ID SUSE_11_2_POSTFIX-100201.NASL Type nessus Reporter Tenable Modified 2014-06-13T00:00:00
Description
The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update therefore resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connection you need to manually set it to 'yes' again.
This update also fixes a problem where the relay database was not created and postfix refused to start.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update postfix-1969.
#
# The text description of this plugin is (C) SUSE LLC.
#
include("compat.inc");
if (description)
{
script_id(44623);
script_version("$Revision: 1.4 $");
script_cvs_date("$Date: 2014/06/13 20:00:37 $");
script_cve_id("CVE-2010-0230");
script_name(english:"openSUSE Security Update : postfix (postfix-1969)");
script_summary(english:"Check for the postfix-1969 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The
postfix smtp daemon therefore was reachable over the network by
default. This update therefore resets the value to 'no' in
/etc/sysconfig/mail. If you intentionally want postfix to listen for
remote connection you need to manually set it to 'yes' again.
This update also fixes a problem where the relay database was not
created and postfix refused to start."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=547928"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=549612"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=552270"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=555732"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=555814"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=557239"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=566665"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected postfix packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cwe_id(264);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postfix");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postfix-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postfix-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postfix-postgresql");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
script_set_attribute(attribute:"patch_publication_date", value:"2010/02/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/16");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE11.2", reference:"postfix-2.6.1-2.6.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"postfix-devel-2.6.1-2.6.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"postfix-mysql-2.6.1-2.6.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"postfix-postgresql-2.6.1-2.6.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postfix / postfix-devel / postfix-mysql / postfix-postgresql");
}
{"id": "SUSE_11_2_POSTFIX-100201.NASL", "bulletinFamily": "scanner", "title": "openSUSE Security Update : postfix (postfix-1969)", "description": "The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update therefore resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not created and postfix refused to start.", "published": "2010-02-16T00:00:00", "modified": "2014-06-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44623", "reporter": "Tenable", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=555814", "https://bugzilla.novell.com/show_bug.cgi?id=557239", "https://bugzilla.novell.com/show_bug.cgi?id=552270", "https://bugzilla.novell.com/show_bug.cgi?id=566665", "https://bugzilla.novell.com/show_bug.cgi?id=549612", "https://bugzilla.novell.com/show_bug.cgi?id=547928", "https://bugzilla.novell.com/show_bug.cgi?id=555732"], "cvelist": ["CVE-2010-0230"], "type": "nessus", "lastseen": "2019-02-21T01:13:02", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2010-0230"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update therefore resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not created and postfix refused to start.", "edition": 1, "enchantments": {}, "hash": "b201f70a45e2a16aac25d79ded2196661fd7bb7231efbf17c203fc398348c9f4", "hashmap": [{"hash": "70fa6335b488b22169004a6f349c4fa2", "key": "description"}, {"hash": "d0cdefeb703737c3ebea5393eaeebc9b", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20d050ed671ce78fbc3b6e8cd5e89851", "key": "cvelist"}, {"hash": "a62aacf537a4307ed193a433f2510b9e", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "4a9ad9efd062c8172bbaa1b6288a4ac4", "key": "pluginID"}, {"hash": "802445b2043183e029a9c3b0a6362f59", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "modified"}, {"hash": "b17d4c62d407ed853d4b98c4b9742e04", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "e57aaf42006627ab6b3123b5f325205f", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44623", "id": "SUSE_11_2_POSTFIX-100201.NASL", "lastseen": "2016-09-26T17:26:10", "modified": "2014-06-13T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "44623", "published": "2010-02-16T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=555814", "https://bugzilla.novell.com/show_bug.cgi?id=557239", "https://bugzilla.novell.com/show_bug.cgi?id=552270", "https://bugzilla.novell.com/show_bug.cgi?id=566665", "https://bugzilla.novell.com/show_bug.cgi?id=549612", "https://bugzilla.novell.com/show_bug.cgi?id=547928", "https://bugzilla.novell.com/show_bug.cgi?id=555732"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update postfix-1969.