Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.COURIER_OVERFLOWS.NASL
HistoryMar 14, 2004 - 12:00 a.m.

Courier < 0.45 Multiple Remote Overflows

2004-03-1400:00:00
This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
www.tenable.com
15
JSON

According to its version number, the version of Courier MTA running on the remote host has multiple buffer overflow vulnerabilities. A remote attacker could exploit this to crash the service, or possibly execute arbitrary code.

#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");


if(description)
{
 script_id(12102);
 script_version("1.15");
 script_cve_id("CVE-2004-0224");
 script_bugtraq_id(9845);
 
 script_name(english:"Courier < 0.45 Multiple Remote Overflows");
 script_summary(english:"Checks the version number"); 
 
 script_set_attribute(
   attribute:"synopsis",
   value:"The remote SMTP server has multiple buffer overflow vulnerabilities."
 );
 script_set_attribute(attribute:"description", value:
"According to its version number, the version of Courier MTA running
on the remote host has multiple buffer overflow vulnerabilities.  A
remote attacker could exploit this to crash the service, or possibly
execute arbitrary code." );
 script_set_attribute(
   attribute:"solution", 
   value:"Upgrade to Courier 0.45 or later."
 );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"plugin_publication_date", value: "2004/03/14");
 script_set_attribute(attribute:"vuln_publication_date", value: "2004/03/11");
 script_cvs_date("Date: 2018/07/06 11:26:08");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_family(english:"SMTP problems");

 script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");

 script_dependencie("find_service1.nasl", "smtpserver_detect.nasl");
 script_require_ports("Services/smtp", 25);

 exit(0);
}

#
# The script code starts here
#

include("smtp_func.inc");

port = get_kb_item("Services/smtp");
if(!port) port = 25;

banner = get_smtp_banner(port:port);
if(banner)
{
 if ( egrep(pattern:"220.*Courier 0\.([0-9]\.|[0-3][0-9]\.|4[0-4]\.)", string:banner) ) { security_hole(port); exit(0); }

}

Related

ubuntucve 1
securityvulns 1
openvas 4
nessus 2
freebsd 1
debiancve 1
cve 1
gentoo 1
ubuntucve
ubuntucve
CVE-2004-0224
2004-04-15 00:00:00
securityvulns
securityvulns
GLSA 200403-06: Multiple remote buffer overflow vulnerabilities in Courier
2004-03-30 00:00:00
openvas
openvas
FreeBSD Ports: courier
2008-09-04 00:00:00
FreeBSD Ports: courier
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200403-06 (Courier)
2008-09-24 00:00:00
nessus
nessus
FreeBSD : Courier mail services: remotely exploitable buffer overflows (98bd69c3-834b-11d8-a41f-0020ed76ef5a)
2005-07-13 00:00:00
GLSA-200403-06 : Multiple remote buffer overflow vulnerabilities in Courier
2004-08-30 00:00:00
freebsd
freebsd
Courier mail services: remotely exploitable buffer overflows
2004-02-01 00:00:00
debiancve
debiancve
CVE-2004-0224
2004-04-15 04:00:00
cve
cve
CVE-2004-0224
2004-04-15 04:00:00
gentoo
gentoo
Multiple remote buffer overflow vulnerabilities in Courier
2004-03-26 00:00:00
JSON
Related for COURIER_OVERFLOWS.NASL
ubuntucve1securityvulns1openvas4nessus2freebsd1debiancve1cve1gentoo1