ID GENTOO_GLSA-200505-17.NASL Type nessus Reporter Tenable Modified 2018-08-10T00:00:00
Description
The remote host is affected by the vulnerability described in GLSA-200505-17 (Qpopper: Multiple Vulnerabilities)
Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152).
Impact :
A malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable.
Workaround :
There is no known workaround at this time.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200505-17.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#
include("compat.inc");
if (description)
{
script_id(18381);
script_version("1.15");
script_cvs_date("Date: 2018/08/10 18:07:06");
script_cve_id("CVE-2005-1151", "CVE-2005-1152");
script_xref(name:"GLSA", value:"200505-17");
script_name(english:"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities");
script_summary(english:"Checks for updated package(s) in /var/db/pkg");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Gentoo host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"The remote host is affected by the vulnerability described in GLSA-200505-17
(Qpopper: Multiple Vulnerabilities)
Jens Steube discovered that Qpopper doesn't drop privileges to
process local files from normal users (CAN-2005-1151). The upstream
developers discovered that Qpopper can be forced to create group or
world writeable files (CAN-2005-1152).
Impact :
A malicious local attacker could exploit Qpopper to overwrite
arbitrary files as root or create new files which are group or world
writeable.
Workaround :
There is no known workaround at this time."
);
script_set_attribute(
attribute:"see_also",
value:"https://security.gentoo.org/glsa/200505-17"
);
script_set_attribute(
attribute:"solution",
value:
"All Qpopper users should upgrade to the latest available version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'"
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:qpopper");
script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2005/05/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/05/28");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
script_family(english:"Gentoo Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (qpkg_check(package:"net-mail/qpopper", unaffected:make_list("ge 4.0.5-r3"), vulnerable:make_list("lt 4.0.5-r3"))) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = qpkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Qpopper");
}
{"id": "GENTOO_GLSA-200505-17.NASL", "bulletinFamily": "scanner", "title": "GLSA-200505-17 : Qpopper: Multiple Vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-200505-17 (Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152).\n Impact :\n\n A malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable.\n Workaround :\n\n There is no known workaround at this time.", "published": "2005-05-28T00:00:00", "modified": "2018-08-10T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=18381", "reporter": "Tenable", "references": ["https://security.gentoo.org/glsa/200505-17"], "cvelist": ["CVE-2005-1152", "CVE-2005-1151"], "type": "nessus", "lastseen": "2019-02-21T01:08:34", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-1152", "CVE-2005-1151"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The remote host is affected by the vulnerability described in GLSA-200505-17 (Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152).\n Impact :\n\n A malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable.\n Workaround :\n\n There is no known workaround at this time.", "edition": 1, "enchantments": {}, "hash": "88be7dbdf443311449cd12d1754fc8f8fc3e26ad22fb4daa15193cb9aba03a3a", "hashmap": [{"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7e22d92d6637229741f58e2c740fd526", "key": "title"}, {"hash": "073bbbf1895638d4a76f3b04ad2ba7b0", "key": "references"}, {"hash": "ffe1be38611dd0b78da2e44d0f9a3a4a", "key": "href"}, {"hash": "460d4bce09ac4af02c7777ef776a88f2", "key": "description"}, {"hash": "f93660ee0d0d45804e10163ffaa7232c", "key": "sourceData"}, {"hash": "326af443ca0c41e91daa171ff124ce60", "key": "modified"}, {"hash": "125fec640f3e7859b9724f554163dba7", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "2bd0a92f3cc8f85e2d23f8addcb52eca", "key": "pluginID"}, {"hash": "c9b255531616b13ca0c613bf2258344c", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18381", "id": "GENTOO_GLSA-200505-17.NASL", "lastseen": "2016-09-26T17:23:11", "modified": "2015-04-13T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.2", "pluginID": "18381", "published": "2005-05-28T00:00:00", "references": ["https://security.gentoo.org/glsa/200505-17"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18381);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2015/04/13 13:41:59 $\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_osvdb_id(16810, 16811);\n script_xref(name:\"GLSA\", value:\"200505-17\");\n\n script_name(english:\"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\n \nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Qpopper users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/qpopper\", unaffected:make_list(\"ge 4.0.5-r3\"), vulnerable:make_list(\"lt 4.0.5-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Qpopper\");\n}\n", "title": "GLSA-200505-17 : Qpopper: Multiple Vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:11"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:qpopper"], "cvelist": ["CVE-2005-1152", "CVE-2005-1151"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The remote host is affected by the vulnerability described in GLSA-200505-17 (Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152).\n Impact :\n\n A malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable.\n Workaround :\n\n There is no known workaround at this time.", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "e626035d256291146ead45c99519ac8a75604ba39be8abf57480713fb16fa095", "hashmap": [{"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "bdfb62e4c5e241dd9692fe73955ab4a2", "key": "cpe"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7e22d92d6637229741f58e2c740fd526", "key": "title"}, {"hash": "073bbbf1895638d4a76f3b04ad2ba7b0", "key": "references"}, {"hash": "ffe1be38611dd0b78da2e44d0f9a3a4a", "key": "href"}, {"hash": "460d4bce09ac4af02c7777ef776a88f2", "key": "description"}, {"hash": "37ef39134c888e9039a793261c30a276", "key": "sourceData"}, {"hash": "125fec640f3e7859b9724f554163dba7", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "2bd0a92f3cc8f85e2d23f8addcb52eca", "key": "pluginID"}, {"hash": "c9b255531616b13ca0c613bf2258344c", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18381", "id": "GENTOO_GLSA-200505-17.NASL", "lastseen": "2018-08-11T08:56:03", "modified": "2018-08-10T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "18381", "published": "2005-05-28T00:00:00", "references": ["https://security.gentoo.org/glsa/200505-17"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18381);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:06\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_xref(name:\"GLSA\", value:\"200505-17\");\n\n script_name(english:\"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\n \nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Qpopper users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/qpopper\", unaffected:make_list(\"ge 4.0.5-r3\"), vulnerable:make_list(\"lt 4.0.5-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Qpopper\");\n}\n", "title": "GLSA-200505-17 : Qpopper: Multiple Vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-11T08:56:03"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:qpopper"], "cvelist": ["CVE-2005-1152", "CVE-2005-1151"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The remote host is affected by the vulnerability described in GLSA-200505-17 (Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152).