Detections
Analytics

Debian DSA-4988-1 : libreoffice - security update

high Nessus Plugin ID 154194

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4988 advisory.

 - LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid.
 An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2. (CVE-2021-25633)

 - LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid.
 An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2. (CVE-2021-25634)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libreoffice packages.

For the stable distribution (bullseye), these problems have been fixed in version 1

See Also

https://security-tracker.debian.org/tracker/source-package/libreoffice

https://www.debian.org/security/2021/dsa-4988

https://security-tracker.debian.org/tracker/CVE-2021-25633

https://security-tracker.debian.org/tracker/CVE-2021-25634

https://packages.debian.org/source/bullseye/libreoffice

Plugin Details

Severity: High

ID: 154194

File Name: debian_DSA-4988.nasl

Version: 1.3

Type: local

Agent: unix

Published: 10/17/2021

Updated: 1/20/2022

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2021-25634

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:liblibreofficekitgtk, p-cpe:/a:debian:debian_linux:libofficebean-java, p-cpe:/a:debian:debian_linux:libreoffice, p-cpe:/a:debian:debian_linux:libreoffice-avmedia-backend-gstreamer, p-cpe:/a:debian:debian_linux:libreoffice-base, p-cpe:/a:debian:debian_linux:libreoffice-base-core, p-cpe:/a:debian:debian_linux:libreoffice-base-drivers, p-cpe:/a:debian:debian_linux:libreoffice-base-nogui, p-cpe:/a:debian:debian_linux:libreoffice-gtk3, p-cpe:/a:debian:debian_linux:libreoffice-help-ca, p-cpe:/a:debian:debian_linux:libreoffice-help-common, p-cpe:/a:debian:debian_linux:libreoffice-help-cs, p-cpe:/a:debian:debian_linux:libreoffice-help-da, p-cpe:/a:debian:debian_linux:libreoffice-help-de, p-cpe:/a:debian:debian_linux:libreoffice-help-dz, p-cpe:/a:debian:debian_linux:libreoffice-help-el, p-cpe:/a:debian:debian_linux:libreoffice-help-pt-br, p-cpe:/a:debian:debian_linux:libreoffice-help-ru, p-cpe:/a:debian:debian_linux:libreoffice-help-sk, p-cpe:/a:debian:debian_linux:libreoffice-help-sl, p-cpe:/a:debian:debian_linux:libreoffice-help-sv, p-cpe:/a:debian:debian_linux:libreoffice-help-tr, p-cpe:/a:debian:debian_linux:libreoffice-help-vi, p-cpe:/a:debian:debian_linux:libreoffice-help-zh-cn, p-cpe:/a:debian:debian_linux:libreoffice-help-zh-tw, p-cpe:/a:debian:debian_linux:libreoffice-impress, p-cpe:/a:debian:debian_linux:libreoffice-impress-nogui, p-cpe:/a:debian:debian_linux:libreoffice-java-common, p-cpe:/a:debian:debian_linux:libreoffice-kde5, p-cpe:/a:debian:debian_linux:fonts-opensymbol, p-cpe:/a:debian:debian_linux:gir1.2-lokdocview-0.1, p-cpe:/a:debian:debian_linux:libjuh-java, p-cpe:/a:debian:debian_linux:libjurt-java, p-cpe:/a:debian:debian_linux:liblibreoffice-java, p-cpe:/a:debian:debian_linux:libreoffice-calc, p-cpe:/a:debian:debian_linux:libreoffice-calc-nogui, p-cpe:/a:debian:debian_linux:libreoffice-common, p-cpe:/a:debian:debian_linux:libreoffice-core, p-cpe:/a:debian:debian_linux:libreoffice-core-nogui, p-cpe:/a:debian:debian_linux:libreoffice-dev, p-cpe:/a:debian:debian_linux:libreoffice-dev-common, p-cpe:/a:debian:debian_linux:libreoffice-dev-doc, p-cpe:/a:debian:debian_linux:libreoffice-dev-gui, p-cpe:/a:debian:debian_linux:libreoffice-draw, p-cpe:/a:debian:debian_linux:libreoffice-draw-nogui, p-cpe:/a:debian:debian_linux:libreoffice-evolution, p-cpe:/a:debian:debian_linux:libreoffice-gnome, p-cpe:/a:debian:debian_linux:libreoffice-help-en-gb, p-cpe:/a:debian:debian_linux:libreoffice-help-en-us, p-cpe:/a:debian:debian_linux:libreoffice-help-es, p-cpe:/a:debian:debian_linux:libreoffice-help-et, p-cpe:/a:debian:debian_linux:libreoffice-help-eu, p-cpe:/a:debian:debian_linux:libreoffice-help-fi, p-cpe:/a:debian:debian_linux:libreoffice-help-fr, p-cpe:/a:debian:debian_linux:libreoffice-help-gl, p-cpe:/a:debian:debian_linux:libreoffice-help-hi, p-cpe:/a:debian:debian_linux:libreoffice-help-hu, p-cpe:/a:debian:debian_linux:libreoffice-help-id, p-cpe:/a:debian:debian_linux:libreoffice-help-it, p-cpe:/a:debian:debian_linux:libreoffice-help-ja, p-cpe:/a:debian:debian_linux:libreoffice-help-km, p-cpe:/a:debian:debian_linux:libreoffice-help-ko, p-cpe:/a:debian:debian_linux:libreoffice-help-nl, p-cpe:/a:debian:debian_linux:libreoffice-help-om, p-cpe:/a:debian:debian_linux:libreoffice-help-pl, p-cpe:/a:debian:debian_linux:libreoffice-help-pt, p-cpe:/a:debian:debian_linux:libreoffice-l10n-af, p-cpe:/a:debian:debian_linux:libreoffice-l10n-am, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ar, p-cpe:/a:debian:debian_linux:libreoffice-l10n-as, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ast, p-cpe:/a:debian:debian_linux:libreoffice-l10n-be, p-cpe:/a:debian:debian_linux:libreoffice-l10n-bg, p-cpe:/a:debian:debian_linux:libreoffice-l10n-bn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-br, p-cpe:/a:debian:debian_linux:libreoffice-l10n-bs, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ca, p-cpe:/a:debian:debian_linux:libreoffice-l10n-cs, p-cpe:/a:debian:debian_linux:libreoffice-l10n-cy, p-cpe:/a:debian:debian_linux:libreoffice-l10n-da, p-cpe:/a:debian:debian_linux:libreoffice-l10n-de, p-cpe:/a:debian:debian_linux:libreoffice-l10n-dz, p-cpe:/a:debian:debian_linux:libreoffice-l10n-el, p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-gb, p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-za, p-cpe:/a:debian:debian_linux:libreoffice-l10n-eo, p-cpe:/a:debian:debian_linux:libreoffice-l10n-es, p-cpe:/a:debian:debian_linux:libreoffice-l10n-et, p-cpe:/a:debian:debian_linux:libreoffice-l10n-eu, p-cpe:/a:debian:debian_linux:libreoffice-l10n-fa, p-cpe:/a:debian:debian_linux:libreoffice-l10n-fi, p-cpe:/a:debian:debian_linux:libreoffice-l10n-fr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ga, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gd, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gu, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gug, p-cpe:/a:debian:debian_linux:libreoffice-l10n-he, p-cpe:/a:debian:debian_linux:libreoffice-l10n-hi, p-cpe:/a:debian:debian_linux:libreoffice-l10n-hr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-hu, p-cpe:/a:debian:debian_linux:libreoffice-l10n-id, p-cpe:/a:debian:debian_linux:libreoffice-l10n-in, p-cpe:/a:debian:debian_linux:libreoffice-l10n-is, p-cpe:/a:debian:debian_linux:libreoffice-l10n-it, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ja, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ka, p-cpe:/a:debian:debian_linux:libreoffice-l10n-kk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-km, p-cpe:/a:debian:debian_linux:libreoffice-l10n-kmr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-kn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ko, p-cpe:/a:debian:debian_linux:libreoffice-l10n-lt, p-cpe:/a:debian:debian_linux:libreoffice-l10n-lv, p-cpe:/a:debian:debian_linux:libreoffice-l10n-mk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ml, p-cpe:/a:debian:debian_linux:libreoffice-l10n-mn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-mr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nb, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ne, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nso, p-cpe:/a:debian:debian_linux:libreoffice-l10n-oc, p-cpe:/a:debian:debian_linux:libreoffice-l10n-om, p-cpe:/a:debian:debian_linux:libreoffice-l10n-or, p-cpe:/a:debian:debian_linux:libreoffice-l10n-pa-in, p-cpe:/a:debian:debian_linux:libreoffice-l10n-pl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt, p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt-br, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