ID CVE-2009-4023 Type cve Reporter cve@mitre.org Modified 2017-08-17T01:31:00
Description
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
{"openvas": [{"lastseen": "2018-04-06T11:40:22", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12439.", "modified": "2018-04-06T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066431", "id": "OPENVAS:136141256231066431", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12439.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12439 (php-pear-Mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape\ncontent of mail header fields, when using the sendmail backend. A remote\nattacker could send an email message, with specially-crafted headers to local\nuser, leading to disclosure of content and potentially, to modification of\narbitrary system file, once the email message was processed by the PEAR's Mail\nclass.\n\nChangeLog:\n\n* Fri Nov 27 2009 Remi Collet 1.1.14-5\n- Fix CVE-2009-4023 (#540842)\n- rename Mail.xml to php-pear-Mail.xml\n* Sun Jul 26 2009 Fedora Release Engineering - 1.1.14-4\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Thu Feb 26 2009 Fedora Release Engineering - 1.1.14-3\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update php-pear-Mail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12439\";\ntag_summary = \"The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12439.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66431\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=540842\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.1.14~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:26", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12348.", "modified": "2018-04-06T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066427", "id": "OPENVAS:136141256231066427", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12348.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12348 (php-pear-Mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape\ncontent of mail header fields, when using the sendmail backend. A remote\nattacker could send an email message, with specially-crafted headers to local\nuser, leading to disclosure of content and potentially, to modification of\narbitrary system file, once the email message was processed by the PEAR's Mail\nclass.\n\nChangeLog:\n\n* Fri Nov 27 2009 Remi Collet 1.1.14-5\n- Fix CVE-2009-4023 (#540842)\n- rename Mail.xml to php-pear-Mail.xml\n* Sun Jul 26 2009 Fedora Release Engineering - 1.1.14-4\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update php-pear-Mail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12348\";\ntag_summary = \"The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12348.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66427\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=540842\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.1.14~5.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:08", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12439.", "modified": "2017-07-10T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66431", "id": "OPENVAS:66431", "title": "Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12439.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12439 (php-pear-Mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape\ncontent of mail header fields, when using the sendmail backend. A remote\nattacker could send an email message, with specially-crafted headers to local\nuser, leading to disclosure of content and potentially, to modification of\narbitrary system file, once the email message was processed by the PEAR's Mail\nclass.\n\nChangeLog:\n\n* Fri Nov 27 2009 Remi Collet 1.1.14-5\n- Fix CVE-2009-4023 (#540842)\n- rename Mail.xml to php-pear-Mail.xml\n* Sun Jul 26 2009 Fedora Release Engineering - 1.1.14-4\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Thu Feb 26 2009 Fedora Release Engineering - 1.1.14-3\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update php-pear-Mail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12439\";\ntag_summary = \"The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12439.\";\n\n\n\nif(description)\n{\n script_id(66431);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-12439 (php-pear-Mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=540842\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.1.14~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12395.", "modified": "2017-07-10T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66429", "id": "OPENVAS:66429", "title": "Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12395.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12395 (php-pear-Mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape\ncontent of mail header fields, when using the sendmail backend. A remote\nattacker could send an email message, with specially-crafted headers to local\nuser, leading to disclosure of content and potentially, to modification of\narbitrary system file, once the email message was processed by the PEAR's Mail\nclass.