Detections
Analytics
CentOS 4 / 5 : firefox / xulrunner (CESA-2011:1268)
high Nessus Plugin ID 56129
Language:
Synopsis
The remote CentOS host is missing one or more security updates.Description
Updated firefox packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.The Red Hat Security Response Team has rated this update as having important security impact.
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.
The RHSA-2011:1242 Firefox update rendered HTTPS certificates signed by a certain Certificate Authority (CA) as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted.
(BZ#735483)
All Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.22. After installing the update, Firefox must be restarted for the changes to take effect.
Solution
Update the affected firefox and / or xulrunner packages.See Also
http://www.nessus.org/u?87b44bea
http://www.nessus.org/u?ca4f478c
http://www.nessus.org/u?a8afaf17
http://www.nessus.org/u?e6e82e1e
http://www.nessus.org/u?7b533f4b
http://www.nessus.org/u?c982185f
Plugin Details
Severity: High
ID: 56129
File Name: centos_RHSA-2011-1268.nasl
Version: 1.11
Type: local
Agent: unix
Family: CentOS Local Security Checks
Published: 9/9/2011
Updated: 1/4/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus
Vulnerability Information
CPE: p-cpe:/a:centos:centos:xulrunner, p-cpe:/a:centos:centos:firefox, cpe:/o:centos:centos:4, cpe:/o:centos:centos:5, p-cpe:/a:centos:centos:xulrunner-devel
Required KB Items: Host/local_checks_enabled, Host/CentOS/release, Host/CentOS/rpm-list
Patch Publication Date: 9/8/2011
Vulnerability Publication Date: 9/8/2011
Reference Information
RHSA: 2011:1268