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44623);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:00:37 $\");\n\n script_cve_id(\"CVE-2010-0230\");\n\n script_name(english:\"openSUSE Security Update : postfix (postfix-1969)\");\n script_summary(english:\"Check for the postfix-1969 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The\npostfix smtp daemon therefore was reachable over the network by\ndefault. This update therefore resets the value to 'no' in\n/etc/sysconfig/mail. If you intentionally want postfix to listen for\nremote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not\ncreated and postfix refused to start.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=566665\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postfix packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-devel-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-mysql-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-postgresql-2.6.1-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postfix / postfix-devel / postfix-mysql / postfix-postgresql\");\n}\n", "title": "openSUSE Security Update : postfix (postfix-1969)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:10"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:postfix-devel", "p-cpe:/a:novell:opensuse:postfix-mysql", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:postfix-postgresql", "p-cpe:/a:novell:opensuse:postfix"], "cvelist": ["CVE-2010-0230"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The\npostfix smtp daemon therefore was reachable over the network by\ndefault. This update therefore resets the value to 'no' in\n/etc/sysconfig/mail. If you intentionally want postfix to listen for\nremote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not\ncreated and postfix refused to start.", "edition": 5, "enchantments": {"dependencies": {"modified": "2019-01-16T20:10:19", "references": [{"idList": ["OPENVAS:1361412562310850126", "OPENVAS:850126"], "type": "openvas"}, {"idList": ["SUSE-SA:2010:011"], "type": "suse"}, {"idList": ["CVE-2010-0230"], "type": "cve"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "bbf7cab5dfb39c64b78a7ca04f4c46d35fbc049c347afe9a6b97d4d3f994e9ae", "hashmap": [{"hash": "c31e21e579a77afc8f1aa61e741b81a6", "key": "cpe"}, {"hash": "d0cdefeb703737c3ebea5393eaeebc9b", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20d050ed671ce78fbc3b6e8cd5e89851", "key": "cvelist"}, {"hash": "99bae8c11fed32e41698415e7b5da7fa", "key": "description"}, {"hash": "a62aacf537a4307ed193a433f2510b9e", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "4a9ad9efd062c8172bbaa1b6288a4ac4", "key": "pluginID"}, {"hash": "802445b2043183e029a9c3b0a6362f59", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "modified"}, {"hash": "b17d4c62d407ed853d4b98c4b9742e04", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "e57aaf42006627ab6b3123b5f325205f", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44623", "id": "SUSE_11_2_POSTFIX-100201.NASL", "lastseen": "2019-01-16T20:10:19", "modified": "2014-06-13T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "44623", "published": "2010-02-16T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=555814", "https://bugzilla.novell.com/show_bug.cgi?id=557239", "https://bugzilla.novell.com/show_bug.cgi?id=552270", "https://bugzilla.novell.com/show_bug.cgi?id=566665", "https://bugzilla.novell.com/show_bug.cgi?id=549612", "https://bugzilla.novell.com/show_bug.cgi?id=547928", "https://bugzilla.novell.com/show_bug.cgi?id=555732"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update postfix-1969.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44623);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:00:37 $\");\n\n script_cve_id(\"CVE-2010-0230\");\n\n script_name(english:\"openSUSE Security Update : postfix (postfix-1969)\");\n script_summary(english:\"Check for the postfix-1969 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The\npostfix smtp daemon therefore was reachable over the network by\ndefault. This update therefore resets the value to 'no' in\n/etc/sysconfig/mail. If you intentionally want postfix to listen for\nremote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not\ncreated and postfix refused to start.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=566665\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postfix packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-devel-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-mysql-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-postgresql-2.6.1-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postfix / postfix-devel / postfix-mysql / postfix-postgresql\");\n}\n", "title": "openSUSE Security Update : postfix (postfix-1969)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2019-01-16T20:10:19"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:postfix-devel", "p-cpe:/a:novell:opensuse:postfix-mysql", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:postfix-postgresql", "p-cpe:/a:novell:opensuse:postfix"], "cvelist": ["CVE-2010-0230"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update therefore resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not created and postfix refused to start.