ID DEBIAN_DSA-150.NASL Type nessus Reporter Tenable Modified 2018-07-20T00:00:00
Description
A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.
This problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.
#%NASL_MIN_LEVEL 70103
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-150. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include("compat.inc");
if (description)
{
script_id(14987);
script_version("1.19");
script_cvs_date("Date: 2018/07/20 2:17:10");
script_cve_id("CVE-2002-0874");
script_bugtraq_id(5453);
script_xref(name:"DSA", value:"150");
script_name(english:"Debian DSA-150-1 : interchange - illegal file exposition");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"A problem has been discovered in Interchange, an e-commerce and
general HTTP database display system, which can lead to an attacker
being able to read any file to which the user of the Interchange
daemon has sufficient permissions, when Interchange runs in 'INET
mode' (internet domain socket). This is not the default setting in
Debian packages, but configurable with Debconf and via configuration
file. We also believe that this bug cannot exploited on a regular
Debian system.
This problem has been fixed by the package maintainer in version
4.8.3.20020306-1.woody.1 for the current stable distribution (woody)
and in version 4.8.6-1 for the unstable distribution (sid). The old
stable distribution (potato) is not affected, since it doesn't ship
the Interchange system."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.debian.org/security/2002/dsa-150"
);
script_set_attribute(attribute:"solution", value:"Upgrade the interchange packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:interchange");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0");
script_set_attribute(attribute:"patch_publication_date", value:"2002/08/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29");
script_set_attribute(attribute:"vuln_publication_date", value:"2002/08/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"3.0", prefix:"interchange", reference:"4.8.3.20020306-1.woody.1")) flag++;
if (deb_check(release:"3.0", prefix:"interchange-cat-foundation", reference:"4.8.3.20020306-1.woody.1")) flag++;
if (deb_check(release:"3.0", prefix:"interchange-ui", reference:"4.8.3.20020306-1.woody.1")) flag++;
if (deb_check(release:"3.0", prefix:"libapache-mod-interchange", reference:"4.8.3.20020306-1.woody.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "DEBIAN_DSA-150.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "description": "A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.\n\nThis problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.", "published": "2004-09-29T00:00:00", "modified": "2018-07-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "reporter": "Tenable", "references": ["http://www.debian.org/security/2002/dsa-150"], "cvelist": ["CVE-2002-0874"], "type": "nessus", "lastseen": "2019-02-21T01:08:08", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:interchange"], "cvelist": ["CVE-2002-0874"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.\n\nThis problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "7de5b7b3708d3cd829c23556f5d241091c390aa3a7665ad953048d78463d39d0", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5768ccc09976cb34c03cded3fe05bb19", "key": "title"}, {"hash": "3ba5bc871616ff52e8ea1e4d03003a7b", "key": "references"}, {"hash": "1b38cc09ed3fb15e797212489bdb9e48", "key": "pluginID"}, {"hash": "a91a87d1357351566a964ab2483ca255", "key": "description"}, {"hash": "97929f8d7dceae5a355e84072949839a", "key": "href"}, {"hash": "10f1aa68d10ed138db200e3d849ce90d", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "e33c07803f96a4c7bbe4f8cd6015e610", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d6f19c1e8a6ee718e535736377dec17a", "key": "sourceData"}, {"hash": "7073e6f7bba9f9bd6bfb13d075527f03", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "0c162ebcde94679e506b2b0ee3e72fd2", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "id": "DEBIAN_DSA-150.NASL", "lastseen": "2017-10-29T13:46:07", "modified": "2013-05-17T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "14987", "published": "2004-09-29T00:00:00", "references": ["http://www.debian.org/security/2002/dsa-150"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"$Revision: 1.17 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:45:45 $\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_osvdb_id(7133);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:46:07"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:interchange"], "cvelist": ["CVE-2002-0874"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.