Debian DLA-3368-1:libreoffice - LTS 安全性更新

high Nessus Plugin ID 173416

概要

遠端 Debian 主機上缺少一個或多個安全性更新。

說明

遠端 Debian 10 主機上安裝的多個套件受到 dla-3368 公告中提及的多個弱點影響。

- LibreOffice 支援 ODF 文件和文件中的巨集數位簽章,呈現自上次簽署後文件未發生任何變更的視覺輔助工具,且該簽章有效。
LibreOffice 中存在一個不當驗證憑證弱點,該弱點允許攻擊者透過操控文件中的 documentsignatures.xml 或 macrosignatures.xml 資料流來建立以數位方式簽署的 ODF 文件,進而包含 KeyInfo 標記的 X509Data 和 KeyValue 子項,而這會導致開啟 LibreOffice 時,系統使用 KeyValue 進行驗證,但卻報告使用不相關的 X509Data 值進行的驗證。
此問題會影響:早於 7.2.5 的 Document Foundation LibreOffice 7.2 版本。(CVE-2021-25636)

- LibreOffice 中存在憑證驗證不當弱點,程式僅透過比對所用憑證與受信任憑證的序號和發行者字串來判斷巨集是否由受信任的作者簽署。這不足以驗證此巨集是否確實使用此憑證簽署。因此,攻擊者可使用與受信任憑證相同的序號和發行者字串建立任意憑證,而 LibreOffice 會將此憑證顯示為屬於受信任的作者,這可能導致使用者執行錯誤信任的巨集中包含的任意程式碼。此問題會影響:Document Foundation LibreOffice 7.2 版的 7.2.7 之前版本、7.3 版的 7.3.1 之前版本。(CVE-2022-26305)

- LibreOffice 支援在使用者的組態資料庫中儲存 Web 連線的密碼,
儲存的密碼使用由使用者提供的單一主要金鑰加密。LibreOffice 中有一個缺陷,加密所需的初始化向量一律相同,這會削弱加密的安全性,若攻擊者有權存取使用者組態資料,則可對程式發動攻擊。此問題會影響:Document Foundation LibreOffice 7.2 版的 7.2.7 之前版本、7.3 版的 7.3.1 之前版本。(CVE-2022-26306)

- LibreOffice 支援在使用者的組態資料庫中儲存 Web 連線的密碼,
儲存的密碼使用由使用者提供的單一主要金鑰加密。LibreOffice 中有一個瑕疵,其中主金鑰編碼不當,導致其熵從 128 位元減弱為 43 位元,如果攻擊者有權存取使用者儲存的組態,則可對儲存的密碼執行暴力密碼破解攻擊。此問題會影響:Document Foundation LibreOffice 7.2 版的 7.2.7 之前版本、7.3 版的 7.3.3 之前版本。(CVE-2022-26307)

- LibreOffice 支援 Office URI 配置,以啟用 LibreOffice 與 MS SharePoint 伺服器的瀏覽器整合。新增 LibreOffice 專屬的其他配置「vnd.libreoffice.command」。在受影響的 LibreOffice 版本中,使用該配置的連結可被建構爲使用任意引數呼叫內部巨集。當按一下連結或由文件事件啟動此連結時,可導致在沒有警告的情況下執行任意指令碼。此問題會影響:Document Foundation LibreOffice 7.4 版的 7.4.1 之前版本、7.3 版的 7.3.6 之前版本。(CVE-2022-3140)

