Notification

Icon
Error

LibreOffice Vulnerability Report

Posted: Tuesday, February 5, 2019 4:56:00 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,956
1
Like
Hey everybody,

We've released a new blog post regarding the LibreOffice vulnerability. If you're interested in the specifics, I suggest you give it a read.

The report below will give you a color-coded overview of all Windows and Linux assets in your network that are not on the latest release of LibreOffice and should be updated. Please note that this report will only check whether LibreOffice is on the latest stable version at the time of posting.

The report will list assets that meet the following criteria:
  • The asset is a Windows or Linux Asset
  • The asset is Active
  • The asset has software installed which contains LibreOffice in its name
If you have any feedback on the report, feel free to leave it and I'll take a look at it.
Code:
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblSoftware.softwareVersion Like '6.0.7%' Or
      tblSoftware.softwareVersion Like '6.1.4%') Then '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblSoftware.Lastchanged,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblSoftware.softwareVersion not like '6.0.7%' OR tblSoftware.softwareVersion Like '6.1.4%')  Then ''
	  Else 'LibreOffice update recommended'
  End As Notes
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%LibreOffice%' And tblState.Statename =
  'Active'
Union
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tblLinuxSystem.OSRelease As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblLinuxSoftware.Version Like '%6.0.7%' Or
      tblLinuxSoftware.Version Like '%6.1.4%') Then '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor,
  tblSoftwareUni.softwareName As Software,
  tblLinuxSoftware.Version As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblLinuxSoftware.LastChanged,
  Case
    When tblSoftwareUni.softwareName Like '%libreoffice%' And
      (tblLinuxSoftware.Version Like '%6.0.7%' Or
      tblLinuxSoftware.Version Like '%6.1.4%') Then ''
    Else 'LibreOffice update recommended'
  End As Notes
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
  Inner Join tblSoftwareUni On
    tblSoftwareUni.SoftID = tblLinuxSoftware.SoftwareUniID
  Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where tblSoftwareUni.softwareName Like '%LibreOffice%' And tblState.Statename =
  'Active'
Order By Domain,
  AssetName,
  Software
yura_koresh
#1yura_koresh Member Posts: 3  
posted: 3/9/2019 6:49:21 PM(UTC)
Hello for some reason it shows in red also 6.1.1.2, 6.2.0.3.
Also is there a way to show only vulnerable versions?
And does anyone know how to create the deployment package for the correct version ?
Thanks in advance!
[img]null[/img]
ghelpdesk
#2ghelpdesk Member Posts: 89  
posted: 3/10/2019 2:46:29 PM(UTC)
Perhaps a software vulnerability user editable reference table could be added to the wishlist? So instead of creating these reports individually whenever a vulnerability is reported - an entry could be added to the vulnerability table citing the software (or OS), a from and to version field to create a range of version values that are vulnerable and a comment field to enter the vulnerability name or other brief info (ie: which version introduces a fix to the software).

Then a single vulnerability report could be added as a standard built-in report (perhaps with a default email schedule to the entered LS admin address)

The vulnerability data could stay in the table long-term so that another report could be generated using this data and an assets software history to report on how long the asset may have been exposed to a vulnerability.

I recall the Spectre and Meltdown had a more complicated set of criteria but a vulnerability reference table might cover the majority of cases.

Active Discussions

Lansweeper HPE SAS Solid State Drives failure report
by  Tommy75   Go to last post Go to first unread
Last post: Today at 8:04:05 AM(UTC)
Lansweeper Software Missing Report
by  RC62N  
Go to last post Go to first unread
Last post: 12/6/2019 6:09:28 PM(UTC)
Lansweeper Assets without Asset Location
by  JLangthaler   Go to last post Go to first unread
Last post: 12/5/2019 12:44:19 PM(UTC)
Lansweeper Installed Memory report
by  lansend  
Go to last post Go to first unread
Last post: 12/2/2019 8:15:53 PM(UTC)
Lansweeper Custom OID Report
by  bramassendorp   Go to last post Go to first unread
Last post: 12/2/2019 4:42:48 PM(UTC)
Lansweeper Report thats showing Windows machines when AV is not like =
by  RC62N  
Go to last post Go to first unread
Last post: 11/28/2019 5:56:51 PM(UTC)
Lansweeper dhcp addresses available
by  Cesco93  
Go to last post Go to first unread
Last post: 11/28/2019 2:56:02 PM(UTC)