\n\nChangeLog:\n\n* Fri Nov 27 2009 Remi Collet 1.1.14-5\n- Fix CVE-2009-4023 (#540842)\n- rename Mail.xml to php-pear-Mail.xml\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update php-pear-Mail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12395\";\ntag_summary = \"The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12395.\";\n\n\n\nif(description)\n{\n script_id(66429);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=540842\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.1.14~5.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:06", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-mail\nannounced via advisory DSA 1938-1.", "modified": "2017-07-07T00:00:00", "published": "2009-11-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66298", "id": "OPENVAS:66298", "title": "Debian Security Advisory DSA 1938-1 (php-mail)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1938_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1938-1 (php-mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that php-mail, a PHP PEAR module for sending email,\nhas insufficient input sanitising, which might be used to obtain\nsensitive data from the system that uses php-mail.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.1.14-1+lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.1.6-2+etch1.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.14-2.\n\n\nWe recommend that you upgrade your php-mail packages.\";\ntag_summary = \"The remote host is missing an update to php-mail\nannounced via advisory DSA 1938-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201938-1\";\n\n\nif(description)\n{\n script_id(66298);\n script_cve_id(\"CVE-2009-4023\",\"CVE-2009-4111\");\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1938-1 (php-mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"php-mail\", ver:\"1.1.6-2+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-mail\", ver:\"1.1.14-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-25T10:54:58", "bulletinFamily": "scanner", "description": "Check for the Version of php-pear-Mail", "modified": "2018-01-24T00:00:00", "published": "2010-01-29T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830853", "id": "OPENVAS:1361412562310830853", "type": "openvas", "title": "Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in php-pear\n (Mail):\n\n Argument injection vulnerability in the sendmail implementation of\n the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14\n for PEAR allows remote attackers to read and write arbitrary files\n via a crafted parameter, a different vector than CVE-2009-4111\n (CVE-2009-4023).\n \n Argument injection vulnerability in Mail/sendmail.php in the Mail\n package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows\n remote attackers to read and write arbitrary files via a crafted\n parameter, and possibly other parameters, a different vulnerability\n than CVE-2009-4023 (CVE-2009-4111).\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"php-pear-Mail on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00074.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830853\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-29 14:09:25 +0100 (Fri, 29 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:025\");\n script_cve_id(\"CVE-2009-4111\", \"CVE-2009-4023\");\n script_name(\"Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-pear-Mail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.6~6.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.2.0~0.b1.2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.6~6.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:39", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12395.", "modified": "2018-04-06T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066429", "id": "OPENVAS:136141256231066429", "title": "Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12395.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12395 (php-pear-Mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape\ncontent of mail header fields, when using the sendmail backend. A remote\nattacker could send an email message, with specially-crafted headers to local\nuser, leading to disclosure of content and potentially, to modification of\narbitrary system file, once the email message was processed by the PEAR's Mail\nclass.\n\nChangeLog:\n\n* Fri Nov 27 2009 Remi Collet 1.1.14-5\n- Fix CVE-2009-4023 (#540842)\n- rename Mail.xml to php-pear-Mail.xml\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update php-pear-Mail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12395\";\ntag_summary = \"The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12395.