Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2021 Tenable Network Security, Inc.DEBIAN_DSA-732.NASL
HistoryJun 17, 2005 - 12:00 a.m.

Debian DSA-732-1 : mailutils - several vulnerabilities

2005-06-1700:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
15
JSON

‘infamous41md’ discovered several vulnerabilities in the GNU mailutils package which contains utilities for handling mail. These problems can lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities.

  • CAN-2005-1520 Buffer overflow mail header handling may allow a remote attacker to execute commands with the privileges of the targeted user.

  • CAN-2005-1521

    Combined integer and heap overflow in the fetch routine can lead to the execution of arbitrary code.

  • CAN-2005-1522

    Denial of service in the fetch routine.

  • CAN-2005-1523

    Format string vulnerability can lead to the execution of arbitrary code.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-732. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(18519);
  script_version("1.23");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2005-1520", "CVE-2005-1521", "CVE-2005-1522", "CVE-2005-1523");
  script_xref(name:"DSA", value:"732");

  script_name(english:"Debian DSA-732-1 : mailutils - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"'infamous41md' discovered several vulnerabilities in the GNU mailutils
package which contains utilities for handling mail. These problems can
lead to a denial of service or the execution of arbitrary code. The
Common Vulnerabilities and Exposures project identifies the following
vulnerabilities.

  - CAN-2005-1520
    Buffer overflow mail header handling may allow a remote
    attacker to execute commands with the privileges of the
    targeted user.

  - CAN-2005-1521

    Combined integer and heap overflow in the fetch routine
    can lead to the execution of arbitrary code.

  - CAN-2005-1522

    Denial of service in the fetch routine.

  - CAN-2005-1523

    Format string vulnerability can lead to the execution of
    arbitrary code."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2005/dsa-732"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the mailutils packages.

For the stable distribution (woody) these problems have been fixed in
version 20020409-1woody2."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mailutils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2005/06/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/06/17");
  script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"3.0", prefix:"libmailutils0", reference:"20020409-1woody2")) flag++;
if (deb_check(release:"3.0", prefix:"libmailutils0-dev", reference:"20020409-1woody2")) flag++;
if (deb_check(release:"3.0", prefix:"mailutils", reference:"20020409-1woody2")) flag++;
if (deb_check(release:"3.0", prefix:"mailutils-doc", reference:"20020409-1woody2")) flag++;
if (deb_check(release:"3.0", prefix:"mailutils-imap4d", reference:"20020409-1woody2")) flag++;
if (deb_check(release:"3.0", prefix:"mailutils-pop3d", reference:"20020409-1woody2")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxmailutilsp-cpe:/a:debian:debian_linux:mailutils
debiandebian_linux3.0cpe:/o:debian:debian_linux:3.0

Related

debian 2
osv 1
openvas 4
gentoo 1
nessus 2
securityvulns 4
debiancve 4
ubuntucve 4
cve 4
checkpoint_advisories 1
debian
debian
[SECURITY] [DSA 732-1] New mailutils packages fix several vulnerabilities
2005-06-03 15:52:44
[SECURITY] [DSA 732-1] New mailutils packages fix several vulnerabilities
2005-06-03 00:00:00
osv
osv
mailutils - several
2005-06-03 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-732-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200505-20 (mailutils)
2008-09-24 00:00:00
Debian Security Advisory DSA 732-1 (mailutils)
2008-01-17 00:00:00
gentoo
gentoo
Mailutils: Multiple vulnerabilities in imap4d and mail
2005-05-27 00:00:00
nessus
nessus
GLSA-200505-20 : Mailutils: Multiple vulnerabilities in imap4d and mail
2005-05-28 00:00:00
GNU Mailutils <= 0.6 Multiple Vulnerabilities
2005-05-26 00:00:00
securityvulns
securityvulns
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d FETCH Command Resource Consumption DoS Vulnerability
2005-05-26 00:00:00
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 mail header_get_field_name&#40;&#41; Buffer Overflow Vulnerability
2005-05-26 00:00:00
iDEFENSE Security Advisory 05.25.05: GNU Mailutils 0.6 imap4d Format String Vulnerability
2005-05-26 00:00:00
debiancve
debiancve
CVE-2005-1520
2005-05-26 04:00:00
CVE-2005-1522
2005-05-26 04:00:00
CVE-2005-1521
2005-05-26 04:00:00
ubuntucve
ubuntucve
CVE-2005-1522
2005-05-26 00:00:00
CVE-2005-1520
2005-05-26 00:00:00
CVE-2005-1523
2005-05-26 00:00:00
cve
cve
CVE-2005-1522
2005-05-26 04:00:00
CVE-2005-1520
2005-05-26 04:00:00
CVE-2005-1521
2005-05-26 04:00:00
checkpoint_advisories
checkpoint_advisories
GNU Mailutils imap4d Format String (CVE-2005-1523)
2009-10-08 00:00:00
JSON
Related for DEBIAN_DSA-732.NASL
debian2osv1openvas4gentoo1nessus2securityvulns4debiancve4ubuntucve4cve4checkpoint_advisories1