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "1ddbb4810aa5732fafad45f9ef2c7e154e4262585f5e34fd17f0cefd9f091ec0", "hashmap": [{"hash": "70fa6335b488b22169004a6f349c4fa2", "key": "description"}, {"hash": "c31e21e579a77afc8f1aa61e741b81a6", "key": "cpe"}, {"hash": "d0cdefeb703737c3ebea5393eaeebc9b", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20d050ed671ce78fbc3b6e8cd5e89851", "key": "cvelist"}, {"hash": "a62aacf537a4307ed193a433f2510b9e", "key": "href"}, {"hash": "4a9ad9efd062c8172bbaa1b6288a4ac4", "key": "pluginID"}, {"hash": "802445b2043183e029a9c3b0a6362f59", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "modified"}, {"hash": "b17d4c62d407ed853d4b98c4b9742e04", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "e57aaf42006627ab6b3123b5f325205f", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44623", "id": "SUSE_11_2_POSTFIX-100201.NASL", "lastseen": "2018-08-30T19:54:16", "modified": "2014-06-13T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "44623", "published": "2010-02-16T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=555814", "https://bugzilla.novell.com/show_bug.cgi?id=557239", "https://bugzilla.novell.com/show_bug.cgi?id=552270", "https://bugzilla.novell.com/show_bug.cgi?id=566665", "https://bugzilla.novell.com/show_bug.cgi?id=549612", "https://bugzilla.novell.com/show_bug.cgi?id=547928", "https://bugzilla.novell.com/show_bug.cgi?id=555732"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update postfix-1969.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44623);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:00:37 $\");\n\n script_cve_id(\"CVE-2010-0230\");\n\n script_name(english:\"openSUSE Security Update : postfix (postfix-1969)\");\n script_summary(english:\"Check for the postfix-1969 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The\npostfix smtp daemon therefore was reachable over the network by\ndefault. This update therefore resets the value to 'no' in\n/etc/sysconfig/mail. If you intentionally want postfix to listen for\nremote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not\ncreated and postfix refused to start.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=566665\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postfix packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-devel-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-mysql-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-postgresql-2.6.1-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postfix / postfix-devel / postfix-mysql / postfix-postgresql\");\n}\n", "title": "openSUSE Security Update : postfix (postfix-1969)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:54:16"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:postfix-devel", "p-cpe:/a:novell:opensuse:postfix-mysql", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:postfix-postgresql", "p-cpe:/a:novell:opensuse:postfix"], "cvelist": ["CVE-2010-0230"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update therefore resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not created and postfix refused to start.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "7b4ebe30986e92e5b72ec79ae9ac84936b62cddd41b466d6c6fb4fae900c073f", "hashmap": [{"hash": "70fa6335b488b22169004a6f349c4fa2", "key": "description"}, {"hash": "c31e21e579a77afc8f1aa61e741b81a6", "key": "cpe"}, {"hash": "d0cdefeb703737c3ebea5393eaeebc9b", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20d050ed671ce78fbc3b6e8cd5e89851", "key": "cvelist"}, {"hash": "a62aacf537a4307ed193a433f2510b9e", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "4a9ad9efd062c8172bbaa1b6288a4ac4", "key": "pluginID"}, {"hash": "802445b2043183e029a9c3b0a6362f59", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "modified"}, {"hash": "b17d4c62d407ed853d4b98c4b9742e04", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "e57aaf42006627ab6b3123b5f325205f", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44623", "id": "SUSE_11_2_POSTFIX-100201.NASL", "lastseen": "2018-09-02T00:04:26", "modified": "2014-06-13T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "44623", "published": "2010-02-16T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=555814", "https://bugzilla.novell.com/show_bug.cgi?id=557239", "https://bugzilla.novell.com/show_bug.cgi?id=552270", "https://bugzilla.novell.com/show_bug.cgi?id=566665", "https://bugzilla.novell.com/show_bug.cgi?id=549612", "https://bugzilla.novell.com/show_bug.cgi?id=547928", "https://bugzilla.novell.com/show_bug.cgi?id=555732"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update postfix-1969.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44623);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:00:37 $\");\n\n script_cve_id(\"CVE-2010-0230\");\n\n script_name(english:\"openSUSE Security Update : postfix (postfix-1969)\");\n script_summary(english:\"Check for the postfix-1969 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The\npostfix smtp daemon therefore was reachable over the network by\ndefault. This update therefore resets the value to 'no' in\n/etc/sysconfig/mail. If you intentionally want postfix to listen for\nremote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not\ncreated and postfix refused to start.