LibreOffice Vulnerability Audit

Find Computers Vulnerable to the LibreOffice Directory Traversal Vulnerability

CVE-2018-16858 is a vulnerability which affects LibreOffice versions prior to versions 6.0.7 and 6.1.3. The Audit below checks whether your computers have these versions and will highlight assets which do not. With a small modification to the report, it can display whether the most recent LibreOffice versions are installed or not. Find vulnerable assets and patch them quickly with the use of this audit.

LibreOffice vulnerability report

LibreOffice Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
Case
When tblSoftwareUni.softwareName Like '%libreoffice%' And
(tblSoftware.softwareVersion Like '6.0.7%' Or
tblSoftware.softwareVersion Like '6.1.4%') Then '#d4f4be'
Else '#ffadad'
End As backgroundcolor,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblSoftware.Lastchanged,
Case
When tblSoftwareUni.softwareName Like '%libreoffice%' And
(tblSoftware.softwareVersion not like '6.0.7%' OR tblSoftware.softwareVersion Like '6.1.4%') Then ''
Else 'LibreOffice update recommended'
End As Notes
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%LibreOffice%' And tblState.Statename =
'Active'
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblLinuxSystem.OSRelease As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
Case
When tblSoftwareUni.softwareName Like '%libreoffice%' And
(tblLinuxSoftware.Version Like '%6.0.7%' Or
tblLinuxSoftware.Version Like '%6.1.4%') Then '#d4f4be'
Else '#ffadad'
End As backgroundcolor,
tblSoftwareUni.softwareName As Software,
tblLinuxSoftware.Version As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblLinuxSoftware.LastChanged,
Case
When tblSoftwareUni.softwareName Like '%libreoffice%' And
(tblLinuxSoftware.Version Like '%6.0.7%' Or
tblLinuxSoftware.Version Like '%6.1.4%') Then ''
Else 'LibreOffice update recommended'
End As Notes
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
Inner Join tblSoftwareUni On
tblSoftwareUni.SoftID = tblLinuxSoftware.SoftwareUniID
Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where tblSoftwareUni.softwareName Like '%LibreOffice%' And tblState.Statename =
'Active'
Order By Domain,
AssetName,
Software

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Save-and-Run-the-Report

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting