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionUpdated mozilla packages based on version 1.4.3 that fix a number of security issues for Red Hat Enterprise Linux are now available.
Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.
A number of flaws have been found in Mozilla 1.4 that have been fixed in the Mozilla 1.4.3 release :
During a source code audit, Chris Evans discovered a buffer overflow and integer overflows which affect the libpng code inside Mozilla. An attacker could create a carefully crafted PNG file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image was viewed. (CVE-2004-0597, CVE-2004-0599)
Zen Parse reported a flaw in the POP3 capability. A malicious POP3 server could send a carefully crafted response that would cause a heap overflow and potentially allow execution of arbitrary code as the user running Mozilla. (CVE-2004-0757)
Marcel Boesch found a flaw that allows a CA certificate to be imported with a DN the same as that of the built-in CA root certificates, which can cause a denial of service to SSL pages, as the malicious certificate is treated as invalid. (CVE-2004-0758)
Mindlock Security reported a flaw in ftp URI handling. By using a NULL character (%00) in a ftp URI, Mozilla can be confused into opening a resource as a different MIME type. (CVE-2004-0760)
Mozilla does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates website spoofing and other attacks, also known as the frame injection vulnerability. (CVE-2004-0718)
Tolga Tarhan reported a flaw that can allow a malicious webpage to use a redirect sequence to spoof the security lock icon that makes a webpage appear to be encrypted. (CVE-2004-0761)
Jesse Ruderman reported a security issue that affects a number of browsers including Mozilla that could allow malicious websites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. (CVE-2004-0762)
Mozilla allowed malicious websites to hijack the user interface via the 'chrome' flag and XML User Interface Language (XUL) files.
The cert_TestHostName function in Mozilla only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN). This flaw could be used for spoofing if an attacker had control of machines on a default DNS search path. (CVE-2004-0765)
All users are advised to update to these erratum packages which contain a snapshot of Mozilla 1.4.3 including backported fixes and are not vulnerable to these issues.
SolutionUpdate the affected packages.
File Name: redhat-RHSA-2004-421.nasl
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent
Temporal Vector: E:H/RL:OF/RC:C
CPE: p-cpe:/a:redhat:enterprise_linux:galeon, p-cpe:/a:redhat:enterprise_linux:mozilla, p-cpe:/a:redhat:enterprise_linux:mozilla-chat, p-cpe:/a:redhat:enterprise_linux:mozilla-devel, p-cpe:/a:redhat:enterprise_linux:mozilla-dom-inspector, p-cpe:/a:redhat:enterprise_linux:mozilla-js-debugger, p-cpe:/a:redhat:enterprise_linux:mozilla-mail, p-cpe:/a:redhat:enterprise_linux:mozilla-nspr, p-cpe:/a:redhat:enterprise_linux:mozilla-nspr-devel, p-cpe:/a:redhat:enterprise_linux:mozilla-nss, p-cpe:/a:redhat:enterprise_linux:mozilla-nss-devel, cpe:/o:redhat:enterprise_linux:2.1, cpe:/o:redhat:enterprise_linux:3
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: Exploits are available
Patch Publication Date: 8/4/2004
Vulnerability Publication Date: 7/27/2004
CVE: CVE-2004-0597, CVE-2004-0599, CVE-2004-0718, CVE-2004-0722, CVE-2004-0757, CVE-2004-0758, CVE-2004-0759, CVE-2004-0760, CVE-2004-0761, CVE-2004-0762, CVE-2004-0763, CVE-2004-0764, CVE-2004-0765