\n\nThis problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "5fd70a212a9c07548a13b3c769e52b59c108162fcb6dce63812114d356557bfb", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5768ccc09976cb34c03cded3fe05bb19", "key": "title"}, {"hash": "3ba5bc871616ff52e8ea1e4d03003a7b", "key": "references"}, {"hash": "1b38cc09ed3fb15e797212489bdb9e48", "key": "pluginID"}, {"hash": "a91a87d1357351566a964ab2483ca255", "key": "description"}, {"hash": "97929f8d7dceae5a355e84072949839a", "key": "href"}, {"hash": "34288c79e79acf9ff2eb2e88e3d4f828", "key": "modified"}, {"hash": "b0a067b8ee1311b77067ec900b0a2d4b", "key": "sourceData"}, {"hash": "10f1aa68d10ed138db200e3d849ce90d", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "e33c07803f96a4c7bbe4f8cd6015e610", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "7073e6f7bba9f9bd6bfb13d075527f03", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "id": "DEBIAN_DSA-150.NASL", "lastseen": "2018-08-02T08:29:46", "modified": "2018-07-20T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "14987", "published": "2004-09-29T00:00:00", "references": ["http://www.debian.org/security/2002/dsa-150"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "type": "nessus", "viewCount": 4}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-02T08:29:46"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:interchange"], "cvelist": ["CVE-2002-0874"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.\n\nThis problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.", "edition": 6, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "5fd70a212a9c07548a13b3c769e52b59c108162fcb6dce63812114d356557bfb", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5768ccc09976cb34c03cded3fe05bb19", "key": "title"}, {"hash": "3ba5bc871616ff52e8ea1e4d03003a7b", "key": "references"}, {"hash": "1b38cc09ed3fb15e797212489bdb9e48", "key": "pluginID"}, {"hash": "a91a87d1357351566a964ab2483ca255", "key": "description"}, {"hash": "97929f8d7dceae5a355e84072949839a", "key": "href"}, {"hash": "34288c79e79acf9ff2eb2e88e3d4f828", "key": "modified"}, {"hash": "b0a067b8ee1311b77067ec900b0a2d4b", "key": "sourceData"}, {"hash": "10f1aa68d10ed138db200e3d849ce90d", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "e33c07803f96a4c7bbe4f8cd6015e610", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "7073e6f7bba9f9bd6bfb13d075527f03", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "id": "DEBIAN_DSA-150.NASL", "lastseen": "2018-09-02T00:11:04", "modified": "2018-07-20T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "14987", "published": "2004-09-29T00:00:00", "references": ["http://www.debian.org/security/2002/dsa-150"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "type": "nessus", "viewCount": 4}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-09-02T00:11:04"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:interchange"], "cvelist": ["CVE-2002-0874"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.\n\nThis problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "079d169ec778d6117e3974cf1beb9a2e5536d3c783e604c7c5f6793e66042f5a", "hashmap": [{"hash": "48d60a46ed3f845ea90484e4bf421124", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5768ccc09976cb34c03cded3fe05bb19", "key": "title"}, {"hash": "3ba5bc871616ff52e8ea1e4d03003a7b", "key": "references"}, {"hash": "1b38cc09ed3fb15e797212489bdb9e48", "key": "pluginID"}, {"hash": "a91a87d1357351566a964ab2483ca255", "key": "description"}, {"hash": "97929f8d7dceae5a355e84072949839a", "key": "href"}, {"hash": "10f1aa68d10ed138db200e3d849ce90d", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "e33c07803f96a4c7bbe4f8cd6015e610", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "26fedbd80784e07c2405ec398cd70e48", "key": "sourceData"}, {"hash": "7073e6f7bba9f9bd6bfb13d075527f03", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "id": "DEBIAN_DSA-150.NASL", "lastseen": "2018-07-10T06:22:37", "modified": "2018-07-09T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "14987", "published": "2004-09-29T00:00:00", "references": ["http://www.debian.org/security/2002/dsa-150"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/07/09 14:30:23\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "type": "nessus", "viewCount": 4}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2018-07-10T06:22:37"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2002-0874"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.