\n Impact :\n\n A malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "e626035d256291146ead45c99519ac8a75604ba39be8abf57480713fb16fa095", "hashmap": [{"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "bdfb62e4c5e241dd9692fe73955ab4a2", "key": "cpe"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7e22d92d6637229741f58e2c740fd526", "key": "title"}, {"hash": "073bbbf1895638d4a76f3b04ad2ba7b0", "key": "references"}, {"hash": "ffe1be38611dd0b78da2e44d0f9a3a4a", "key": "href"}, {"hash": "460d4bce09ac4af02c7777ef776a88f2", "key": "description"}, {"hash": "37ef39134c888e9039a793261c30a276", "key": "sourceData"}, {"hash": "125fec640f3e7859b9724f554163dba7", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "2bd0a92f3cc8f85e2d23f8addcb52eca", "key": "pluginID"}, {"hash": "c9b255531616b13ca0c613bf2258344c", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18381", "id": "GENTOO_GLSA-200505-17.NASL", "lastseen": "2018-09-01T23:33:34", "modified": "2018-08-10T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "18381", "published": "2005-05-28T00:00:00", "references": ["https://security.gentoo.org/glsa/200505-17"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18381);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:06\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_xref(name:\"GLSA\", value:\"200505-17\");\n\n script_name(english:\"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\n \nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Qpopper users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/qpopper\", unaffected:make_list(\"ge 4.0.5-r3\"), vulnerable:make_list(\"lt 4.0.5-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Qpopper\");\n}\n", "title": "GLSA-200505-17 : Qpopper: Multiple Vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-01T23:33:34"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:qpopper"], "cvelist": ["CVE-2005-1152", "CVE-2005-1151"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is affected by the vulnerability described in GLSA-200505-17 (Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152).\n Impact :\n\n A malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable.\n Workaround :\n\n There is no known workaround at this time.", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "3e6ea8feac3c04d5bee590c765126f06ff40588f1dd1da81c72fcf3898cb7601", "hashmap": [{"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "bdfb62e4c5e241dd9692fe73955ab4a2", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7e22d92d6637229741f58e2c740fd526", "key": "title"}, {"hash": "073bbbf1895638d4a76f3b04ad2ba7b0", "key": "references"}, {"hash": "ffe1be38611dd0b78da2e44d0f9a3a4a", "key": "href"}, {"hash": "460d4bce09ac4af02c7777ef776a88f2", "key": "description"}, {"hash": "37ef39134c888e9039a793261c30a276", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "125fec640f3e7859b9724f554163dba7", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "2bd0a92f3cc8f85e2d23f8addcb52eca", "key": "pluginID"}, {"hash": "c9b255531616b13ca0c613bf2258344c", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18381", "id": "GENTOO_GLSA-200505-17.NASL", "lastseen": "2018-08-30T19:30:37", "modified": "2018-08-10T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "18381", "published": "2005-05-28T00:00:00", "references": ["https://security.gentoo.org/glsa/200505-17"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18381);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:06\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_xref(name:\"GLSA\", value:\"200505-17\");\n\n script_name(english:\"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\n \nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Qpopper users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/qpopper\", unaffected:make_list(\"ge 4.0.5-r3\"), vulnerable:make_list(\"lt 4.0.5-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Qpopper\");\n}\n", "title": "GLSA-200505-17 : Qpopper: Multiple Vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:30:37"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:qpopper"], "cvelist": ["CVE-2005-1152", "CVE-2005-1151"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\nWorkaround :\n\n There is no known workaround at this time.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:06:07", "references": [{"idList": ["OPENVAS:53557", "OPENVAS:54949", "OPENVAS:53556", "OPENVAS:55812"], "type": "openvas"}, {"idList": ["DEBIAN:DSA-728-1:37685", "DEBIAN:DSA-728-2:DBFAB"], "type": "debian"}, {"idList": ["QPOPPER_FILE_HANDLING_VULNS.NASL", "SUSE9_10045.NASL", "DEBIAN_DSA-773.NASL", "DEBIAN_DSA-728.NASL", "FREEBSD_PKG_EB29A575338111DA8340000E0C2E438A.NASL"], "type": "nessus"}, {"idList": ["GLSA-200505-17"], "type": "gentoo"}, {"idList": ["EB29A575-3381-11DA-8340-000E0C2E438A"], "type": "freebsd"}, {"idList": ["SECURITYVULNS:DOC:8697"], "type": "securityvulns"}, {"idList": ["OSVDB:16811", "OSVDB:16810"], "type": "osvdb"}, {"idList": ["CVE-2005-1152", "CVE-2005-1151"], "type": "cve"}]}, "score": {"value": 7.2, "vector": "NONE"}}, "hash": "ee7f19383729c6be8f1e8085de2d654fd91d71be02e20f033c14120813717c48", "hashmap": [{"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "bdfb62e4c5e241dd9692fe73955ab4a2", "key": "cpe"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7e22d92d6637229741f58e2c740fd526", "key": "title"}, {"hash": "073bbbf1895638d4a76f3b04ad2ba7b0", "key": "references"}, {"hash": "ffe1be38611dd0b78da2e44d0f9a3a4a", "key": "href"}, {"hash": "37ef39134c888e9039a793261c30a276", "key": "sourceData"}, {"hash": "125fec640f3e7859b9724f554163dba7", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "91bf6ea68498527f6d2bcbf64f3eae3a", "key": "description"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "2bd0a92f3cc8f85e2d23f8addcb52eca", "key": "pluginID"}, {"hash": "c9b255531616b13ca0c613bf2258344c", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18381", "id": "GENTOO_GLSA-200505-17.NASL", "lastseen": "2019-01-16T20:06:07", "modified": "2018-08-10T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "18381", "published": "2005-05-28T00:00:00", "references": ["https://security.gentoo.org/glsa/200505-17"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18381);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:06\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_xref(name:\"GLSA\", value:\"200505-17\");\n\n script_name(english:\"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\n \nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Qpopper users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/qpopper\", unaffected:make_list(\"ge 4.0.5-r3\"), vulnerable:make_list(\"lt 4.0.5-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Qpopper\");\n}\n", "title": "GLSA-200505-17 : Qpopper: Multiple Vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:06:07"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:qpopper"], "cvelist": ["CVE-2005-1152", "CVE-2005-1151"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The remote host is affected by the vulnerability described in GLSA-200505-17 (Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152).\n Impact :\n\n A malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable.\n Workaround :\n\n There is no known workaround at this time.", "edition": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "4b5694837ff56d652697da92250bbbb46119bb7ad9fdc907d1713786d21b8a05", "hashmap": [{"hash": "bdfb62e4c5e241dd9692fe73955ab4a2", "key": "cpe"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "7e22d92d6637229741f58e2c740fd526", "key": "title"}, {"hash": "073bbbf1895638d4a76f3b04ad2ba7b0", "key": "references"}, {"hash": "ffe1be38611dd0b78da2e44d0f9a3a4a", "key": "href"}, {"hash": "460d4bce09ac4af02c7777ef776a88f2", "key": "description"}, {"hash": "f93660ee0d0d45804e10163ffaa7232c", "key": "sourceData"}, {"hash": "326af443ca0c41e91daa171ff124ce60", "key": "modified"}, {"hash": "125fec640f3e7859b9724f554163dba7", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "cf18d881f0f76f23f322ed3f861d3616", "key": "naslFamily"}, {"hash": "2bd0a92f3cc8f85e2d23f8addcb52eca", "key": "pluginID"}, {"hash": "c9b255531616b13ca0c613bf2258344c", "key": "cvelist"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18381", "id": "GENTOO_GLSA-200505-17.NASL", "lastseen": "2017-10-29T13:33:26", "modified": "2015-04-13T00:00:00", "naslFamily": "Gentoo Local Security Checks", "objectVersion": "1.3", "pluginID": "18381", "published": "2005-05-28T00:00:00", "references": ["https://security.gentoo.org/glsa/200505-17"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18381);\n script_version(\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2015/04/13 13:41:59 $\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_osvdb_id(16810, 16811);\n script_xref(name:\"GLSA\", value:\"200505-17\");\n\n script_name(english:\"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\n \nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Qpopper users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/qpopper\", unaffected:make_list(\"ge 4.0.5-r3\"), vulnerable:make_list(\"lt 4.0.5-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Qpopper\");\n}\n", "title": "GLSA-200505-17 : Qpopper: Multiple Vulnerabilities", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:33:26"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "bdfb62e4c5e241dd9692fe73955ab4a2"}, {"key": "cvelist", "hash": "c9b255531616b13ca0c613bf2258344c"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "description", "hash": "460d4bce09ac4af02c7777ef776a88f2"}, {"key": "href", "hash": "ffe1be38611dd0b78da2e44d0f9a3a4a"}, {"key": "modified", "hash": "9c6fe61712654f56360b12011e3de300"}, {"key": "naslFamily", "hash": "cf18d881f0f76f23f322ed3f861d3616"}, {"key": "pluginID", "hash": "2bd0a92f3cc8f85e2d23f8addcb52eca"}, {"key": "published", "hash": "125fec640f3e7859b9724f554163dba7"}, {"key": "references", "hash": "073bbbf1895638d4a76f3b04ad2ba7b0"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "37ef39134c888e9039a793261c30a276"}, {"key": "title", "hash": "7e22d92d6637229741f58e2c740fd526"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "e626035d256291146ead45c99519ac8a75604ba39be8abf57480713fb16fa095", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-1152", "CVE-2005-1151"]}, {"type": "openvas", "idList": ["OPENVAS:53556", "OPENVAS:53557", "OPENVAS:54949", "OPENVAS:55812"]}, {"type": "debian", "idList": ["DEBIAN:DSA-728-1:37685", "DEBIAN:DSA-728-2:DBFAB"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-728.NASL", "QPOPPER_FILE_HANDLING_VULNS.NASL", "FREEBSD_PKG_EB29A575338111DA8340000E0C2E438A.NASL", "SUSE9_10045.NASL", "DEBIAN_DSA-773.NASL"]}, {"type": "freebsd", "idList": ["EB29A575-3381-11DA-8340-000E0C2E438A"]}, {"type": "gentoo", "idList": ["GLSA-200505-17"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:8697"]}, {"type": "osvdb", "idList": ["OSVDB:16811", "OSVDB:16810"]}], "modified": "2019-02-21T01:08:34"}, "score": {"value": 6.5, "vector": "NONE", "modified": "2019-02-21T01:08:34"}, "vulnersScore": 6.5}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200505-17.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18381);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:06\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_xref(name:\"GLSA\", value:\"200505-17\");\n\n script_name(english:\"GLSA-200505-17 : Qpopper: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200505-17\n(Qpopper: Multiple Vulnerabilities)\n\n Jens Steube discovered that Qpopper doesn't drop privileges to\n process local files from normal users (CAN-2005-1151). The upstream\n developers discovered that Qpopper can be forced to create group or\n world writeable files (CAN-2005-1152).\n \nImpact :\n\n A malicious local attacker could exploit Qpopper to overwrite\n arbitrary files as root or create new files which are group or world\n writeable.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200505-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Qpopper users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/05/28\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-mail/qpopper\", unaffected:make_list(\"ge 4.0.5-r3\"), vulnerable:make_list(\"lt 4.0.5-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Qpopper\");\n}\n", "naslFamily": "Gentoo Local Security Checks", "pluginID": "18381", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:qpopper"], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:08:13", "bulletinFamily": "NVD", "description": "popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions.", "modified": "2008-09-05T20:48:00", "id": "CVE-2005-1152", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1152", "published": "2005-05-25T04:00:00", "title": "CVE-2005-1152", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:08:13", "bulletinFamily": "NVD", "description": "qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root.", "modified": "2008-09-05T20:48:00", "id": "CVE-2005-1151", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1151", "published": "2005-05-25T04:00:00", "title": "CVE-2005-1151", "type": "cve", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-02-21T01:12:23", "bulletinFamily": "scanner", "description": "Qpopper was handling user files while running as root. Qpopper could also be tricked into overwriting system files. CVE-2005-1151 and CVE-2005-1152 have been assigned to these issues.", "modified": "2018-11-15T00:00:00", "id": "SUSE9_10045.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41072", "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : qpopper (YOU Patch Number 10045)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41072);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n\n script_name(english:\"SuSE9 Security Update : qpopper (YOU Patch Number 10045)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Qpopper was handling user files while running as root. Qpopper could\nalso be tricked into overwriting system files. CVE-2005-1151 and\nCVE-2005-1152 have been assigned to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2005-1151/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2005-1152/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 10045.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"qpopper-4.0.5-175.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:08:36", "bulletinFamily": "scanner", "description": "This advisory does only cover updated packages for Debian 3.0 alias woody. For reference below is the original advisory text :\n\n Two bugs have been discovered in qpopper, an enhanced Post Office Protocol (POP3) server. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CAN-2005-1151 Jens Steube discovered that while processing local files owned or provided by a normal user privileges weren't dropped, which could lead to the overwriting or creation of arbitrary files as root.\n\n - CAN-2005-1152\n\n The upstream developers noticed that qpopper could be tricked to creating group- or world-writable files.", "modified": "2018-08-09T00:00:00", "id": "DEBIAN_DSA-728.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=18515", "published": "2005-06-17T00:00:00", "title": "Debian DSA-728-2 : qpopper - missing privilege release", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-728. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18515);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/08/09 17:06:36\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_xref(name:\"DSA\", value:\"728\");\n\n script_name(english:\"Debian DSA-728-2 : qpopper - missing privilege release\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory does only cover updated packages for Debian 3.0 alias\nwoody. For reference below is the original advisory text :\n\n Two bugs have been discovered in qpopper, an enhanced Post Office\n Protocol (POP3) server. The Common Vulnerabilities and Exposures\n project identifies the following problems :\n\n - CAN-2005-1151\n Jens Steube discovered that while processing local\n files owned or provided by a normal user privileges\n weren't dropped, which could lead to the overwriting\n or creation of arbitrary files as root.\n\n - CAN-2005-1152\n\n The upstream developers noticed that qpopper could be\n tricked to creating group- or world-writable files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-728\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the qpopper package.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 4.0.4-2.woody.5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/06/17\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"qpopper\", reference:\"4.0.4-2.woody.5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"qpopper-drac\", reference:\"4.0.4-2.woody.5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper\", reference:\"4.0.5-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper-drac\", reference:\"4.0.5-4sarge1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:08:34", "bulletinFamily": "scanner", "description": "According to its banner, the remote host is running a version of the Qpopper POP3 server that suffers from two local, insecure file handling vulnerabilities. First, it fails to properly drop root privileges when processing certain local files, which could lead to overwriting or creation of arbitrary files as root. And second, it fails to set the process umask, potentially allowing creation of group- or world-writable files.", "modified": "2018-11-15T00:00:00", "id": "QPOPPER_FILE_HANDLING_VULNS.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=18361", "published": "2005-05-24T00:00:00", "title": "Qpopper < 4.0.6 Multiple Insecure File Handling Local Privilege Escalation", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\ninclude(\"compat.inc\");\n\nif (description) {\n script_id(18361);\n script_version(\"1.17\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_bugtraq_id(13714);\n\n script_name(english:\"Qpopper < 4.0.6 Multiple Insecure File Handling Local Privilege Escalation\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote POP3 server is affected by multiple file handling flaws.\" );\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote host is running a version of the\nQpopper POP3 server that suffers from two local, insecure file\nhandling vulnerabilities. First, it fails to properly drop root\nprivileges when processing certain local files, which could lead to\noverwriting or creation of arbitrary files as root. And second, it\nfails to set the process umask, potentially allowing creation of\ngroup- or world-writable files.\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=90622\" );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mail-archive.com/qpopper@lists.pensive.org/msg05140.html\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Qpopper 4.0.6 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/05/24\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/05/23\");\n script_cvs_date(\"Date: 2018/11/15 20:50:23\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n \n script_summary(english:\"Checks for insecure file handling vulnerabilities in Qpopper\");\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"find_service1.nasl\");\n script_require_ports(\"Services/pop3\", 110);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"pop3_func.inc\");\n\n\nif (report_paranoia < 1) exit(0);\t# FP on debian\n\n\nport = get_service(svc:\"pop3\", default: 110, exit_on_fail: 1);\nif (get_kb_item(\"pop3/\"+port+\"/false_pop3\")) exit(0);\n\n\n# There's a problem if the banner indicates version 4.0.5 or earlier.\nbanner = get_pop3_banner(port:port);\nif (\n banner &&\n \" QPOP \" >< banner &&\n banner =~ \" QPOP \\(version ([0-3]\\..*|4\\.0\\.[0-5])$\"\n) security_hole(port);\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:09:09", "bulletinFamily": "scanner", "description": "Jens Steube reports that qpopper is vulnerable to a privilege escalation vulnerability. qpopper does not properly drop root privileges so that user-supplied configuration and trace files can be processed with root privileges. This could allow a local attacker to create or modify arbitrary files.\n\nqpopper is also affected by improper umask settings which could allow users to create group or world-writeable files, possibly allowing an attacker to overwrite arbitrary files.", "modified": "2018-11-10T00:00:00", "id": "FREEBSD_PKG_EB29A575338111DA8340000E0C2E438A.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21530", "published": "2006-05-13T00:00:00", "title": "FreeBSD : qpopper -- multiple privilege escalation vulnerabilities (eb29a575-3381-11da-8340-000e0c2e438a)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21530);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/10 11:49:40\");\n\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_xref(name:\"Secunia\", value:\"15475\");\n\n script_name(english:\"FreeBSD : qpopper -- multiple privilege escalation vulnerabilities (eb29a575-3381-11da-8340-000e0c2e438a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jens Steube reports that qpopper is vulnerable to a privilege\nescalation vulnerability. qpopper does not properly drop root\nprivileges so that user-supplied configuration and trace files can be\nprocessed with root privileges. This could allow a local attacker to\ncreate or modify arbitrary files.\n\nqpopper is also affected by improper umask settings which could allow\nusers to create group or world-writeable files, possibly allowing an\nattacker to overwrite arbitrary files.\"\n );\n # https://vuxml.freebsd.org/freebsd/eb29a575-3381-11da-8340-000e0c2e438a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d7ec222\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:qpopper\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"qpopper>=4.0<=4.0.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:15:51", "bulletinFamily": "scanner", "description": "This advisory adds security support for the stable amd64 distribution.\nIt covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.", "modified": "2018-08-09T00:00:00", "id": "DEBIAN_DSA-773.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57528", "published": "2012-01-12T00:00:00", "title": "Debian DSA-773-1 : amd64 - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-773. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57528);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/08/09 17:06:36\");\n\n script_cve_id(\"CVE-2005-0392\", \"CVE-2005-0393\", \"CVE-2005-0469\", \"CVE-2005-0753\", \"CVE-2005-1151\", \"CVE-2005-1152\", \"CVE-2005-1174\", \"CVE-2005-1175\", \"CVE-2005-1266\", \"CVE-2005-1269\", \"CVE-2005-1545\", \"CVE-2005-1546\", \"CVE-2005-1686\", \"CVE-2005-1689\", \"CVE-2005-1796\", \"CVE-2005-1848\", \"CVE-2005-1849\", \"CVE-2005-1850\", \"CVE-2005-1851\", \"CVE-2005-1852\", \"CVE-2005-1853\", \"CVE-2005-1858\", \"CVE-2005-1914\", \"CVE-2005-1916\", \"CVE-2005-1922\", \"CVE-2005-1923\", \"CVE-2005-1934\", \"CVE-2005-1992\", \"CVE-2005-1993\", \"CVE-2005-2024\", \"CVE-2005-2040\", \"CVE-2005-2056\", \"CVE-2005-2070\", \"CVE-2005-2096\", \"CVE-2005-2231\", \"CVE-2005-2250\", \"CVE-2005-2277\", \"CVE-2005-2301\", \"CVE-2005-2302\", \"CVE-2005-2370\");\n script_xref(name:\"DSA\", value:\"773\");\n\n script_name(english:\"Debian DSA-773-1 : amd64 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory adds security support for the stable amd64 distribution.