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66429\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 12 FEDORA-2009-12395 (php-pear-Mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=540842\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.1.14~5.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:15", "bulletinFamily": "scanner", "description": "Check for the Version of php-pear-Mail", "modified": "2017-12-25T00:00:00", "published": "2010-01-29T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830853", "id": "OPENVAS:830853", "title": "Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in php-pear\n (Mail):\n\n Argument injection vulnerability in the sendmail implementation of\n the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14\n for PEAR allows remote attackers to read and write arbitrary files\n via a crafted parameter, a different vector than CVE-2009-4111\n (CVE-2009-4023).\n \n Argument injection vulnerability in Mail/sendmail.php in the Mail\n package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows\n remote attackers to read and write arbitrary files via a crafted\n parameter, and possibly other parameters, a different vulnerability\n than CVE-2009-4023 (CVE-2009-4111).\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers.\n \n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"php-pear-Mail on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-01/msg00074.php\");\n script_id(830853);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-29 14:09:25 +0100 (Fri, 29 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:025\");\n script_cve_id(\"CVE-2009-4111\", \"CVE-2009-4023\");\n script_name(\"Mandriva Update for php-pear-Mail MDVSA-2010:025 (php-pear-Mail)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-pear-Mail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.6~6.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.2.0~0.b1.2.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~5.2.6~6.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:09", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12348.", "modified": "2017-07-10T00:00:00", "published": "2009-12-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66427", "id": "OPENVAS:66427", "title": "Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_12348.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-12348 (php-pear-Mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nFix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly escape\ncontent of mail header fields, when using the sendmail backend. A remote\nattacker could send an email message, with specially-crafted headers to local\nuser, leading to disclosure of content and potentially, to modification of\narbitrary system file, once the email message was processed by the PEAR's Mail\nclass.\n\nChangeLog:\n\n* Fri Nov 27 2009 Remi Collet 1.1.14-5\n- Fix CVE-2009-4023 (#540842)\n- rename Mail.xml to php-pear-Mail.xml\n* Sun Jul 26 2009 Fedora Release Engineering - 1.1.14-4\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update php-pear-Mail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-12348\";\ntag_summary = \"The remote host is missing an update to php-pear-Mail\nannounced via advisory FEDORA-2009-12348.\";\n\n\n\nif(description)\n{\n script_id(66427);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-12348 (php-pear-Mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=540842\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php-pear-Mail\", rpm:\"php-pear-Mail~1.1.14~5.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:14", "bulletinFamily": "scanner", "description": "The remote host is missing an update to php-mail\nannounced via advisory DSA 1938-1.", "modified": "2018-04-06T00:00:00", "published": "2009-11-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066298", "id": "OPENVAS:136141256231066298", "type": "openvas", "title": "Debian Security Advisory DSA 1938-1 (php-mail)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1938_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1938-1 (php-mail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that php-mail, a PHP PEAR module for sending email,\nhas insufficient input sanitising, which might be used to obtain\nsensitive data from the system that uses php-mail.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.1.14-1+lenny1.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1.1.6-2+etch1.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.1.14-2.\n\n\nWe recommend that you upgrade your php-mail packages.