ID REDHAT-RHSA-2005-015.NASL Type nessus Reporter This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2005-01-13T00:00:00
Description
An updated Pine package is now available for Red Hat Enterprise Linux
2.1 to fix a denial of service attack.
Pine is an email user agent.
The c-client IMAP client library, as used in Pine 4.44 contains an
integer overflow and integer signedness flaw. An attacker could create
a malicious IMAP server in such a way that it would cause Pine to
crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2003-0297 to this issue.
Users of Pine are advised to upgrade to these erratum packages which
contain a backported patch to correct this issue.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2005:015. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(16148);
script_version("1.26");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2003-0297");
script_xref(name:"RHSA", value:"2005:015");
script_name(english:"RHEL 2.1 : pine (RHSA-2005:015)");
script_summary(english:"Checks the rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"An updated Pine package is now available for Red Hat Enterprise Linux
2.1 to fix a denial of service attack.
Pine is an email user agent.
The c-client IMAP client library, as used in Pine 4.44 contains an
integer overflow and integer signedness flaw. An attacker could create
a malicious IMAP server in such a way that it would cause Pine to
crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2003-0297 to this issue.
Users of Pine are advised to upgrade to these erratum packages which
contain a backported patch to correct this issue."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2003-0297"
);
# http://marc.theaimsgroup.com/?l=bugtraq&m=105294024124163
script_set_attribute(
attribute:"see_also",
value:"https://marc.info/?l=bugtraq&m=105294024124163"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2005:015"
);
script_set_attribute(attribute:"solution", value:"Update the affected pine package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pine");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
script_set_attribute(attribute:"vuln_publication_date", value:"2003/06/16");
script_set_attribute(attribute:"patch_publication_date", value:"2005/01/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/01/13");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^2\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2005:015";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"pine-4.44-20")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pine");
}
}
{"id": "REDHAT-RHSA-2005-015.NASL", "bulletinFamily": "scanner", "title": "RHEL 2.1 : pine (RHSA-2005:015)", "description": "An updated Pine package is now available for Red Hat Enterprise Linux\n2.1 to fix a denial of service attack.\n\nPine is an email user agent.\n\nThe c-client IMAP client library, as used in Pine 4.44 contains an\ninteger overflow and integer signedness flaw. An attacker could create\na malicious IMAP server in such a way that it would cause Pine to\ncrash. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0297 to this issue.\n\nUsers of Pine are advised to upgrade to these erratum packages which\ncontain a backported patch to correct this issue.", "published": "2005-01-13T00:00:00", "modified": "2005-01-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/16148", "reporter": "This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2005:015", "https://access.redhat.com/security/cve/cve-2003-0297", "https://marc.info/?l=bugtraq&m=105294024124163"], "cvelist": ["CVE-2003-0297"], "type": "nessus", "lastseen": "2021-01-17T13:05:22", "edition": 28, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2003-0297"]}, {"type": "redhat", "idList": ["RHSA-2005:114", "RHSA-2005:015"]}, {"type": "osvdb", "idList": ["OSVDB:11425", "OSVDB:11766"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2005-114.NASL"]}], "modified": "2021-01-17T13:05:22", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2021-01-17T13:05:22", "rev": 2}, "vulnersScore": 6.4}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:015. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(16148);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2003-0297\");\n script_xref(name:\"RHSA\", value:\"2005:015\");\n\n script_name(english:\"RHEL 2.1 : pine (RHSA-2005:015)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Pine package is now available for Red Hat Enterprise Linux\n2.1 to fix a denial of service attack.\n\nPine is an email user agent.\n\nThe c-client IMAP client library, as used in Pine 4.44 contains an\ninteger overflow and integer signedness flaw. An attacker could create\na malicious IMAP server in such a way that it would cause Pine to\ncrash. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0297 to this issue.\n\nUsers of Pine are advised to upgrade to these erratum packages which\ncontain a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0297\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=105294024124163\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bugtraq&m=105294024124163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:015\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pine package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/01/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:015\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"pine-4.44-20\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pine\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "16148", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:pine"], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T05:22:09", "description": "c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.", "edition": 4, "cvss3": {}, "published": "2003-06-16T04:00:00", "title": "CVE-2003-0297", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0297"], "modified": "2018-10-19T15:29:00", "cpe": ["cpe:/a:university_of_washington:imap-2002b:*", "cpe:/a:university_of_washington:pine:4.53", "cpe:/a:university_of_washington:c-client:*"], "id": "CVE-2003-0297", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0297", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:university_of_washington:imap-2002b:*:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:pine:4.53:*:*:*:*:*:*:*", "cpe:2.3:a:university_of_washington:c-client:*:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:45:39", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0297"], "description": "Pine is an email user agent.