検出

RHEL 6 : libreoffice (RHSA-2015:1458)

critical Nessus プラグイン ID 84950

Language:

概要

リモートの Red Hat ホストにセキュリティ更新プログラムが適用されていません。

説明

リモート Redhat Enterprise Linux 6 ホストに、RHSA-2015:1458 アドバイザリに記載されている脆弱性の影響を受けるパッケージがインストールされています。

 - libreoffice: HWP ファイルフィルターの脆弱性 (CVE-2015-1774)

Nessus はこの問題をテストしておらず、代わりにアプリケーションが自己報告するバージョン番号にのみ依存していることに注意してください。

ソリューション

影響を受けるパッケージを更新してください。

参考資料

http://www.nessus.org/u?b92945d9

https://wiki.documentfoundation.org/ReleaseNotes/4.2

https://access.redhat.com/errata/RHSA-2015:1458

https://access.redhat.com/security/updates/classification/#moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1015083

https://bugzilla.redhat.com/show_bug.cgi?id=1150048

https://bugzilla.redhat.com/show_bug.cgi?id=1209852

https://bugzilla.redhat.com/show_bug.cgi?id=1216042

プラグインの詳細

深刻度: Critical

ID: 84950

ファイル名: redhat-RHSA-2015-1458.nasl

バージョン: 2.10

タイプ: local

エージェント: unix

公開日: 2015/7/23

更新日: 2024/4/21

サポートされているセンサー: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

リスク情報

VPR

リスクファクター: Medium

スコア: 5.9

CVSS v2

リスクファクター: Medium

基本値: 6.8

現状値: 5

ベクトル: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS スコアのソース: CVE-2015-1774

CVSS v3

リスクファクター: Critical

基本値: 9.8

現状値: 8.5

ベクトル: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

現状ベクトル: CVSS:3.0/E:U/RL:O/RC:C

脆弱性情報

CPE: p-cpe:/a:redhat:enterprise_linux:autocorr-af, p-cpe:/a:redhat:enterprise_linux:autocorr-bg, p-cpe:/a:redhat:enterprise_linux:autocorr-ca, p-cpe:/a:redhat:enterprise_linux:autocorr-cs, p-cpe:/a:redhat:enterprise_linux:autocorr-da, p-cpe:/a:redhat:enterprise_linux:autocorr-de, p-cpe:/a:redhat:enterprise_linux:autocorr-en, p-cpe:/a:redhat:enterprise_linux:autocorr-es, p-cpe:/a:redhat:enterprise_linux:autocorr-fa, p-cpe:/a:redhat:enterprise_linux:autocorr-fi, p-cpe:/a:redhat:enterprise_linux:autocorr-fr, p-cpe:/a:redhat:enterprise_linux:autocorr-ga, p-cpe:/a:redhat:enterprise_linux:autocorr-hr, p-cpe:/a:redhat:enterprise_linux:autocorr-hu, p-cpe:/a:redhat:enterprise_linux:autocorr-is, p-cpe:/a:redhat:enterprise_linux:autocorr-it, p-cpe:/a:redhat:enterprise_linux:autocorr-ja, p-cpe:/a:redhat:enterprise_linux:autocorr-ko, p-cpe:/a:redhat:enterprise_linux:autocorr-lb, p-cpe:/a:redhat:enterprise_linux:autocorr-lt, p-cpe:/a:redhat:enterprise_linux:autocorr-mn, p-cpe:/a:redhat:enterprise_linux:autocorr-nl, p-cpe:/a:redhat:enterprise_linux:autocorr-pl, p-cpe:/a:redhat:enterprise_linux:autocorr-pt, p-cpe:/a:redhat:enterprise_linux:autocorr-ro, p-cpe:/a:redhat:enterprise_linux:autocorr-ru, p-cpe:/a:redhat:enterprise_linux:autocorr-sk, p-cpe:/a:redhat:enterprise_linux:autocorr-sl, p-cpe:/a:redhat:enterprise_linux:autocorr-sr, p-cpe:/a:redhat:enterprise_linux:autocorr-sv, p-cpe:/a:redhat:enterprise_linux:autocorr-tr, p-cpe:/a:redhat:enterprise_linux:autocorr-vi, p-cpe:/a:redhat:enterprise_linux:autocorr-zh, p-cpe:/a:redhat:enterprise_linux:libreoffice, p-cpe:/a:redhat:enterprise_linux:libreoffice-base, p-cpe:/a:redhat:enterprise_linux:libreoffice-bsh, p-cpe:/a:redhat:enterprise_linux:libreoffice-calc, p-cpe:/a:redhat:enterprise_linux:libreoffice-core, p-cpe:/a:redhat:enterprise_linux:libreoffice-draw, p-cpe:/a:redhat:enterprise_linux:libreoffice-emailmerge, p-cpe:/a:redhat:enterprise_linux:libreoffice-filters, p-cpe:/a:redhat:enterprise_linux:libreoffice-gdb-debug-support, p-cpe:/a:redhat:enterprise_linux:libreoffice-glade, p-cpe:/a:redhat:enterprise_linux:libreoffice-graphicfilter, p-cpe:/a:redhat:enterprise_linux:libreoffice-headless, p-cpe:/a:redhat:enterprise_linux:libreoffice-impress, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-af, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ar, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-as, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-bg, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-bn, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ca, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-cs, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-cy, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-da, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-de, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-dz, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-el, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-en, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-es, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-et, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-eu, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-fi, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-fr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ga, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-gl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-gu, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-he, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hi, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hu, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-it, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ja, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-kn, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ko, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-lt, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-mai, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ml, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-mr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ms, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nb, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nn, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nso, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-or, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pa, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pt-br, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pt-pt, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ro, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ru, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sk, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sl, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ss, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-st, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sv, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ta, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-te, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-th, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-tn, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-tr, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ts, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-uk, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ur, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ve, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-xh, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zh-hans, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zh-hant, p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zu, p-cpe:/a:redhat:enterprise_linux:libreoffice-librelogo, p-cpe:/a:redhat:enterprise_linux:libreoffice-math, p-cpe:/a:redhat:enterprise_linux:libreoffice-nlpsolver, p-cpe:/a:redhat:enterprise_linux:libreoffice-ogltrans, p-cpe:/a:redhat:enterprise_linux:libreoffice-opensymbol-fonts, p-cpe:/a:redhat:enterprise_linux:libreoffice-pdfimport, p-cpe:/a:redhat:enterprise_linux:libreoffice-pyuno, p-cpe:/a:redhat:enterprise_linux:libreoffice-rhino, p-cpe:/a:redhat:enterprise_linux:libreoffice-sdk, p-cpe:/a:redhat:enterprise_linux:libreoffice-sdk-doc, p-cpe:/a:redhat:enterprise_linux:libreoffice-ure, p-cpe:/a:redhat:enterprise_linux:libreoffice-wiki-publisher, p-cpe:/a:redhat:enterprise_linux:libreoffice-writer, p-cpe:/a:redhat:enterprise_linux:libreoffice-xsltfilter, cpe:/o:redhat:enterprise_linux:6

必要な KB アイテム: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

エクスプロイトの容易さ: No known exploits are available

パッチ公開日: 2015/7/22

脆弱性公開日: 2015/4/28

参照情報

CVE: CVE-2015-1774

BID: 74338

CWE: 822

RHSA: 2015:1458