Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.DEBIAN_DSA-147.NASL
HistorySep 29, 2004 - 12:00 a.m.

Debian DSA-147-1 : mailman - XSS

2004-09-2900:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
15
JSON

A cross-site scripting vulnerability was discovered in mailman, a software to manage electronic mailing lists. When a properly crafted URL is accessed with Internet Explorer (other browsers don’t seem to be affected), the resulting webpage is rendered similar to the real one, but the JavaScript component is executed as well, which could be used by an attacker to get access to sensitive information. The new version for Debian 2.2 also includes backports of security related patches from mailman 2.0.11.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-147. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14984);
  script_version("1.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2002-0388", "CVE-2002-0855");
  script_bugtraq_id(4825, 4826, 5298);
  script_xref(name:"DSA", value:"147");

  script_name(english:"Debian DSA-147-1 : mailman - XSS");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A cross-site scripting vulnerability was discovered in mailman, a
software to manage electronic mailing lists. When a properly crafted
URL is accessed with Internet Explorer (other browsers don't seem to
be affected), the resulting webpage is rendered similar to the real
one, but the JavaScript component is executed as well, which could be
used by an attacker to get access to sensitive information. The new
version for Debian 2.2 also includes backports of security related
patches from mailman 2.0.11."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2002/dsa-147"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the mailman package.

This problem has been fixed in version 2.0.11-1woody4 for the current
stable distribution (woody), in version 1.1-10.1 for the old stable
distribution (potato) and in version 2.0.12-1 for the unstable
distribution (sid)."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mailman");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:2.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2002/08/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"2.2", prefix:"mailman", reference:"1.1-10.1")) flag++;
if (deb_check(release:"3.0", prefix:"mailman", reference:"2.0.11-1woody4")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxmailmanp-cpe:/a:debian:debian_linux:mailman
debiandebian_linux2.2cpe:/o:debian:debian_linux:2.2
debiandebian_linux3.0cpe:/o:debian:debian_linux:3.0

Related

osv 1
openvas 4
debian 4
cve 2
nessus 2
debiancve 2
osv
osv
mailman - cross-site scripting
2002-08-08 00:00:00
openvas
openvas
Debian Security Advisory DSA 147-2 (mailman)
2008-01-17 00:00:00
Debian Security Advisory DSA 147-1 (mailman)
2008-01-17 00:00:00
Debian Security Advisory DSA 147-1 (mailman)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 147-2] New mailman packages fix cross-site scripting problem
2002-08-26 17:03:51
[SECURITY] [DSA 147-2] New mailman packages fix cross-site scripting problem
2002-08-26 17:03:51
[SECURITY] [DSA 147-1] New mailman packages fix cross-site scripting problem
2002-08-09 07:15:42
cve
cve
CVE-2002-0388
2002-06-18 04:00:00
CVE-2002-0855
2002-09-05 04:00:00
nessus
nessus
RHEL 2.1 : mailman (RHSA-2002:125)
2004-07-06 00:00:00
RHEL 2.1 : mailman (RHSA-2002:181)
2004-07-06 00:00:00
debiancve
debiancve
CVE-2002-0388
2002-06-18 04:00:00
CVE-2002-0855
2002-09-05 04:00:00
JSON
Related for DEBIAN_DSA-147.NASL
osv1openvas4debian4cve2nessus2debiancve2