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=566665\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postfix packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-devel-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-mysql-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-postgresql-2.6.1-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postfix / postfix-devel / postfix-mysql / postfix-postgresql\");\n}\n", "title": "openSUSE Security Update : postfix (postfix-1969)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 4, "lastseen": "2018-09-02T00:04:26"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:novell:opensuse:postfix-devel", "p-cpe:/a:novell:opensuse:postfix-mysql", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:postfix-postgresql", "p-cpe:/a:novell:opensuse:postfix"], "cvelist": ["CVE-2010-0230"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update therefore resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not created and postfix refused to start.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "7b4ebe30986e92e5b72ec79ae9ac84936b62cddd41b466d6c6fb4fae900c073f", "hashmap": [{"hash": "70fa6335b488b22169004a6f349c4fa2", "key": "description"}, {"hash": "c31e21e579a77afc8f1aa61e741b81a6", "key": "cpe"}, {"hash": "d0cdefeb703737c3ebea5393eaeebc9b", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "20d050ed671ce78fbc3b6e8cd5e89851", "key": "cvelist"}, {"hash": "a62aacf537a4307ed193a433f2510b9e", "key": "href"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "4a9ad9efd062c8172bbaa1b6288a4ac4", "key": "pluginID"}, {"hash": "802445b2043183e029a9c3b0a6362f59", "key": "references"}, {"hash": "02fcc0c238d215158fbaabb854c5b3df", "key": "modified"}, {"hash": "b17d4c62d407ed853d4b98c4b9742e04", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "e57aaf42006627ab6b3123b5f325205f", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44623", "id": "SUSE_11_2_POSTFIX-100201.NASL", "lastseen": "2017-10-29T13:43:48", "modified": "2014-06-13T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.3", "pluginID": "44623", "published": "2010-02-16T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=555814", "https://bugzilla.novell.com/show_bug.cgi?id=557239", "https://bugzilla.novell.com/show_bug.cgi?id=552270", "https://bugzilla.novell.com/show_bug.cgi?id=566665", "https://bugzilla.novell.com/show_bug.cgi?id=549612", "https://bugzilla.novell.com/show_bug.cgi?id=547928", "https://bugzilla.novell.com/show_bug.cgi?id=555732"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update postfix-1969.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44623);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:00:37 $\");\n\n script_cve_id(\"CVE-2010-0230\");\n\n script_name(english:\"openSUSE Security Update : postfix (postfix-1969)\");\n script_summary(english:\"Check for the postfix-1969 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The\npostfix smtp daemon therefore was reachable over the network by\ndefault. This update therefore resets the value to 'no' in\n/etc/sysconfig/mail. If you intentionally want postfix to listen for\nremote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not\ncreated and postfix refused to start.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=566665\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postfix packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-devel-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-mysql-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-postgresql-2.6.1-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postfix / postfix-devel / postfix-mysql / postfix-postgresql\");\n}\n", "title": "openSUSE Security Update : postfix (postfix-1969)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:43:48"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "c31e21e579a77afc8f1aa61e741b81a6"}, {"key": "cvelist", "hash": "20d050ed671ce78fbc3b6e8cd5e89851"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "70fa6335b488b22169004a6f349c4fa2"}, {"key": "href", "hash": "a62aacf537a4307ed193a433f2510b9e"}, {"key": "modified", "hash": "02fcc0c238d215158fbaabb854c5b3df"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "4a9ad9efd062c8172bbaa1b6288a4ac4"}, {"key": "published", "hash": "d0cdefeb703737c3ebea5393eaeebc9b"}, {"key": "references", "hash": "802445b2043183e029a9c3b0a6362f59"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "b17d4c62d407ed853d4b98c4b9742e04"}, {"key": "title", "hash": "e57aaf42006627ab6b3123b5f325205f"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "7b4ebe30986e92e5b72ec79ae9ac84936b62cddd41b466d6c6fb4fae900c073f", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-0230"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310850126", "OPENVAS:850126"]}, {"type": "suse", "idList": ["SUSE-SA:2010:011"]}], "modified": "2019-02-21T01:13:02"}, "score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update postfix-1969.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44623);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:00:37 $\");\n\n script_cve_id(\"CVE-2010-0230\");\n\n script_name(english:\"openSUSE Security Update : postfix (postfix-1969)\");\n script_summary(english:\"Check for the postfix-1969 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The\npostfix smtp daemon therefore was reachable over the network by\ndefault. This update therefore resets the value to 'no' in\n/etc/sysconfig/mail. If you intentionally want postfix to listen for\nremote connection you need to manually set it to 'yes' again.