\nIt covers all security updates since the release of sarge, which were\nmissing updated packages for the not yet official amd64 port. Future\nsecurity advisories will include updates for this port as well.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-773\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected several package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:several\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"affix\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-common\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-fribidi\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-utf8\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-daemon\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-freshclam\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-milter\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"crip\", reference:\"3.5-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"cvs\", reference:\"1.11.1p1debian-11\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"dhcpcd\", reference:\"1.3.22pl4-21sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ekg\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-common\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-gtk\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"fuse-utils\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim-dev\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gedit\", reference:\"2.8.3-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gopher\", reference:\"3.0.7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heartbeat\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heartbeat-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-dev\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-kdc\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ht\", reference:\"0.8.0-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-admin-server\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-clients\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-ftpd\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-kdc\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-rsh-server\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-telnetd\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-user\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libaffix-dev\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libaffix2\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libasn1-6-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav-dev\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav1\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libdbm-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libfuse-dev\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libfuse2\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgadu-dev\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgadu3\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgdbm-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgssapi1-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libhdb7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm55\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5clnt4-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5srv7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkafs0-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-17-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-dev\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb53\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libopenssl-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libpils-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libpils0\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libreadline-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libruby1.8-dbg\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libstonith-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libstonith0\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libtcltk-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-geo\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-ldap\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-mysql\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-pgsql\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-pipe\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-sqlite\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-recursor\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-server\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-dev\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-tcltk\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-x11\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper\", reference:\"4.0.5-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper-drac\", reference:\"4.0.5-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"razor\", reference:\"2.670-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ruby1.8-dev\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"spamc\", reference:\"3.0.3-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"stonith\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"sudo\", reference:\"1.6.8p7-1.1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib-bin\", reference:\"1.2.2-4.sarge.2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib1g\", reference:\"1.2.2-4.sarge.2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib1g-dev\", reference:\"1.2.2-4.sarge.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:08", "bulletinFamily": "unix", "description": "### Background\n\nQpopper is a widely used server for the POP3 protocol. \n\n### Description\n\nJens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CAN-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CAN-2005-1152). \n\n### Impact\n\nA malicious local attacker could exploit Qpopper to overwrite arbitrary files as root or create new files which are group or world writeable. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Qpopper users should upgrade to the latest available version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-mail/qpopper-4.0.5-r3\"", "modified": "2005-05-23T00:00:00", "published": "2005-05-23T00:00:00", "id": "GLSA-200505-17", "href": "https://security.gentoo.org/glsa/200505-17", "type": "gentoo", "title": "Qpopper: Multiple Vulnerabilities", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:12", "bulletinFamily": "software", "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200505-17\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Qpopper: Multiple Vulnerabilities\r\n Date: May 23, 2005\r\n Bugs: #90622\r\n ID: 200505-17\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nQpopper contains two vulnerabilities allowing an attacker to overwrite\r\narbitrary files and create files with insecure permissions.\r\n\r\nBackground\r\n==========\r\n\r\nQpopper is a widely used server for the POP3 protocol.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 net-mail/qpopper < 4.0.5-r3 >= 4.0.5-r3\r\n\r\nDescription\r\n===========\r\n\r\nJens Steube discovered that Qpopper doesn't drop privileges to process\r\nlocal files from normal users (CAN-2005-1151). The upstream developers\r\ndiscovered that Qpopper can be forced to create group or world\r\nwriteable files (CAN-2005-1152).\r\n\r\nImpact\r\n======\r\n\r\nA malicious local attacker could exploit Qpopper to overwrite arbitrary\r\nfiles as root or create new files which are group or world writeable.