Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 1999-2018 Tenable Network Security, Inc.INN.NASL
HistoryAug 25, 1999 - 12:00 a.m.

INN < 1.6 Multiple Vulnerabilities

1999-08-2500:00:00
This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.
www.tenable.com
18
JSON

According to its banner, the remote version of INN is older than version 1.6. A number of security holes have been found older versions of INN, some of which may allow arbitrary command execution.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(10129);
 script_version("1.35");
 script_cvs_date("Date: 2018/07/12 19:01:15");

 script_cve_id("CVE-1999-0705", "CVE-1999-0043", "CVE-1999-0247");
 script_bugtraq_id(1443, 616, 687);
 script_xref(name:"CERT-CC", value:"CA-1997-08");

 script_name(english:"INN < 1.6 Multiple Vulnerabilities");
 script_summary(english:"Checks INN version");
 
 script_set_attribute(attribute:"synopsis", value:"The remote NNTP server is affected by multiple vulnerabilities.");
 script_set_attribute(attribute:"description", value:
"According to its banner, the remote version of INN is older than
version 1.6.  A number of security holes have been found older
versions of INN, some of which may allow arbitrary command execution.");
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3132c982");
 script_set_attribute(attribute:"solution", value:"Upgrade to version 1.6 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"vuln_publication_date", value:"1996/12/04");
 script_set_attribute(attribute:"plugin_publication_date", value:"1999/08/25");

 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.");
 script_family(english:"Gain a shell remotely");

 script_dependencie("find_service1.nasl");
 script_require_ports("Services/nntp", 119);
 exit(0);
}

#
# The script code starts here
#


# Read the banner from the knowledge base,
# or get it by connecting to the server
# manually


port = get_kb_item("Services/nntp");
if(!port)port = 119;

key = string("nntp/banner/", port);
banner = get_kb_item(key);

if(!banner)
{
 if(get_port_state(port))
 {
  soc = open_sock_tcp(port);
  if(soc)
  {
   banner = recv_line(socket:soc,length:1024);
   close(soc);
  }
 }
}



if(!banner)exit(0);
s = strstr(banner,"INN");
 if(s)
 {
  version = s[4];
  subversion = s[6];
  if((version == 1)&&(subversion < 6))
	{ security_hole(port); }

 }

Related

cve 3
cve
cve
CVE-1999-0043
1996-12-04 05:00:00
CVE-1999-0247
1997-07-21 04:00:00
CVE-1999-0705
1999-09-01 04:00:00
JSON
Related for INN.NASL
cve3