Notification

Icon
Error

LibreOffice Vulnerability Report

Posted: Tuesday, February 5, 2019 4:56:00 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,976
1
Like
Hey everybody,

We've released a new blog post regarding the LibreOffice vulnerability. If you're interested in the specifics, I suggest you give it a read.

The report below will give you a color-coded overview of all Windows and Linux assets in your network that are not on the latest release of LibreOffice and should be updated. Please note that this report will only check whether LibreOffice is on the latest stable version at the time of posting.

The report will list assets that meet the following criteria:
  • The asset is a Windows or Linux Asset
  • The asset is Active
  • The asset has software installed which contains LibreOffice in its name
If you have any feedback on the report, feel free to leave it and I'll take a look at it.
Code:
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblSoftware.softwareVersion Like '6.0.7%' Or
      tblSoftware.softwareVersion Like '6.1.4%') Then '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblSoftware.Lastchanged,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblSoftware.softwareVersion not like '6.0.7%' OR tblSoftware.softwareVersion Like '6.1.4%')  Then ''
	  Else 'LibreOffice update recommended'
  End As Notes
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%LibreOffice%' And tblState.Statename =
  'Active'
Union
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tblLinuxSystem.OSRelease As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblLinuxSoftware.Version Like '%6.0.7%' Or
      tblLinuxSoftware.Version Like '%6.1.4%') Then '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor,
  tblSoftwareUni.softwareName As Software,
  tblLinuxSoftware.Version As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblLinuxSoftware.LastChanged,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblLinuxSoftware.Version Like '%6.0.7%' Or
      tblLinuxSoftware.Version Like '%6.1.4%') Then ''
    Else 'LibreOffice update recommended'
  End As Notes
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
  Inner Join tblSoftwareUni On
    tblSoftwareUni.SoftID = tblLinuxSoftware.SoftwareUniID
  Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where tblSoftwareUni.softwareName Like '%LibreOffice%' And tblState.Statename =
  'Active'
Order By Domain,
  AssetName,
  Software
yura_koresh
#1yura_koresh Member Posts: 3  
posted: 3/9/2019 6:49:21 PM(UTC)
Hello for some reason it shows in red also 6.1.1.2, 6.2.0.3.
Also is there a way to show only vulnerable versions?
And does anyone know how to create the deployment package for the correct version ?
Thanks in advance!
[img]null[/img]
ghelpdesk
#2ghelpdesk Member Posts: 89  
posted: 3/10/2019 2:46:29 PM(UTC)
Perhaps a software vulnerability user editable reference table could be added to the wishlist? So instead of creating these reports individually whenever a vulnerability is reported - an entry could be added to the vulnerability table citing the software (or OS), a from and to version field to create a range of version values that are vulnerable and a comment field to enter the vulnerability name or other brief info (ie: which version introduces a fix to the software).

Then a single vulnerability report could be added as a standard built-in report (perhaps with a default email schedule to the entered LS admin address)

The vulnerability data could stay in the table long-term so that another report could be generated using this data and an assets software history to report on how long the asset may have been exposed to a vulnerability.

I recall the Spectre and Meltdown had a more complicated set of criteria but a vulnerability reference table might cover the majority of cases.

Active Discussions

Lansweeper Uninstall Software - Mozilla Firefox
by  Carl_Allen   Go to last post Go to first unread
Last post: Yesterday at 10:44:36 AM(UTC)
Lansweeper Installation Parameters
by  PeterG  
Go to last post Go to first unread
Last post: 1/8/2020 10:11:51 PM(UTC)
Lansweeper embedded questions
by  mkergan   Go to last post Go to first unread
Last post: 12/20/2019 5:19:46 PM(UTC)
Lansweeper Result: Deployment ended: The environment is incorrect.
by  mkergan  
Go to last post Go to first unread
Last post: 12/19/2019 6:31:44 PM(UTC)
Action Dameware Remote Support tool
by  Jaimee Sellers   Go to last post Go to first unread
Last post: 12/18/2019 4:14:18 PM(UTC)
Lansweeper Number Of Application Hang Event ID 1002 Count , Null
by  HRS  
Go to last post Go to first unread
Last post: 11/29/2019 9:42:49 PM(UTC)
Action Change Windows domain PC Name
by  DaveDischord   Go to last post Go to first unread
Last post: 11/27/2019 10:36:02 PM(UTC)
Lansweeper LsRemote.exe Background Image Removal
by  Martin Frey  
Go to last post Go to first unread
Last post: 11/27/2019 11:40:23 AM(UTC)