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll Qpopper users should upgrade to the latest available version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=net-mail/qpopper-4.0.5-r3"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CAN-2005-1151\r\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1151\r\n [ 2 ] CAN-2005-1152\r\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1152\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200505-17.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2005 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.0", "modified": "2005-05-24T00:00:00", "published": "2005-05-24T00:00:00", "id": "SECURITYVULNS:DOC:8697", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:8697", "title": "[Full-disclosure] [ GLSA 200505-17 ] Qpopper: Multiple Vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:22", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-28T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55812", "id": "OPENVAS:55812", "title": "FreeBSD Ports: qpopper", "type": "openvas", "sourceData": "#\n#VID eb29a575-3381-11da-8340-000e0c2e438a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: qpopper\n\nCVE-2005-1151\nqpopper 4.0.5 and earlier does not properly drop privileges before\nprocessing certain user-supplied files, which allows local users to\noverwrite or create arbitrary files as root.\n\nCVE-2005-1152\npopauth.c in qpopper 4.0.5 and earlier does not properly set the\numask, which may cause qpopper to create files with group or\nworld-writable permissions.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/15475/\nhttp://www.vuxml.org/freebsd/eb29a575-3381-11da-8340-000e0c2e438a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(55812);\n script_version(\"$Revision: 4164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-28 09:03:16 +0200 (Wed, 28 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: qpopper\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"qpopper\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0.5\")<=0) {\n txt += 'Package qpopper version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:59", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200505-17.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54949", "id": "OPENVAS:54949", "title": "Gentoo Security Advisory GLSA 200505-17 (qpopper)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Qpopper contains two vulnerabilities allowing an attacker to overwrite\narbitrary files and create files with insecure permissions.\";\ntag_solution = \"All Qpopper users should upgrade to the latest available version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-mail/qpopper-4.0.5-r3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200505-17\nhttp://bugs.gentoo.org/show_bug.cgi?id=90622\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200505-17.\";\n\n \n\nif(description)\n{\n script_id(54949);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200505-17 (qpopper)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-mail/qpopper\", unaffected: make_list(\"ge 4.0.5-r3\"), vulnerable: make_list(\"lt 4.0.5-r3\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update to qpopper\nannounced via advisory DSA 728-2.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53557", "id": "OPENVAS:53557", "title": "Debian Security Advisory DSA 728-2 (qpopper)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_728_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 728-2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This advisory does only covers updated packages for Debian 3.0 alias woody.\n\nTwo bugs have been discovered in qpopper, an enhanced Post Office\nProtocol (POP3) server. The Common Vulnerability and Exposures\nproject identifies the following problems:\n\nCVE-2005-1151\n\nJens Steube discovered that while processing local files owned or\nprovided by a normal user privileges weren't dropped, which could\nlead to the overwriting or creation of arbitrary files as root.\n\nCVE-2005-1152\n\nThe upstream developers noticed that qpopper could be tricked to\ncreating group- or world-writable files.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 4.0.4-2.woody.5.\n\nFor the testing distribution (sarge) these problems have been fixed in\nversion 4.0.5-4sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed in\nversion 4.0.5-4sarge1.\n\nWe recommend that you upgrade your qpopper package.\";\ntag_summary = \"The remote host is missing an update to qpopper\nannounced via advisory DSA 728-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20728-2\";\n\nif(description)\n{\n script_id(53557);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 728-2 (qpopper)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"qpopper\", ver:\"4.0.4-2.woody.5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qpopper-drac\", ver:\"4.0.4-2.woody.5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:20", "bulletinFamily": "scanner", "description": "The remote host is missing an update to qpopper\nannounced via advisory DSA 728-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53556", "id": "OPENVAS:53556", "title": "Debian Security Advisory DSA 728-1 (qpopper)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_728_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 728-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Two bugs have been discovered in qpopper, an enhanced Post Office\nProtocol (POP3) server. The Common Vulnerability and Exposures\nproject identifies the following problems:\n\nCVE-2005-1151\n\nJens Steube discovered that while processing local files owned or\nprovided by a normal user privileges weren't dropped, which could\nlead to the overwriting or creation of arbitrary files as root.\n\nCVE-2005-1152\n\nThe upstream developers noticed that qpopper could be tricked to\ncreating group- or world-writable files.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 4.0.4-2.woody.5.\n\nFor the testing distribution (sarge) these problems have been fixed in\nversion 4.0.5-4sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed in\nversion 4.0.5-4sarge1.\n\nWe recommend that you upgrade your qpopper package.\";\ntag_summary = \"The remote host is missing an update to qpopper\nannounced via advisory DSA 728-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20728-1\";\n\nif(description)\n{\n script_id(53556);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-1151\", \"CVE-2005-1152\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 728-1 (qpopper)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"qpopper\", ver:\"4.0.4-2.woody.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qpopper-drac\", ver:\"4.0.4-2.woody.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qpopper\", ver:\"4.0.5-4sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"qpopper-drac\", ver:\"4.0.5-4sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:50", "bulletinFamily": "unix", "description": "\nJens Steube reports that qpopper is vulnerable to a privilege\n\t escalation vulnerability. qpopper does not properly drop root\n\t privileges so that user supplied configuration and trace files\n\t can be processed with root privileges. This could allow a\n\t local attacker to create or modify arbitrary files.\nqpopper is also affected by improper umask settings\n\t which could allow users to create group or world-writeable\n\t files, possibly allowing an attacker to overwrite arbitrary\n\t files.