Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.DEBIAN_DSA-215.NASL
HistorySep 29, 2004 - 12:00 a.m.

Debian DSA-215-1 : cyrus-imapd - buffer overflow

2004-09-2900:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
21
JSON

Timo Sirainen discovered a buffer overflow in the Cyrus IMAP server, which could be exploited by a remote attacker prior to logging in. A malicious user could craft a request to run commands on the server under the UID and GID of the cyrus server.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-215. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(15052);
  script_version("1.26");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2002-1580");
  script_bugtraq_id(6298);
  script_xref(name:"CERT", value:"740169");
  script_xref(name:"DSA", value:"215");

  script_name(english:"Debian DSA-215-1 : cyrus-imapd - buffer overflow");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Timo Sirainen discovered a buffer overflow in the Cyrus IMAP server,
which could be exploited by a remote attacker prior to logging in. A
malicious user could craft a request to run commands on the server
under the UID and GID of the cyrus server."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2002/dsa-215"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the cyrus-imapd package.

For the current stable distribution (woody) this problem has been
fixed in version 1.5.19-9.1.

For the old stable distribution (potato) this problem has been fixed
in version 1.5.19-2.2."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:cyrus-imapd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:2.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2002/12/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"2.2", prefix:"cyrus-admin", reference:"1.5.19-2.2")) flag++;
if (deb_check(release:"2.2", prefix:"cyrus-common", reference:"1.5.19-2.2")) flag++;
if (deb_check(release:"2.2", prefix:"cyrus-dev", reference:"1.5.19-2.2")) flag++;
if (deb_check(release:"2.2", prefix:"cyrus-imapd", reference:"1.5.19-2.2")) flag++;
if (deb_check(release:"2.2", prefix:"cyrus-nntp", reference:"1.5.19-2.2")) flag++;
if (deb_check(release:"2.2", prefix:"cyrus-pop3d", reference:"1.5.19-2.2")) flag++;
if (deb_check(release:"3.0", prefix:"cyrus-admin", reference:"1.5.19-9.1")) flag++;
if (deb_check(release:"3.0", prefix:"cyrus-common", reference:"1.5.19-9.1")) flag++;
if (deb_check(release:"3.0", prefix:"cyrus-dev", reference:"1.5.19-9.1")) flag++;
if (deb_check(release:"3.0", prefix:"cyrus-imapd", reference:"1.5.19-9.1")) flag++;
if (deb_check(release:"3.0", prefix:"cyrus-nntp", reference:"1.5.19-9.1")) flag++;
if (deb_check(release:"3.0", prefix:"cyrus-pop3d", reference:"1.5.19-9.1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxcyrus-imapdp-cpe:/a:debian:debian_linux:cyrus-imapd
debiandebian_linux2.2cpe:/o:debian:debian_linux:2.2
debiandebian_linux3.0cpe:/o:debian:debian_linux:3.0

Related

openvas 3
nessus 2
osv 1
freebsd 1
cve 1
cvelist 1
debiancve 1
openvas
openvas
Cyrus IMAP pre-login buffer overflow
2005-11-03 00:00:00
FreeBSD Ports: cyrus
2008-09-04 00:00:00
FreeBSD Ports: cyrus
2008-09-04 00:00:00
nessus
nessus
FreeBSD : Cyrus IMAP pre-authentication heap overflow vulnerability (33)
2004-07-06 00:00:00
FreeBSD : Cyrus IMAP pre-authentication heap overflow vulnerability (35f6fdf8-a425-11d8-9c6d-0020ed76ef5a)
2009-04-23 00:00:00
osv
osv
cyrus-imapd - buffer overflow
2002-12-23 00:00:00
freebsd
freebsd
Cyrus IMAP pre-authentication heap overflow vulnerability
2002-12-02 00:00:00
cve
cve
CVE-2002-1580
2004-06-14 04:00:00
cvelist
cvelist
CVE-2002-1580
2004-05-20 04:00:00
debiancve
debiancve
CVE-2002-1580
2004-06-14 04:00:00
JSON
Related for DEBIAN_DSA-215.NASL
openvas3nessus2osv1freebsd1cve1cvelist1debiancve1