\";\ntag_summary = \"The remote host is missing an update to php-mail\nannounced via advisory DSA 1938-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201938-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66298\");\n script_cve_id(\"CVE-2009-4023\",\"CVE-2009-4111\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1938-1 (php-mail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"php-mail\", ver:\"1.1.6-2+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-mail\", ver:\"1.1.14-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-11-01T02:26:40", "bulletinFamily": "scanner", "description": "Fix CVE-2009-4023, CVE-2009-4111 PEAR", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2009-12348.NASL", "href": "https://www.tenable.com/plugins/nessus/42937", "published": "2009-12-01T00:00:00", "title": "Fedora 11 : php-pear-Mail-1.1.14-5.fc11 (2009-12348)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12348.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42937);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:29\");\n\n script_cve_id(\"CVE-2009-4023\");\n script_bugtraq_id(37081);\n script_xref(name:\"FEDORA\", value:\"2009-12348\");\n\n script_name(english:\"Fedora 11 : php-pear-Mail-1.1.14-5.fc11 (2009-12348)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly\nescape content of mail header fields, when using the sendmail backend.\nA remote attacker could send an email message, with specially crafted\nheaders to local user, leading to disclosure of content and\npotentially, to modification of arbitrary system file, once the email\nmessage was processed by the PEAR's Mail class.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=540842\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/031839.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?965f40df\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-pear-Mail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-pear-Mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"php-pear-Mail-1.1.14-5.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-pear-Mail\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:26:40", "bulletinFamily": "scanner", "description": "Fix CVE-2009-4023, CVE-2009-4111 PEAR", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2009-12395.NASL", "href": "https://www.tenable.com/plugins/nessus/42939", "published": "2009-12-01T00:00:00", "title": "Fedora 12 : php-pear-Mail-1.1.14-5.fc12 (2009-12395)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12395.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42939);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:29\");\n\n script_cve_id(\"CVE-2009-4023\");\n script_bugtraq_id(37081);\n script_xref(name:\"FEDORA\", value:\"2009-12395\");\n\n script_name(english:\"Fedora 12 : php-pear-Mail-1.1.14-5.fc12 (2009-12395)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly\nescape content of mail header fields, when using the sendmail backend.\nA remote attacker could send an email message, with specially crafted\nheaders to local user, leading to disclosure of content and\npotentially, to modification of arbitrary system file, once the email\nmessage was processed by the PEAR's Mail class.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=540842\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/031884.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b7eb07d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-pear-Mail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-pear-Mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"php-pear-Mail-1.1.14-5.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-pear-Mail\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-03T12:17:30", "bulletinFamily": "scanner", "description": "Passing specially crafted $from and $recepient arguments to\nphp5-pear-mail", "modified": "2019-11-02T00:00:00", "id": "SUSE_11_1_PHP5-PEAR-MAIL-101022.NASL", "href": "https://www.tenable.com/plugins/nessus/50369", "published": "2010-10-28T00:00:00", "title": "openSUSE Security Update : php5-pear-mail (openSUSE-SU-2010:0909-1)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update php5-pear-mail-3379.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50369);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/25 13:36:38\");\n\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n\n script_name(english:\"openSUSE Security Update : php5-pear-mail (openSUSE-SU-2010:0909-1)\");\n script_summary(english:\"Check for the php5-pear-mail-3379 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Passing specially crafted $from and $recepient arguments to\nphp5-pear-mail's sendmail.php allowed attackers to inject shell code\n(CVE-2009-4023, CVE-2009-4111).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=558259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=630334\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-10/msg00038.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php5-pear-mail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pear-mail-1.1.14-1.135.