請注意,Nessus 並未測試這些問題,而是僅依據應用程式自我報告的版本號碼。

解決方案

升級 libreoffice 套件。

針對 Debian 10 buster,已在版本 1 中修正這些問題

另請參閱

https://security-tracker.debian.org/tracker/source-package/libreoffice

https://www.debian.org/lts/security/2023/dla-3368

https://security-tracker.debian.org/tracker/CVE-2021-25636

https://security-tracker.debian.org/tracker/CVE-2022-26305

https://security-tracker.debian.org/tracker/CVE-2022-26306

https://security-tracker.debian.org/tracker/CVE-2022-26307

https://security-tracker.debian.org/tracker/CVE-2022-3140

https://packages.debian.org/source/buster/libreoffice

Plugin 詳細資訊

嚴重性: High

ID: 173416

檔案名稱: debian_DLA-3368.nasl

版本: 1.2

類型: local

代理程式: unix

已發布: 2023/3/26

已更新: 2023/6/1

支援的感應器: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

風險資訊

VPR

風險因素: Medium

分數: 5.9

CVSS v2

風險因素: Medium

基本分數: 5

時間分數: 3.7

媒介: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS 評分資料來源: CVE-2021-25636

CVSS v3

風險因素: High

基本分數: 8.8

時間分數: 7.7

媒介: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

時間媒介: CVSS:3.0/E:U/RL:O/RC:C

CVSS 評分資料來源: CVE-2022-26307

弱點資訊

CPE: p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt, p-cpe:/a:debian:debian_linux:libreoffice-help-en-us, p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-za, p-cpe:/a:debian:debian_linux:libreoffice-avmedia-backend-vlc, p-cpe:/a:debian:debian_linux:libreoffice-librelogo, p-cpe:/a:debian:debian_linux:libreoffice-help-sv, p-cpe:/a:debian:debian_linux:libreoffice-gtk3, p-cpe:/a:debian:debian_linux:libreoffice-l10n-hi, p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-tw, p-cpe:/a:debian:debian_linux:libreoffice, p-cpe:/a:debian:debian_linux:libreoffice-l10n-in, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ka, p-cpe:/a:debian:debian_linux:libreoffice-gtk2, p-cpe:/a:debian:debian_linux:libreoffice-mysql-connector, p-cpe:/a:debian:debian_linux:libreoffice-dev, p-cpe:/a:debian:debian_linux:libreoffice-l10n-el, p-cpe:/a:debian:debian_linux:libreoffice-help-cs, p-cpe:/a:debian:debian_linux:libreoffice-l10n-hu, p-cpe:/a:debian:debian_linux:libreoffice-l10n-fa, p-cpe:/a:debian:debian_linux:libreoffice-subsequentcheckbase, p-cpe:/a:debian:debian_linux:libreoffice-help-ja, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gug, p-cpe:/a:debian:debian_linux:libreoffice-help-el, p-cpe:/a:debian:debian_linux:libreoffice-help-es, p-cpe:/a:debian:debian_linux:libreoffice-report-builder-bin, p-cpe:/a:debian:debian_linux:libreoffice-kde5, p-cpe:/a:debian:debian_linux:libreoffice-help-zh-cn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ta, p-cpe:/a:debian:debian_linux:libreoffice-base-core, p-cpe:/a:debian:debian_linux:libreoffice-l10n-bs, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nn, p-cpe:/a:debian:debian_linux:libreoffice-help-da, p-cpe:/a:debian:debian_linux:libreoffice-help-sk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-eo, p-cpe:/a:debian:debian_linux:libreoffice-style-sifr, p-cpe:/a:debian:debian_linux:libreoffice-kde, p-cpe:/a:debian:debian_linux:libreoffice-l10n-tr, p-cpe:/a:debian:debian_linux:libreoffice-help-sl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-vi, p-cpe:/a:debian:debian_linux:libreoffice-writer, p-cpe:/a:debian:debian_linux:libreoffice-l10n-dz, p-cpe:/a:debian:debian_linux:libreoffice-help-nl, p-cpe:/a:debian:debian_linux:libreoffice-pdfimport, p-cpe:/a:debian:debian_linux:libreoffice-l10n-bg, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ga, p-cpe:/a:debian:debian_linux:libreoffice-help-km, p-cpe:/a:debian:debian_linux:libreoffice-wiki-publisher, p-cpe:/