ro, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ru, p-cpe:/a:debian:debian_linux:libreoffice-l10n-rw, p-cpe:/a:debian:debian_linux:libreoffice-l10n-si, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ss, p-cpe:/a:debian:debian_linux:libreoffice-l10n-st, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sv, p-cpe:/a:debian:debian_linux:libreoffice-l10n-szl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ta, p-cpe:/a:debian:debian_linux:libreoffice-l10n-te, p-cpe:/a:debian:debian_linux:libreoffice-l10n-tg, p-cpe:/a:debian:debian_linux:libreoffice-l10n-th, p-cpe:/a:debian:debian_linux:libreoffice-l10n-tn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-tr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ts, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ug, p-cpe:/a:debian:debian_linux:libreoffice-l10n-uk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-uz, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ve, p-cpe:/a:debian:debian_linux:libreoffice-l10n-vi, p-cpe:/a:debian:debian_linux:libreoffice-kf5, p-cpe:/a:debian:debian_linux:libuno-salhelpergcc3-3, p-cpe:/a:debian:debian_linux:libunoil-java, p-cpe:/a:debian:debian_linux:libunoloader-java, p-cpe:/a:debian:debian_linux:python3-access2base, p-cpe:/a:debian:debian_linux:python3-uno, p-cpe:/a:debian:debian_linux:uno-libs-private, p-cpe:/a:debian:debian_linux:ure, cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:libreoffice-l10n-xh, p-cpe:/a:debian:debian_linux:libreoffice-l10n-za, p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-cn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-tw, p-cpe:/a:debian:debian_linux:libreoffice-l10n-zu, p-cpe:/a:debian:debian_linux:libreoffice-librelogo, p-cpe:/a:debian:debian_linux:libreoffice-math, p-cpe:/a:debian:debian_linux:libreoffice-math-nogui, p-cpe:/a:debian:debian_linux:libreoffice-mysql-connector, p-cpe:/a:debian:debian_linux:libreoffice-nlpsolver, p-cpe:/a:debian:debian_linux:libreoffice-nogui, p-cpe:/a:debian:debian_linux:libreoffice-officebean, p-cpe:/a:debian:debian_linux:libreoffice-plasma, p-cpe:/a:debian:debian_linux:libreoffice-qt5, p-cpe:/a:debian:debian_linux:libreoffice-report-builder, p-cpe:/a:debian:debian_linux:libreoffice-report-builder-bin, p-cpe:/a:debian:debian_linux:libreoffice-report-builder-bin-nogui, p-cpe:/a:debian:debian_linux:libreoffice-script-provider-bsh, p-cpe:/a:debian:debian_linux:libreoffice-script-provider-js, p-cpe:/a:debian:debian_linux:libreoffice-script-provider-python, p-cpe:/a:debian:debian_linux:libreoffice-sdbc-firebird, p-cpe:/a:debian:debian_linux:libreoffice-sdbc-hsqldb, p-cpe:/a:debian:debian_linux:libreoffice-sdbc-mysql, p-cpe:/a:debian:debian_linux:libreoffice-sdbc-postgresql, p-cpe:/a:debian:debian_linux:libreoffice-smoketest-data, p-cpe:/a:debian:debian_linux:libreoffice-style-breeze, p-cpe:/a:debian:debian_linux:libreoffice-style-colibre, p-cpe:/a:debian:debian_linux:libreoffice-style-elementary, p-cpe:/a:debian:debian_linux:libreoffice-style-karasa-jaga, p-cpe:/a:debian:debian_linux:libreoffice-style-sifr, p-cpe:/a:debian:debian_linux:libreoffice-style-sukapura, p-cpe:/a:debian:debian_linux:libreoffice-subsequentcheckbase, p-cpe:/a:debian:debian_linux:libreoffice-wiki-publisher, p-cpe:/a:debian:debian_linux:libreoffice-writer, p-cpe:/a:debian:debian_linux:libreoffice-writer-nogui, p-cpe:/a:debian:debian_linux:libreofficekit-data, p-cpe:/a:debian:debian_linux:libreofficekit-dev, p-cpe:/a:debian:debian_linux:libridl-java, p-cpe:/a:debian:debian_linux:libuno-cppu3, p-cpe:/a:debian:debian_linux:libuno-cppuhelpergcc3-3, p-cpe:/a:debian:debian_linux:libuno-purpenvhelpergcc3-3, p-cpe:/a:debian:debian_linux:libuno-sal3

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 10/16/2021

Vulnerability Publication Date: 10/11/2021

Reference Information

CVE: CVE-2021-25633, CVE-2021-25634