\n\nThe c-client IMAP client library, as used in Pine 4.44 contains an integer\noverflow and integer signedness flaw. An attacker could create a malicious\nIMAP server in such a way that it would cause Pine to crash. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\n CAN-2003-0297 to this issue.\n\nUsers of Pine are advised to upgrade to these erratum packages which\ncontain a backported patch to correct this issue.", "modified": "2018-03-14T19:26:56", "published": "2005-01-12T05:00:00", "id": "RHSA-2005:015", "href": "https://access.redhat.com/errata/RHSA-2005:015", "type": "redhat", "title": "(RHSA-2005:015) pine security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:25", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0297"], "description": "The imap package provides server daemons for both the IMAP (Internet\nMessage Access Protocol) and POP (Post Office Protocol) mail access\nprotocols.\n\nA buffer overflow flaw was found in the c-client IMAP client. An attacker\ncould create a malicious IMAP server that if connected to by a victim could\nexecute arbitrary code on the client machine. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2003-0297\nto this issue.\n\nUsers of imap are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", "modified": "2018-03-14T19:26:14", "published": "2005-02-18T05:00:00", "id": "RHSA-2005:114", "href": "https://access.redhat.com/errata/RHSA-2005:114", "type": "redhat", "title": "(RHSA-2005:114) imap security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:07", "bulletinFamily": "software", "cvelist": ["CVE-2003-0297"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:13838](https://secuniaresearch.flexerasoftware.com/advisories/13838/)\n[Secunia Advisory ID:14355](https://secuniaresearch.flexerasoftware.com/advisories/14355/)\n[Related OSVDB ID: 11767](https://vulners.com/osvdb/OSVDB:11767)\nRedHat RHSA: RHSA-2005:015\nRedHat RHSA: RHSA-2005:114\nISS X-Force ID: 12299\n[CVE-2003-0297](https://vulners.com/cve/CVE-2003-0297)\nBugtraq ID: 7603\n", "modified": "2003-05-14T00:00:00", "published": "2003-05-14T00:00:00", "id": "OSVDB:11766", "href": "https://vulners.com/osvdb/OSVDB:11766", "title": "c-client IMAP Client Mailbox Size Overflow", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:06", "bulletinFamily": "software", "cvelist": ["CVE-2003-0297", "CVE-2003-0300", "CVE-2003-0298", "CVE-2003-0301", "CVE-2003-0296", "CVE-2003-0302"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=105294024124163&w=2\nISS X-Force ID: 12289\n[CVE-2003-0297](https://vulners.com/cve/CVE-2003-0297)\n[CVE-2003-0300](https://vulners.com/cve/CVE-2003-0300)\n[CVE-2003-0301](https://vulners.com/cve/CVE-2003-0301)\n[CVE-2003-0302](https://vulners.com/cve/CVE-2003-0302)\n[CVE-2003-0298](https://vulners.com/cve/CVE-2003-0298)\n[CVE-2003-0296](https://vulners.com/cve/CVE-2003-0296)\nBugtraq ID: 7603\n", "modified": "2003-05-14T00:00:00", "published": "2003-05-14T00:00:00", "id": "OSVDB:11425", "href": "https://vulners.com/osvdb/OSVDB:11425", "title": "Multiple Vendor IMAP Client literal_size Remote Overflow", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-17T13:05:25", "description": "Updated imap packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nThe imap package provides server daemons for both the IMAP (Internet\nMessage Access Protocol) and POP (Post Office Protocol) mail access\nprotocols.\n\nA buffer overflow flaw was found in the c-client IMAP client. An\nattacker could create a malicious IMAP server that if connected to by\na victim could execute arbitrary code on the client machine. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2003-0297 to this issue.\n\nUsers of imap are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", "edition": 27, "published": "2005-02-18T00:00:00", "title": "RHEL 2.1 : imap (RHSA-2005:114)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0297"], "modified": "2005-02-18T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:imap", "p-cpe:/a:redhat:enterprise_linux:imap-devel"], "id": "REDHAT-RHSA-2005-114.NASL", "href": "https://www.tenable.com/plugins/nessus/17147", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:114. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17147);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2003-0297\");\n script_xref(name:\"RHSA\", value:\"2005:114\");\n\n script_name(english:\"RHEL 2.1 : imap (RHSA-2005:114)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated imap packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1.\n\nThis update has been rated as having low security impact by the Red\nHat Security Response Team.\n\nThe imap package provides server daemons for both the IMAP (Internet\nMessage Access Protocol) and POP (Post Office Protocol) mail access\nprotocols.\n\nA buffer overflow flaw was found in the c-client IMAP client. An\nattacker could create a malicious IMAP server that if connected to by\na victim could execute arbitrary code on the client machine. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2003-0297 to this issue.\n\nUsers of imap are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0297\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:114\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected imap and / or imap-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:imap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/02/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:114\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"imap-2001a-11.0as\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"imap-devel-2001a-11.0as\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imap / imap-devel\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