a:debian:debian_linux:ure, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ast, p-cpe:/a:debian:debian_linux:libreoffice-sdbc-firebird, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ug, p-cpe:/a:debian:debian_linux:libreoffice-common, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gd, p-cpe:/a:debian:debian_linux:libreoffice-sdbc-hsqldb, p-cpe:/a:debian:debian_linux:libreoffice-math, p-cpe:/a:debian:debian_linux:libreoffice-help-en-gb, p-cpe:/a:debian:debian_linux:libreoffice-dev-common, p-cpe:/a:debian:debian_linux:libreoffice-help-dz, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-da, p-cpe:/a:debian:debian_linux:libreoffice-java-common, p-cpe:/a:debian:debian_linux:libreoffice-l10n-oc, p-cpe:/a:debian:debian_linux:libreoffice-impress, p-cpe:/a:debian:debian_linux:libreoffice-smoketest-data, p-cpe:/a:debian:debian_linux:libreoffice-style-breeze, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ne, p-cpe:/a:debian:debian_linux:libreoffice-help-pt, p-cpe:/a:debian:debian_linux:libreoffice-l10n-be, p-cpe:/a:debian:debian_linux:liblibreofficekitgtk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-cy, p-cpe:/a:debian:debian_linux:libreoffice-l10n-hr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-tg, p-cpe:/a:debian:debian_linux:libreoffice-l10n-et, p-cpe:/a:debian:debian_linux:libreoffice-help-zh-tw, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nl, p-cpe:/a:debian:debian_linux:libreoffice-help-vi, p-cpe:/a:debian:debian_linux:uno-libs3, p-cpe:/a:debian:debian_linux:fonts-opensymbol, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ko, p-cpe:/a:debian:debian_linux:libreoffice-l10n-fr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-lt, p-cpe:/a:debian:debian_linux:libreoffice-l10n-km, p-cpe:/a:debian:debian_linux:libreoffice-l10n-kk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-xh, p-cpe:/a:debian:debian_linux:libreoffice-l10n-om, p-cpe:/a:debian:debian_linux:libreoffice-help-pl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-st, p-cpe:/a:debian:debian_linux:libreoffice-l10n-si, p-cpe:/a:debian:debian_linux:libreoffice-sdbc-postgresql, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ts, p-cpe:/a:debian:debian_linux:libreoffice-help-eu, p-cpe:/a:debian:debian_linux:libreoffice-l10n-uz, p-cpe:/a:debian:debian_linux:libreoffice-style-tango, p-cpe:/a:debian:debian_linux:libreoffice-l10n-cs, p-cpe:/a:debian:debian_linux:libreoffice-gnome, p-cpe:/a:debian:debian_linux:libreoffice-dev-doc, p-cpe:/a:debian:debian_linux:libreoffice-l10n-kmr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ca, p-cpe:/a:debian:debian_linux:libreoffice-l10n-mk, p-cpe:/a:debian:debian_linux:libreoffice-help-gl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nb, p-cpe:/a:debian:debian_linux:libreoffice-help-fi, p-cpe:/a:debian:debian_linux:libreoffice-help-de, p-cpe:/a:debian:debian_linux:libreoffice-l10n-es, p-cpe:/a:debian:debian_linux:libreoffice-l10n-za, p-cpe:/a:debian:debian_linux:libreoffice-report-builder, p-cpe:/a:debian:debian_linux:libreoffice-help-om, p-cpe:/a:debian:debian_linux:libreoffice-help-pt-br, p-cpe:/a:debian:debian_linux:libreoffice-help-ru, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ja, p-cpe:/a:debian:debian_linux:python3-uno, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gu, p-cpe:/a:debian:debian_linux:libreoffice-l10n-de, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ru, p-cpe:/a:debian:debian_linux:libreoffice-calc, p-cpe:/a:debian:debian_linux:libreoffice-l10n-rw, p-cpe:/a:debian:debian_linux:libreoffice-officebean, p