\n\nThis problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.", "edition": 1, "enchantments": {}, "hash": "de5e564d1e9204f062841702a1f0c1186d4cff3043adf7fa6f89c01844414a87", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5768ccc09976cb34c03cded3fe05bb19", "key": "title"}, {"hash": "3ba5bc871616ff52e8ea1e4d03003a7b", "key": "references"}, {"hash": "1b38cc09ed3fb15e797212489bdb9e48", "key": "pluginID"}, {"hash": "a91a87d1357351566a964ab2483ca255", "key": "description"}, {"hash": "97929f8d7dceae5a355e84072949839a", "key": "href"}, {"hash": "10f1aa68d10ed138db200e3d849ce90d", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "e33c07803f96a4c7bbe4f8cd6015e610", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d6f19c1e8a6ee718e535736377dec17a", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}, {"hash": "0c162ebcde94679e506b2b0ee3e72fd2", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "id": "DEBIAN_DSA-150.NASL", "lastseen": "2016-09-26T17:26:47", "modified": "2013-05-17T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.2", "pluginID": "14987", "published": "2004-09-29T00:00:00", "references": ["http://www.debian.org/security/2002/dsa-150"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"$Revision: 1.17 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:45:45 $\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_osvdb_id(7133);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:interchange"], "cvelist": ["CVE-2002-0874"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "A problem has been discovered in Interchange, an e-commerce and general HTTP database display system, which can lead to an attacker being able to read any file to which the user of the Interchange daemon has sufficient permissions, when Interchange runs in 'INET mode' (internet domain socket). This is not the default setting in Debian packages, but configurable with Debconf and via configuration file. We also believe that this bug cannot exploited on a regular Debian system.\n\nThis problem has been fixed by the package maintainer in version 4.8.3.20020306-1.woody.1 for the current stable distribution (woody) and in version 4.8.6-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't ship the Interchange system.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "24d5ca182758408a82254df752dfb2ece1faa016a8f089425aadf5bb24907046", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5768ccc09976cb34c03cded3fe05bb19", "key": "title"}, {"hash": "3ba5bc871616ff52e8ea1e4d03003a7b", "key": "references"}, {"hash": "1b38cc09ed3fb15e797212489bdb9e48", "key": "pluginID"}, {"hash": "a91a87d1357351566a964ab2483ca255", "key": "description"}, {"hash": "97929f8d7dceae5a355e84072949839a", "key": "href"}, {"hash": "34288c79e79acf9ff2eb2e88e3d4f828", "key": "modified"}, {"hash": "b0a067b8ee1311b77067ec900b0a2d4b", "key": "sourceData"}, {"hash": "10f1aa68d10ed138db200e3d849ce90d", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "e33c07803f96a4c7bbe4f8cd6015e610", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "7073e6f7bba9f9bd6bfb13d075527f03", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "id": "DEBIAN_DSA-150.NASL", "lastseen": "2018-08-30T19:58:46", "modified": "2018-07-20T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "14987", "published": "2004-09-29T00:00:00", "references": ["http://www.debian.org/security/2002/dsa-150"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "type": "nessus", "viewCount": 4}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-30T19:58:46"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:interchange"], "cvelist": ["CVE-2002-0874"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:05:40", "references": [{"idList": ["INTERCHANGE_DETECT.NASL"], "type": "nessus"}, {"idList": ["CVE-2002-0874"], "type": "cve"}, {"idList": ["OSVDB:7133"], "type": "osvdb"}, {"idList": ["OPENVAS:53410"], "type": "openvas"}, {"idList": ["EDB-ID:21706"], "type": "exploitdb"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "e8691907b61e2dc65e5b476e54920e21e71fa62b3caafb91e40be43b727fbc89", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5768ccc09976cb34c03cded3fe05bb19", "key": "title"}, {"hash": "3ba5bc871616ff52e8ea1e4d03003a7b", "key": "references"}, {"hash": "1b38cc09ed3fb15e797212489bdb9e48", "key": "pluginID"}, {"hash": "2b5495d1e5081755674ba7e42fe47c98", "key": "description"}, {"hash": "97929f8d7dceae5a355e84072949839a", "key": "href"}, {"hash": "34288c79e79acf9ff2eb2e88e3d4f828", "key": "modified"}, {"hash": "b0a067b8ee1311b77067ec900b0a2d4b", "key": "sourceData"}, {"hash": "10f1aa68d10ed138db200e3d849ce90d", "key": "cvelist"}, {"hash": "a792e2393dff1e200b885c5245988f6f", "key": "cvss"}, {"hash": "e33c07803f96a4c7bbe4f8cd6015e610", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "7073e6f7bba9f9bd6bfb13d075527f03", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=14987", "id": "DEBIAN_DSA-150.NASL", "lastseen": "2019-01-16T20:05:40", "modified": "2018-07-20T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "14987", "published": "2004-09-29T00:00:00", "references": ["http://www.debian.org/security/2002/dsa-150"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-150-1 : interchange - illegal file exposition", "type": "nessus", "viewCount": 