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5-pear-mail\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:26:40", "bulletinFamily": "scanner", "description": "Fix CVE-2009-4023, CVE-2009-4111 PEAR", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2009-12439.NASL", "href": "https://www.tenable.com/plugins/nessus/42940", "published": "2009-12-01T00:00:00", "title": "Fedora 10 : php-pear-Mail-1.1.14-5.fc10 (2009-12439)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-12439.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42940);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:29\");\n\n script_cve_id(\"CVE-2009-4023\");\n script_bugtraq_id(37081);\n script_xref(name:\"FEDORA\", value:\"2009-12439\");\n\n script_name(english:\"Fedora 10 : php-pear-Mail-1.1.14-5.fc10 (2009-12439)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2009-4023, CVE-2009-4111 PEAR's Mail class did not properly\nescape content of mail header fields, when using the sendmail backend.\nA remote attacker could send an email message, with specially crafted\nheaders to local user, leading to disclosure of content and\npotentially, to modification of arbitrary system file, once the email\nmessage was processed by the PEAR's Mail class.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=540842\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/031940.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54fffe87\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-pear-Mail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-pear-Mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"php-pear-Mail-1.1.14-5.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-pear-Mail\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:55:06", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities were discovered and corrected in php-pear\n(Mail) :\n\nArgument injection vulnerability in the sendmail implementation of the\nMail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for\nPEAR allows remote attackers to read and write arbitrary files via a\ncrafted parameter, a different vector than CVE-2009-4111\n(CVE-2009-4023).\n\nArgument injection vulnerability in Mail/sendmail.php in the Mail\npackage 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows\nremote attackers to read and write arbitrary files via a crafted\nparameter, and possibly other parameters, a different vulnerability\nthan CVE-2009-4023 (CVE-2009-4111).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers.\n\nThe updated packages have been patched to correct these issues.", "modified": "2019-11-02T00:00:00", "id": "MANDRIVA_MDVSA-2010-025.NASL", "href": "https://www.tenable.com/plugins/nessus/44303", "published": "2010-01-26T00:00:00", "title": "Mandriva Linux Security Advisory : php-pear-Mail (MDVSA-2010:025)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:025. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44303);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:53\");\n\n script_cve_id(\"CVE-2009-4023\", \"CVE-2009-4111\");\n script_bugtraq_id(37081);\n script_xref(name:\"MDVSA\", value:\"2010:025\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php-pear-Mail (MDVSA-2010:025)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and corrected in php-pear\n(Mail) :\n\nArgument injection vulnerability in the sendmail implementation of the\nMail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for\nPEAR allows remote attackers to read and write arbitrary files via a\ncrafted parameter, a different vector than CVE-2009-4111\n(CVE-2009-4023).\n\nArgument injection vulnerability in Mail/sendmail.php in the Mail\npackage 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows\nremote attackers to read and write arbitrary files via a crafted\nparameter, and possibly other parameters, a different vulnerability\nthan CVE-2009-4023 (CVE-2009-4111).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-pear and / or php-pear-Mail packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pear-Mail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"php-pear-5.2.4-1.1mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pear-5.2.6-6.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pear-5.2.9-1.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pear-Mail-1.2.0-0.b1.2.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-01T02:40:36", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201412-09\n(Multiple packages, Multiple vulnerabilities fixed in 2011)\n\n Vulnerabilities have been discovered in the packages listed below.\n Please review the CVE identifiers in the Reference section for details.\n FMOD Studio\n PEAR Mail\n LVM2\n GnuCash\n xine-lib\n Last.fm Scrobbler\n WebKitGTK+\n shadow tool suite\n PEAR\n unixODBC\n Resource Agents\n mrouted\n rsync\n XML Security Library\n xrdb\n Vino\n OProfile\n syslog-ng\n sFlow Toolkit\n GNOME Display Manager\n libsoup\n CA Certificates\n Gitolite\n QtCreator\n Racer\n \nImpact :\n\n A context-dependent attacker may be able to gain escalated privileges,\n execute arbitrary code, cause Denial of Service, obtain sensitive\n information, or otherwise bypass security restrictions.