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt-br, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ve, p-cpe:/a:debian:debian_linux:libreoffice-script-provider-js, p-cpe:/a:debian:debian_linux:libreofficekit-data, p-cpe:/a:debian:debian_linux:libreoffice-l10n-th, p-cpe:/a:debian:debian_linux:libreoffice-l10n-pl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-gl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-as, p-cpe:/a:debian:debian_linux:libreoffice-l10n-kn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-he, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sv, p-cpe:/a:debian:debian_linux:libreoffice-base-drivers, p-cpe:/a:debian:debian_linux:libreoffice-l10n-zu, p-cpe:/a:debian:debian_linux:libreoffice-evolution, p-cpe:/a:debian:debian_linux:libreoffice-l10n-te, p-cpe:/a:debian:debian_linux:libreoffice-l10n-or, p-cpe:/a:debian:debian_linux:libreoffice-script-provider-bsh, p-cpe:/a:debian:debian_linux:libreoffice-style-colibre, p-cpe:/a:debian:debian_linux:libreoffice-help-ko, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ar, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sr, p-cpe:/a:debian:debian_linux:libreoffice-help-hi, p-cpe:/a:debian:debian_linux:libreoffice-l10n-mr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nr, p-cpe:/a:debian:debian_linux:libreoffice-script-provider-python, p-cpe:/a:debian:debian_linux:libreoffice-l10n-mn, p-cpe:/a:debian:debian_linux:libreoffice-help-it, p-cpe:/a:debian:debian_linux:libreoffice-help-fr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-sl, p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-gb, p-cpe:/a:debian:debian_linux:libreoffice-core, p-cpe:/a:debian:debian_linux:libreoffice-l10n-br, cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:libreoffice-base, p-cpe:/a:debian:debian_linux:libreoffice-l10n-fi, p-cpe:/a:debian:debian_linux:libreoffice-nlpsolver, p-cpe:/a:debian:debian_linux:libreoffice-l10n-af, p-cpe:/a:debian:debian_linux:libreoffice-l10n-eu, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ml, p-cpe:/a:debian:debian_linux:libreoffice-help-common, p-cpe:/a:debian:debian_linux:libreoffice-l10n-am, p-cpe:/a:debian:debian_linux:libreoffice-l10n-bn, p-cpe:/a:debian:debian_linux:libreoffice-draw, p-cpe:/a:debian:debian_linux:libreoffice-l10n-lv, p-cpe:/a:debian:debian_linux:libreoffice-style-elementary, p-cpe:/a:debian:debian_linux:libreoffice-l10n-id, p-cpe:/a:debian:debian_linux:libreoffice-l10n-is, p-cpe:/a:debian:debian_linux:libreoffice-help-et, p-cpe:/a:debian:debian_linux:libreoffice-help-hu, p-cpe:/a:debian:debian_linux:libreoffice-help-ca, p-cpe:/a:debian:debian_linux:libreoffice-help-tr, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ro, p-cpe:/a:debian:debian_linux:libreoffice-l10n-ss, p-cpe:/a:debian:debian_linux:libreoffice-l10n-tn, p-cpe:/a:debian:debian_linux:libreoffice-l10n-uk, p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-cn, p-cpe:/a:debian:debian_linux:libreoffice-ogltrans, p-cpe:/a:debian:debian_linux:libreoffice-l10n-it, p-cpe:/a:debian:debian_linux:libreoffice-l10n-pa-in, p-cpe:/a:debian:debian_linux:libreofficekit-dev, p-cpe:/a:debian:debian_linux:libreoffice-l10n-nso, p-cpe:/a:debian:debian_linux:libreoffice-avmedia-backend-gstreamer, p-cpe:/a:debian:debian_linux:gir1.2-lokdocview-0.1

必要的 KB 項目: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

可輕鬆利用: No known exploits are available

修補程式發佈日期: 2023/3/26

弱點發布日期: 2022/2/24

參考資訊

CVE: CVE-2021-25636, CVE-2022-26305, CVE-2022-26306, CVE-2022-26307, CVE-2022-3140

IAVB: 2022-B-0024-S, 2022-B-0040-S