\n", "modified": "2005-11-26T00:00:00", "published": "2005-05-26T00:00:00", "id": "EB29A575-3381-11DA-8340-000E0C2E438A", "href": "https://vuxml.freebsd.org/freebsd/eb29a575-3381-11da-8340-000e0c2e438a.html", "title": "qpopper -- multiple privilege escalation vulnerabilities", "type": "freebsd", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:21:31", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 728-2 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMay 26th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : qpopper\nVulnerability : missing privilege release\nProblem-Type : local\nDebian-specific: no\nCVE IDs : CAN-2005-1151 CAN-2005-1152\n\nThis advisory does only covers updated packages for Debian 3.0 alias woody.\n\nTwo bugs have been discovered in qpopper, an enhanced Post Office\nProtocol (POP3) server. The Common Vulnerability and Exposures\nproject identifies the following problems:\n\nCAN-2005-1151\n\n Jens Steube discovered that while processing local files owned or\n provided by a normal user privileges weren't dropped, which could\n lead to the overwriting or creation of arbitrary files as root.\n\nCAN-2005-1152\n\n The upstream developers noticed that qpopper could be tricked to\n creating group- or world-writable files.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 4.0.4-2.woody.5.\n\nFor the testing distribution (sarge) these problems have been fixed in\nversion 4.0.5-4sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed in\nversion 4.0.5-4sarge1.\n\nWe recommend that you upgrade your qpopper package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5.dsc\n Size/MD5 checksum: 648 def44918c6c690d26eccd5c558d1016b\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5.diff.gz\n Size/MD5 checksum: 18859 90a965ab2af550047250912d22a30aeb\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4.orig.tar.gz\n Size/MD5 checksum: 2261992 77f0968cd10b0d5236114838d9f507e5\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_alpha.deb\n Size/MD5 checksum: 459080 aff606da2562a6a412f653dad57c7907\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_alpha.deb\n Size/MD5 checksum: 459870 89cbc329cc9164799d2abbe6cd3fef36\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_arm.deb\n Size/MD5 checksum: 433692 59f04091f5dd07e9c0b996900730fc39\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_arm.deb\n Size/MD5 checksum: 434478 b528747b74b7cc0263139441e257cd75\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_i386.deb\n Size/MD5 checksum: 423860 c9cbeff37020c746b50f2112d8a43cea\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_i386.deb\n Size/MD5 checksum: 424736 32043d5ed1e3a961898695490fb70d19\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_ia64.deb\n Size/MD5 checksum: 485276 78d3d2b55b6845e489168aedc3596ed3\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_ia64.deb\n Size/MD5 checksum: 486244 77903abd88b80ef82b166787155bbe61\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_hppa.deb\n Size/MD5 checksum: 443344 167bb4e49490aaffced45df7b20beaea\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_hppa.deb\n Size/MD5 checksum: 444426 9f6a5ca936d98ac4ce3dbfc0b7287057\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_m68k.deb\n Size/MD5 checksum: 416806 f916161eb53d93ea5e228b8683e581f3\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_m68k.deb\n Size/MD5 checksum: 417642 d02b70e083c9ce83728dcf1e3db34cd2\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_mips.deb\n Size/MD5 checksum: 439492 e74351f337454a3e3761e99535aea14e\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_mips.deb\n Size/MD5 checksum: 440410 0de3c0147af2b485ce2fe884db51299d\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_mipsel.deb\n Size/MD5 checksum: 439928 3c8c5b6c2b3f19e579b100d8b9e0b035\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_mipsel.deb\n Size/MD5 checksum: 441100 462d53380308b5d3bb55eaf47283a79a\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_powerpc.deb\n Size/MD5 checksum: 433578 f34f8998261fa494058c9258567475d0\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_powerpc.deb\n Size/MD5 checksum: 434142 f2c5178a623aa55d2c15b1790cf4110f\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_s390.deb\n Size/MD5 checksum: 429138 dd824ff9c73c9c03b918c983a76c0e21\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_s390.deb\n Size/MD5 checksum: 430144 eba66e5007e2393992120b10f12a4a4d\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.5_sparc.deb\n Size/MD5 checksum: 434964 da69bd01cb5ff85ace75dfe0ea7ad421\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.5_sparc.deb\n Size/MD5 checksum: 435700 c09d3ecb11fb0971d69f36054af333c8\n\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-05-25T00:00:00", "published": "2005-05-25T00:00:00", "id": "DEBIAN:DSA-728-2:DBFAB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00112.html", "title": "[SECURITY] [DSA 728-2] New qpopper packages fix arbitrary file overwriting", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:29", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 728-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMay 25th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : qpopper\nVulnerability : missing privilege release\nProblem-Type : local\nDebian-specific: no\nCVE IDs : CAN-2005-1151 CAN-2005-1152\n\nTwo bugs have been discovered in qpopper, an enhanced Post Office\nProtocol (POP3) server. The Common Vulnerability and Exposures\nproject identifies the following problems:\n\nCAN-2005-1151\n\n Jens Steube discovered that while processing local files owned or\n provided by a normal user privileges weren't dropped, which could\n lead to the overwriting or creation of arbitrary files as root.\n\nCAN-2005-1152\n\n The upstream developers noticed that qpopper could be tricked to\n creating group- or world-writable files.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 4.0.4-2.woody.5.\n\nFor the testing distribution (sarge) these problems have been fixed in\nversion 4.0.5-4sarge1.\n\nFor the unstable distribution (sid) these problems will be fixed in\nversion 4.0.5-4sarge1.\n\nWe recommend that you upgrade your qpopper package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4.dsc\n Size/MD5 checksum: 648 8a4a3c4d3a90bd48f34c26db8fa8a184\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4.diff.gz\n Size/MD5 checksum: 17473 ac7cb7a84e82c3f20bbd8663a2be4c0e\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4.orig.tar.gz\n Size/MD5 checksum: 2261992 77f0968cd10b0d5236114838d9f507e5\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_alpha.deb\n Size/MD5 checksum: 458526 fdc450895431518af490ed70c26690b4\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_alpha.deb\n Size/MD5 checksum: 459292 b5669199d6f4372f2b5ee7cbf600a5ee\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_arm.deb\n Size/MD5 checksum: 433370 e40e461e59983b3c4bd72544c9823ddf\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_arm.deb\n Size/MD5 checksum: 434144 89f7de875966d5398208664745b0825d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_i386.deb\n Size/MD5 checksum: 422496 275080592bb86fb37f44fe6ddc17a930\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_i386.deb\n Size/MD5 checksum: 423426 4837430cf6367f82d6a55e3b238c30c0\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_ia64.deb\n Size/MD5 checksum: 484928 a765fbbc4cec479b962b15fcf4506554\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_ia64.deb\n Size/MD5 checksum: 485876 aea333e7c81e270dd1594765394d08ca\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_hppa.deb\n Size/MD5 checksum: 442848 d4024658e0876e72c93773d21eec2750\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_hppa.deb\n Size/MD5 checksum: 443930 b5bddba42ffe723dcea8ecc172401409\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_m68k.deb\n Size/MD5 checksum: 416310 5561b088daaf6b0a891715623d2919f5\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_m68k.deb\n Size/MD5 checksum: 417256 c4879974d172134e8ec28c2b495012ed\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_mips.deb\n