Debian DSA-084-1 : gftp - Information Retrieval

2004-09-29T00:00:00
ID DEBIAN_DSA-084.NASL
Type nessus
Reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
Modified 2019-11-02T00:00:00

Description

Stephane Gaudreault told us that version 2.0.6a of gftp displays the password in plain text on the screen within the log window when it is logging into an ftp server. A malicious colleague who is watching the screen could gain access to the users shell on the remote machine.

This problem has been fixed by the Security Team in version 2.0.6a-3.2 for the stable Debian GNU/Linux 2.2.

                                        
                                            #%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-084. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(14921);
  script_version("1.18");
  script_cvs_date("Date: 2019/08/02 13:32:16");

  script_cve_id("CVE-1999-1562");
  script_bugtraq_id(3446);
  script_xref(name:"DSA", value:"084");

  script_name(english:"Debian DSA-084-1 : gftp - Information Retrieval");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Stephane Gaudreault told us that version 2.0.6a of gftp displays the
 password in plain text on the screen within the log window when it is
 logging into an ftp server. A malicious colleague who is watching the
 screen could gain access to the users shell on the remote machine.

This problem has been fixed by the Security Team in version 2.0.6a-3.2
for the stable Debian GNU/Linux 2.2."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.debian.org/97184"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2001/dsa-084"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade the gftp package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gftp");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:2.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2001/10/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"2.2", prefix:"gftp", reference:"2.0.6a-3.2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");