\n \nWorkaround :\n\n There are no known workarounds at this time.", "modified": "2019-11-02T00:00:00", "id": "GENTOO_GLSA-201412-09.NASL", "href": "https://www.tenable.com/plugins/nessus/79962", "published": "2014-12-15T00:00:00", "title": "GLSA-201412-09 : Multiple packages, Multiple vulnerabilities fixed in 2011", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-09.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79962);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/08/12 17:35:38\");\n\n script_cve_id(\"CVE-2007-4370\", \"CVE-2009-4023\", \"CVE-2009-4111\", \"CVE-2010-0778\", \"CVE-2010-1780\", \"CVE-2010-1782\", \"CVE-2010-1783\", \"CVE-2010-1784\", \"CVE-2010-1785\", \"CVE-2010-1786\", \"CVE-2010-1787\", \"CVE-2010-1788\", \"CVE-2010-1790\", \"CVE-2010-1791\", \"CVE-2010-1792\", \"CVE-2010-1793\", \"CVE-2010-1807\", \"CVE-2010-1812\", \"CVE-2010-1814\", \"CVE-2010-1815\", \"CVE-2010-2526\", \"CVE-2010-2901\", \"CVE-2010-3255\", \"CVE-2010-3257\", \"CVE-2010-3259\", \"CVE-2010-3362\", \"CVE-2010-3374\", \"CVE-2010-3389\", \"CVE-2010-3812\", \"CVE-2010-3813\", \"CVE-2010-3999\", \"CVE-2010-4042\", \"CVE-2010-4197\", \"CVE-2010-4198\", \"CVE-2010-4204\", \"CVE-2010-4206\", \"CVE-2010-4492\", \"CVE-2010-4493\", \"CVE-2010-4577\", \"CVE-2010-4578\", \"CVE-2011-0007\", \"CVE-2011-0465\", \"CVE-2011-0482\", \"CVE-2011-0721\", \"CVE-2011-0727\", \"CVE-2011-0904\", \"CVE-2011-0905\", \"CVE-2011-1072\", \"CVE-2011-1097\", \"CVE-2011-1144\", \"CVE-2011-1425\", \"CVE-2011-1572\", \"CVE-2011-1760\", \"CVE-2011-1951\", \"CVE-2011-2471\", \"CVE-2011-2472\", \"CVE-2011-2473\", \"CVE-2011-2524\", \"CVE-2011-3365\", \"CVE-2011-3366\", \"CVE-2011-3367\");\n script_bugtraq_id(25297, 37081, 37395, 41148, 41976, 42033, 42034, 42035, 42036, 42037, 42038, 42041, 42042, 42043, 42044, 42045, 42046, 42049, 43047, 43079, 43081, 43083, 43672, 44204, 44206, 44241, 44349, 44359, 44563, 44954, 44960, 45170, 45390, 45715, 45718, 45719, 45720, 45721, 45722, 45788, 46426, 46473, 46605, 47063, 47064, 47135, 47189, 47650, 47652, 47681, 47800, 48241, 48926, 49925);\n script_xref(name:\"GLSA\", value:\"201412-09\");\n script_xref(name:\"IAVA\", value:\"2017-A-0098\");\n\n script_name(english:\"GLSA-201412-09 : Multiple packages, Multiple vulnerabilities fixed in 2011\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-09\n(Multiple packages, Multiple vulnerabilities fixed in 2011)\n\n Vulnerabilities have been discovered in the packages listed below.\n Please review the CVE identifiers in the Reference section for details.\n FMOD Studio\n PEAR Mail\n LVM2\n GnuCash\n xine-lib\n Last.fm Scrobbler\n WebKitGTK+\n shadow tool suite\n PEAR\n unixODBC\n Resource Agents\n mrouted\n rsync\n XML Security Library\n xrdb\n Vino\n OProfile\n syslog-ng\n sFlow Toolkit\n GNOME Display Manager\n libsoup\n CA Certificates\n Gitolite\n QtCreator\n Racer\n \nImpact :\n\n A context-dependent attacker may be able to gain escalated privileges,\n execute arbitrary code, cause Denial of Service, obtain sensitive\n information, or otherwise bypass security restrictions.\n \nWorkaround :\n\n There are no known workarounds at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-09\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All FMOD Studio users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/fmod-4.38.00'\n All PEAR Mail users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-php/PEAR-Mail-1.2.0'\n All LVM2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-fs/lvm2-2.02.72'\n All GnuCash users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-office/gnucash-2.4.4'\n All xine-lib users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/xine-lib-1.1.19'\n All Last.fm Scrobbler users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=media-sound/lastfmplayer-1.5.4.26862-r3'\n All WebKitGTK+ users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/webkit-gtk-1.2.7'\n All shadow tool suite users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/shadow-4.1.4.3'\n All PEAR users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-php/PEAR-PEAR-1.9.2-r1'\n All unixODBC users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/unixODBC-2.3.0-r1'\n All Resource Agents users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=sys-cluster/resource-agents-1.0.4-r1'\n All mrouted users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/mrouted-3.9.5'\n All rsync users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/rsync-3.0.8'\n All XML Security Library users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/xmlsec-1.2.17'\n All xrdb users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=x11-apps/xrdb-1.0.9'\n All Vino