4}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:05:40"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "7073e6f7bba9f9bd6bfb13d075527f03"}, {"key": "cvelist", "hash": "10f1aa68d10ed138db200e3d849ce90d"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "a91a87d1357351566a964ab2483ca255"}, {"key": "href", "hash": "97929f8d7dceae5a355e84072949839a"}, {"key": "modified", "hash": "34288c79e79acf9ff2eb2e88e3d4f828"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "1b38cc09ed3fb15e797212489bdb9e48"}, {"key": "published", "hash": "e33c07803f96a4c7bbe4f8cd6015e610"}, {"key": "references", "hash": "3ba5bc871616ff52e8ea1e4d03003a7b"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "b0a067b8ee1311b77067ec900b0a2d4b"}, {"key": "title", "hash": "5768ccc09976cb34c03cded3fe05bb19"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "5fd70a212a9c07548a13b3c769e52b59c108162fcb6dce63812114d356557bfb", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2002-0874"]}, {"type": "nessus", "idList": ["INTERCHANGE_DETECT.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:53410"]}, {"type": "osvdb", "idList": ["OSVDB:7133"]}, {"type": "exploitdb", "idList": ["EDB-ID:21706"]}], "modified": "2019-02-21T01:08:08"}, "score": {"value": 6.4, "vector": "NONE", "modified": "2019-02-21T01:08:08"}, "vulnersScore": 6.4}, "objectVersion": "1.3", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-150. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14987);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Debian DSA-150-1 : interchange - illegal file exposition\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in 'INET\nmode' (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-150\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the interchange packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:interchange\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-cat-foundation\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"interchange-ui\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libapache-mod-interchange\", reference:\"4.8.3.20020306-1.woody.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "14987", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:interchange"], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:07:39", "bulletinFamily": "NVD", "description": "Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.", "modified": "2008-09-10T19:13:00", "id": "CVE-2002-0874", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0874", "published": "2002-09-05T04:00:00", "title": "CVE-2002-0874", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "exploitdb": [{"lastseen": "2016-02-02T17:05:26", "bulletinFamily": "exploit", "description": "Red Hat Interchange 4.8.x Arbitrary File Read Vulnerability. CVE-2002-0874. Remote exploit for linux platform", "modified": "2002-08-13T00:00:00", "published": "2002-08-13T00:00:00", "id": "EDB-ID:21706", "href": "https://www.exploit-db.com/exploits/21706/", "type": "exploitdb", "title": "Red Hat Interchange 4.8.x - Arbitrary File Read Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/5453/info\r\n\r\nA vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers.\r\n\r\nThe vulnerability occurs due to the placement of the 'doc' folder. Reportedly, the folder will be installed as follows: <INTERCHANGE_ROOT>/doc. This folder, by default, contains Interchange man pages. This vulnerability is only exploitable when the Interchange service runs in INET (Internet service) mode.\r\n\r\nAn attacker may exploit this vulnerability to the contents of restricted files accessible to the Interchange process.\r\n\r\nIt has been reported that this issue may be exploited through a '../' directory traversal sequence in a HTTP request to the vulnerable server.\r\n\r\nhttp://www.domain.com:7786/../../../../../../../../../etc/passwd", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/21706/"}], "osvdb": [{"lastseen": "2017-04-28T13:20:02", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 4.8.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor Specific Solution URL: http://www.icdevgroup.org/pipermail/interchange-users/2003-November/036565.html\n[Vendor Specific Advisory URL](http://www.debian.org/security/2002/dsa-150)\n[Nessus Plugin ID:11128](https://vulners.com/search?query=pluginID:11128)\nISS X-Force ID: 9833\n[CVE-2002-0874](https://vulners.com/cve/CVE-2002-0874)\nBugtraq ID: 5453\n", "modified": "2002-08-13T00:00:00", "published": "2002-08-13T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:7133", "id": "OSVDB:7133", "title": "Interchange INET Mode Arbitrary File Access", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:14", "bulletinFamily": "scanner", "description": "The remote host is missing an update to interchange\nannounced via advisory DSA 150-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53410", "id": "OPENVAS:53410", "title": "Debian Security Advisory DSA 150-1 (interchange)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_150_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 150-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A problem has been discovered in Interchange, an e-commerce and\ngeneral HTTP database display system, which can lead to an attacker\nbeing able to read any file to which the user of the Interchange\ndaemon has sufficient permissions, when Interchange runs in INET\nmode (internet domain socket). This is not the default setting in\nDebian packages, but configurable with Debconf and via configuration\nfile. We also believe that this bug cannot exploited on a regular\nDebian system.