Size/MD5 checksum: 439160 85103a9f874de432a57feb0a938349ab\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_mips.deb\n Size/MD5 checksum: 439940 e9e5442b85568f63324e85257e931962\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_mipsel.deb\n Size/MD5 checksum: 439462 f912738cb0e25b0e215bc968d8b2e250\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_mipsel.deb\n Size/MD5 checksum: 440732 208a5f8d25f7bc83cbdc14145dfa9093\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_powerpc.deb\n Size/MD5 checksum: 433316 67f331a07b83d8e3bb745c3aa576b186\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_powerpc.deb\n Size/MD5 checksum: 433894 b373674498d8f38df3c161d698e28eb5\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_s390.deb\n Size/MD5 checksum: 428582 7d2aa35d8172623fae1e782c8bbd39c9\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_s390.deb\n Size/MD5 checksum: 429694 71ea0abc8b2ec5dcbea76a1b47ff7e84\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.4-2.woody.4_sparc.deb\n Size/MD5 checksum: 434720 67b37565b3633c6111f01a66ea88d17b\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.4-2.woody.4_sparc.deb\n Size/MD5 checksum: 435372 413153ac3d8d7be1ea191f2e8e084641\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1.dsc\n Size/MD5 checksum: 654 965b9d0da82ac7158d5007f53d06687b\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1.diff.gz\n Size/MD5 checksum: 128752 121b2d0f6b6e49c7a42d119f3b913344\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5.orig.tar.gz\n Size/MD5 checksum: 2281284 e00853280c9e899711f0b0239d3d8f86\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_alpha.deb\n Size/MD5 checksum: 437332 ed094b8544b33af5933cc0b31ddf340c\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_alpha.deb\n Size/MD5 checksum: 439258 d446633935a28035154f7b58c78a47b5\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_arm.deb\n Size/MD5 checksum: 412418 63b6d6c474c0b3ed168d26935fdb66ec\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_arm.deb\n Size/MD5 checksum: 413758 8d6fd58ea1d21eab06b2ec07f56a9d09\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_i386.deb\n Size/MD5 checksum: 412684 aad7bc1cda319942fc35a1c6c77ce217\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_i386.deb\n Size/MD5 checksum: 414352 04366a0962d44d97988f441a2d0106b6\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_ia64.deb\n Size/MD5 checksum: 460508 5ecd98c52e52dae7394d453f93f28f4c\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_ia64.deb\n Size/MD5 checksum: 462502 693915f6d206aacad3f120ee69ba7b02\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_hppa.deb\n Size/MD5 checksum: 423094 6c681ccee64b16fe8d74571d0dcb7c7b\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_hppa.deb\n Size/MD5 checksum: 424996 7fd56380f01291f3e4d877623a9f3a1f\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_m68k.deb\n Size/MD5 checksum: 397408 d9e8d691860cd2de1098d85e9ae3e61e\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_m68k.deb\n Size/MD5 checksum: 398678 8bcf97f3819012595b09a16acaae2911\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_mips.deb\n Size/MD5 checksum: 420358 fc953a6e7a31000662416f282b15be22\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_mips.deb\n Size/MD5 checksum: 421958 ca599fd86bdd366367b6539ffbe53b61\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_mipsel.deb\n Size/MD5 checksum: 421588 98701bea5aeadac79827d9e39b0a0483\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_mipsel.deb\n Size/MD5 checksum: 423020 34d65b128cd784d9d0ff96d82b31ccb3\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_powerpc.deb\n Size/MD5 checksum: 417762 4e0bb2eb1c6a0fc14337f699c72e9385\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_powerpc.deb\n Size/MD5 checksum: 419056 6273a2937e0d710b51a5aba1fe6a476f\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_s390.deb\n Size/MD5 checksum: 414600 f0b011cb5ac4c28c8586786f0051ba3a\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_s390.deb\n Size/MD5 checksum: 416094 56ff4626d4e4b7e6026fd04538415627\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_sparc.deb\n Size/MD5 checksum: 411094 5a9d2123b0c0681e0f8789b31fc3ba5d\n http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_sparc.deb\n Size/MD5 checksum: 412424 5182a75bd98fbc62d047a85a27dfadba\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-05-25T00:00:00", "published": "2005-05-25T00:00:00", "id": "DEBIAN:DSA-728-1:37685", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00111.html", "title": "[SECURITY] [DSA 728-1] New qpopper packages fix arbitrary file overwriting", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:13", "bulletinFamily": "software", "description": "## Vulnerability Description\nQpopper contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when Qpopper fails to set a proper umask for its process, causing it to create unspecified group- and world-writable files which could contribute to further attacks including privilege escalation.\n## Solution Description\nUpgrade to version 4.08 or higher, as it has been reported to fix this vulnerability. In addition, Gentoo and Debian have released patches for some older versions.\n## Short Description\nQpopper contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when Qpopper fails to set a proper umask for its process, causing it to create unspecified group- and world-writable files which could contribute to further attacks including privilege escalation.\n## References:\nVendor URL: http://www.eudora.com/products/unsupported/qpopper/index.html\nVendor Specific News/Changelog Entry: ftp://ftp.qualcomm.com/eudora/servers/unix/popper/Changes\n[Secunia Advisory ID:15475](https://secuniaresearch.flexerasoftware.com/advisories/15475/)\n[Secunia Advisory ID:15478](https://secuniaresearch.flexerasoftware.com/advisories/15478/)\n[Secunia Advisory ID:15629](https://secuniaresearch.flexerasoftware.com/advisories/15629/)\n[Secunia Advisory ID:15505](https://secuniaresearch.flexerasoftware.com/advisories/15505/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\n[Related OSVDB ID: 16810](https://vulners.com/osvdb/OSVDB:16810)\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200505-17.xml\nOther Advisory URL: http://www.debian.org/security/2005/dsa-728\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_14_sr.html\n[Nessus Plugin ID:18361](https://vulners.com/search?query=pluginID:18361)\n[CVE-2005-1152](https://vulners.com/cve/CVE-2005-1152)\nBugtraq ID: 13714\n", "modified": "2005-05-23T06:21:39", "published": "2005-05-23T06:21:39", "href": "https://vulners.com/osvdb/OSVDB:16811", "id": "OSVDB:16811", "type": "osvdb", "title": "Qpopper Unspecified Privileged File Creation", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:13", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:15475](https://secuniaresearch.flexerasoftware.com/advisories/15475/)\n[Secunia Advisory ID:15478](https://secuniaresearch.flexerasoftware.com/advisories/15478/)\n[Secunia Advisory ID:15629](https://secuniaresearch.flexerasoftware.com/advisories/15629/)\n[Secunia Advisory ID:15505](https://secuniaresearch.flexerasoftware.com/advisories/15505/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\n[Related OSVDB ID: 16811](https://vulners.com/osvdb/OSVDB:16811)\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200505-17.xml\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_14_sr.html\n[CVE-2005-1151](https://vulners.com/cve/CVE-2005-1151)\n", "modified": "2005-05-24T06:21:39", "published": "2005-05-24T06:21:39", "href": "https://vulners.com/osvdb/OSVDB:16810", "id": "OSVDB:16810", "type": "osvdb", "title": "Qpopper Crafted config/trace File Privilege Escalation", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
