Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.DEBIAN_DSA-057.NASLHistorySep 29, 2004 - 12:00 a.m.
Debian DSA-057-1 : gftp - printf format attack
2004-09-2900:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
7
The gftp package as distributed with Debian GNU/Linux 2.2 has a problem in its logging code: it logged data received from the network but it did not protect itself from printf format attacks. An attacker can use this by making an FTP server return special responses that exploit this.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-057. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(14894);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2001-0489");
script_xref(name:"DSA", value:"057");
script_name(english:"Debian DSA-057-1 : gftp - printf format attack");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"The gftp package as distributed with Debian GNU/Linux 2.2 has a
problem in its logging code: it logged data received from the network
but it did not protect itself from printf format attacks. An attacker
can use this by making an FTP server return special responses that
exploit this."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.debian.org/security/2001/dsa-057"
);
script_set_attribute(
attribute:"solution",
value:
"This has been fixed in version 2.0.6a-3.1, and we recommend that you
upgrade your gftp package.
Note: this advisory was posted as DSA-055-1 by mistake."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gftp");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:2.2");
script_set_attribute(attribute:"patch_publication_date", value:"2001/05/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29");
script_set_attribute(attribute:"vuln_publication_date", value:"2001/04/17");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"2.2", prefix:"gftp", reference:"2.0.6a-3.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | gftp | p-cpe:/a:debian:debian_linux:gftp |
| debian | debian_linux | 2.2 | cpe:/o:debian:debian_linux:2.2 |
Related
cve
cve
CVE-2001-0489
2001-06-27 04:00:00
nessus
nessus
Mandrake Linux Security Advisory : gftp (MDKSA-2001:044)
2004-07-31 00:00:00
Related for DEBIAN_DSA-057.NASL