\n\nThis problem has been fixed by the package maintainer in version\n4.8.3.20020306-1.woody.1 for the current stable distribution (woody)\nand in version 4.8.6-1 for the unstable distribution (sid). The old\nstable distribution (potato) is not affected, since it doesn't ship\nthe Interchange system.\n\nWe recommend that you upgrade your interchange packages.\";\ntag_summary = \"The remote host is missing an update to interchange\nannounced via advisory DSA 150-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20150-1\";\n\nif(description)\n{\n script_id(53410);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:24:46 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 150-1 (interchange)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"interchange-cat-foundation\", ver:\"4.8.3.20020306-1.woody.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"interchange-ui\", ver:\"4.8.3.20020306-1.woody.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"interchange\", ver:\"4.8.3.20020306-1.woody.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache-mod-interchange\", ver:\"4.8.3.20020306-1.woody.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2019-02-21T01:07:44", "bulletinFamily": "scanner", "description": "It seems that 'Red Hat Interchange' ecommerce and dynamic content management application is running in 'Inet' mode on this port.\n\nVersions 4.8.5 and earlier are flawed and may disclose contents of sensitive files to attackers.\n\n** Nessus neither checked Interchange version nor tried \n** to exploit the vulnerability", "modified": "2018-07-12T00:00:00", "id": "INTERCHANGE_DETECT.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=11128", "published": "2002-09-21T00:00:00", "title": "Red Hat Interchange INET Mode Detection", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# Script audit and contributions from Carmichael Security \n# Erik Anderson <eanders@carmichaelsecurity.com>\n# Added BugtraqID\n#\n# Note: this service is *not* a web server, but it looks like it for \n# find_service\n# HEAD / HTTP/1.0\t(the only request it seems to recognize)\n# HTTP/1.0 200 OK\n# Last-modified: [15/August/2002:17:41:40 +0200]\n# Content-type: application/octet-stream\n#\n# GET / HTTP/1.0 (or anything else, even not HTTP: GROUMPF\\r\\n)\n# HTTP/1.0 404 Not found\n# Content-type: application/octet-stream\n#\n# / not a Interchange catalog or help file.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(11128);\n script_version (\"1.20\");\n script_cve_id(\"CVE-2002-0874\");\n script_bugtraq_id(5453);\n script_xref(name:\"DSA\", value:\"150\");\n\n script_name(english:\"Red Hat Interchange INET Mode Detection\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is running Red Hat Interchange.\" );\n script_set_attribute(attribute:\"description\", value:\n\"It seems that 'Red Hat Interchange' ecommerce and dynamic \ncontent management application is running in 'Inet' mode \non this port.\n\nVersions 4.8.5 and earlier are flawed and may disclose \ncontents of sensitive files to attackers.\n\n** Nessus neither checked Interchange version nor tried \n** to exploit the vulnerability\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f3cc17f8\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade your software if necessary or configure it\nfor 'Unix mode' communication only.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n \n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2002/09/21\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2002/08/13\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n script_summary(english:\"Redhat Interchange e-commerce application detection\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Service detection\");\n script_dependencie(\"http_version.nasl\");\n script_require_ports(\"Services/www\", 7786);\n exit(0);\n}\n\n####\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:7786);\n\nw = http_send_recv_buf(port:port, data: 'NESSUS / HTTP/1.0\\r\\n\\r\\n',\n exit_on_fail: TRUE);\nr = strcat(w[0], w[1], '\\r\\n', w[2]);\nif (\"/ not a Interchange catalog or help file\" >< r) security_warning(port);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}