users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/vino-2.32.2'\n All OProfile users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/oprofile-0.9.6-r1'\n All syslog-ng users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-admin/syslog-ng-3.2.4'\n All sFlow Toolkit users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/sflowtool-3.20'\n All GNOME Display Manager users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=gnome-base/gdm-3.8.4-r3'\n All libsoup users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/libsoup-2.34.3'\n All CA Certificates users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-misc/ca-certificates-20110502-r1'\n All Gitolite users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-vcs/gitolite-1.5.9.1'\n All QtCreator users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-util/qt-creator-2.1.0'\n Gentoo has discontinued support for Racer. We recommend that users\n unmerge Racer:\n # emerge --unmerge 'games-sports/racer-bin'\n NOTE: This is a legacy GLSA. Updates for all affected architectures have\n been available since 2012. It is likely that your system is already no\n longer affected by these issues.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Racer v0.5.3 Beta 5 Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:PEAR-Mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:PEAR-PEAR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ca-certificates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:fmod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gitolite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gnucash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lastfmplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:lvm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mrouted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:oprofile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qt-creator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:racer-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:resource-agents\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sflowtool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:shadow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:syslog-ng\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:unixODBC\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:vino\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:webkit-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xmlsec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xrdb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/08/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/unixODBC\", unaffected:make_list(\"ge 2.3.0-r1\"), vulnerable:make_list(\"lt 2.3.0-r1\"))) flag++;\nif (qpkg_check(package:\"sys-apps/shadow\", unaffected:make_list(\"ge 4.1.4.3\"), vulnerable:make_list(\"lt 4.1.4.3\"))) flag++;\nif (qpkg_check(package:\"games-sports/racer-bin\", unaffected:make_list(), vulnerable:make_list(\"ge 0.5.0-r1\"))) flag++;\nif (qpkg_check(package:\"sys-cluster/resource-agents\", unaffected:make_list(\"ge 1.0.4-r1\"), vulnerable:make_list(\"lt 1.0.4-r1\"))) flag++;\nif (qpkg_check(package:\"net-misc/rsync\", unaffected:make_list(\"ge 3.0.8\"), vulnerable:make_list(\"lt 3.0.8\"))) flag++;\nif (qpkg_check(package:\"sys-fs/lvm2\", unaffected:make_list(\"ge 2.02.72\"), vulnerable:make_list(\"lt 2.02.72\"))) flag++;\nif (qpkg_check(package:\"app-office/gnucash\", unaffected:make_list(\"ge 2.4.4\"), vulnerable:make_list(\"lt 2.4.4\"))) flag++;\nif (qpkg_check(package:\"dev-util/qt-creator\", unaffected:make_list(\"ge 2.1.0\"), vulnerable:make_list(\"lt 2.1.0\"))) flag++;\nif (qpkg_check(package:\"dev-vcs/gitolite\", unaffected:make_list(\"ge 1.5.9.1\"), vulnerable:make_list(\"lt 1.5.9.1\"))) flag++;\nif (qpkg_check(package:\"app-misc/ca-certificates\", unaffected:make_list(\"ge 20110502-r1\"), vulnerable:make_list(\"lt 20110502-r1\"))) flag++;\nif (qpkg_check(package:\"net-analyzer/sflowtool\", unaffected:make_list(\"ge 3.20\"), vulnerable:make_list(\"lt 3.20\"))) flag++;\nif (qpkg_check(package:\"net-libs/libsoup\", unaffected:make_list(\"ge 2.34.3\"), vulnerable:make_list(\"lt 2.34.3\"))) flag++;\nif (qpkg_check(package:\"x11-apps/xrdb\", unaffected:make_list(\"ge 1.0.9\"), vulnerable:make_list(\"lt 1.0.9\"))) flag++;\nif (qpkg_check(package:\"media-libs/fmod\", unaffected:make_list(\"ge 4.38.00\"), vulnerable:make_list(\"lt 4.38.00\"))) flag++;\nif (qpkg_check(package:\"dev-libs/xmlsec\", unaffected:make_list(\"ge 1.2.17\"), vulnerable:make_list(\"lt 1.2.17\"))) flag++;\nif (qpkg_check(package:\"app-admin/syslog-ng\", unaffected:make_list(\"ge 3.2.4\"), vulnerable:make_list(\"lt 3.2.4\"))) flag++;\nif (qpkg_check(package:\"net-misc/mrouted\", unaffected:make_list(\"ge 3.9.5\"), vulnerable:make_list(\"lt 3.9.5\"))) flag++;\nif (qpkg_check(package:\"gnome-base/gdm\", unaffected:make_list(\"ge 3.8.4-r3\"), vulnerable:make_list(\"lt 3.8.4-r3\"))) flag++;\nif (qpkg_check(package:\"media-libs/xine-lib\", unaffected:make_list(\"ge 1.1.19\"), vulnerable:make_list(\"lt 1.1.19\"))) flag++;\nif (qpkg_check(package:\"dev-php/PEAR-PEAR\", unaffected:make_list(\"ge 1.9.2-r1\"), vulnerable:make_list(\"lt 1.9.2-r1\"))) flag++;\nif (qpkg_check(package:\"dev-php/PEAR-Mail\", unaffected:make_list(\"ge 1.2.0\"), vulnerable:make_list(\"lt 1.2.0\"))) flag++;\nif (qpkg_check(package:\"dev-util/oprofile\", unaffected:make_list(\"ge 0.9.6-r1\"), vulnerable:make_list(\"lt 0.9.6-r1\"))) flag++;\nif (qpkg_check(package:\"net-libs/webkit-gtk\", unaffected:make_list(\"ge 1.2.7\"), vulnerable:make_list(\"lt 1.2.7\"))) flag++;\nif (qpkg_check(package:\"net-misc/vino\", unaffected:make_list(\"ge 2.32.2\"), vulnerable:make_list(\"lt 2.32.2\"))) flag++;\nif (qpkg_check(package:\"media-sound/lastfmplayer\", unaffected:make_list(\"ge 1.5.4.26862-r3\"), vulnerable:make_list(\"lt 1.5.4.26862-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dev-db/unixODBC / sys-apps/shadow / games-sports/racer-bin / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:21", "bulletinFamily": "unix", "description": "### Background\n\nFor more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. \n\n### Description\n\nVulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. \n\n * FMOD Studio\n * PEAR Mail\n * LVM2\n * GnuCash\n * xine-lib\n * Last.fm Scrobbler\n * WebKitGTK+\n * shadow tool suite\n * PEAR\n * unixODBC\n * Resource Agents\n * mrouted\n * rsync\n * XML Security Library\n * xrdb\n * Vino\n * OProfile\n * syslog-ng\n * sFlow Toolkit\n * GNOME Display Manager\n * libsoup\n * CA Certificates\n * Gitolite\n * QtCreator\n * Racer\n\n### Impact\n\nA context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. \n\n### Workaround\n\nThere are no known workarounds at this time.\n\n### Resolution\n\nAll FMOD Studio users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/fmod-4.38.00\"\n \n\nAll PEAR Mail users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-php/PEAR-Mail-1.2.0\"\n \n\nAll LVM2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-fs/lvm2-2.02.72\"\n \n\nAll GnuCash users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-office/gnucash-2.4.4\"\n \n\nAll xine-lib users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/xine-lib-1.1.19\"\n \n\nAll Last.fm Scrobbler users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-sound/lastfmplayer-1.5.4.26862-r3\"\n \n\nAll WebKitGTK+ users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/webkit-gtk-1.2.7\"\n \n\nAll shadow tool suite users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/shadow-4.1.4.3\"\n \n\nAll PEAR users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-php/PEAR-PEAR-1.9.2-r1\"\n \n\nAll unixODBC users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/unixODBC-2.3.0-r1\"\n \n\nAll Resource Agents users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=sys-cluster/resource-agents-1.0.4-r1\"\n \n\nAll mrouted users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/mrouted-3.9.5\"\n \n\nAll rsync users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/rsync-3.0.8\"\n \n\nAll XML Security Library users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/xmlsec-1.2.17\"\n \n\nAll xrdb users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-apps/xrdb-1.0.9\"\n \n\nAll Vino users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/vino-2.32.2\"\n \n\nAll OProfile users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/oprofile-0.9.6-r1\"\n \n\nAll syslog-ng users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-admin/syslog-ng-3.2.4\"\n \n\nAll sFlow Toolkit users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/sflowtool-3.20\"\n \n\nAll GNOME Display Manager users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=gnome-base/gdm-3.8.4-r3\"\n \n\nAll libsoup users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/libsoup-2.34.3\"\n \n\nAll CA Certificates users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-misc/ca-certificates-20110502-r1\"\n \n\nAll Gitolite users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-vcs/gitolite-1.5.9.1\"\n \n\nAll QtCreator users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/qt-creator-2.1.0\"\n \n\nGentoo has discontinued support for Racer. We recommend that users unmerge Racer: \n \n \n # emerge --unmerge \"games-sports/racer-bin\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2012. It is likely that your system is already no longer affected by these issues.", "modified": "2014-12-11T00:00:00", "published": "2014-12-11T00:00:00", "id": "GLSA-201412-09", "href": "https://security.gentoo.org/glsa/201412-09", "type": "gentoo", "title": "Multiple packages, Multiple vulnerabilities fixed in 2011", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