\n\nThis update also fixes a problem where the relay database was not\ncreated and postfix refused to start.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=555814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=566665\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postfix packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postfix-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-devel-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-mysql-2.6.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"postfix-postgresql-2.6.1-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postfix / postfix-devel / postfix-mysql / postfix-postgresql\");\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "44623", "cpe": ["p-cpe:/a:novell:opensuse:postfix-devel", "p-cpe:/a:novell:opensuse:postfix-mysql", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:postfix-postgresql", "p-cpe:/a:novell:opensuse:postfix"], "scheme": null}
{"cve": [{"lastseen": "2016-09-03T13:26:33", "bulletinFamily": "NVD", "description": "SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.", "modified": "2011-04-28T00:00:00", "published": "2010-01-22T16:30:00", "id": "CVE-2010-0230", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0230", "type": "cve", "title": "CVE-2010-0230", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T11:41:56", "bulletinFamily": "unix", "description": "The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. This update resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remote connections you need to manually set it to 'yes' again. This update also fixes a problem where the relay database was not created and postfix refused to start.\n#### Solution\nManually set SMTPD_LISTEN_REMOTE to 'no' and run # SuSEconfig --module postfix", "modified": "2010-02-15T15:47:45", "published": "2010-02-15T15:47:45", "id": "SUSE-SA:2010:011", "href": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00004.html", "type": "suse", "title": "remote denial of service in postfix", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-01-02T10:54:22", "bulletinFamily": "scanner", "description": "Check for the Version of postfix", "modified": "2017-12-29T00:00:00", "published": "2010-02-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850126", "id": "OPENVAS:1361412562310850126", "title": "SuSE Update for postfix SUSE-SA:2010:011", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for postfix SUSE-SA:2010:011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix\n smtp daemon therefore was reachable over the network by default.\n This update resets the value to 'no' in /etc/sysconfig/mail. If you\n intentionally want postfix to listen for remote connections you need to\n manually set it to 'yes' again.\n\n This update also fixes a problem where the relay database was not created and\n postfix refused to start.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"postfix on openSUSE 11.2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850126\");\n script_version(\"$Revision: 8258 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 08:28:57 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUSE-SA\", value: \"2010-011\");\n script_cve_id(\"CVE-2010-0230\");\n script_name(\"SuSE Update for postfix SUSE-SA:2010:011\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postfix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"postfix-debuginfo\", rpm:\"postfix-debuginfo~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-debugsource\", rpm:\"postfix-debugsource~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-mysql-debuginfo\", rpm:\"postfix-mysql-debuginfo~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-postgresql-debuginfo\", rpm:\"postfix-postgresql-debuginfo~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix\", rpm:\"postfix~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-devel\", rpm:\"postfix-devel~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-doc\", rpm:\"postfix-doc~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-mysql\", rpm:\"postfix-mysql~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-postgresql\", rpm:\"postfix-postgresql~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:37", "bulletinFamily": "scanner", "description": "Check for the Version of postfix", "modified": "2017-12-14T00:00:00", "published": "2010-02-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850126", "id": "OPENVAS:850126", "title": "SuSE Update for postfix SUSE-SA:2010:011", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for postfix SUSE-SA:2010:011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix\n smtp daemon therefore was reachable over the network by default.\n This update resets the value to 'no' in /etc/sysconfig/mail. If you\n intentionally want postfix to listen for remote connections you need to\n manually set it to 'yes' again.\n\n This update also fixes a problem where the relay database was not created and\n postfix refused to start.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"postfix on openSUSE 11.2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850126);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUSE-SA\", value: \"2010-011\");\n script_cve_id(\"CVE-2010-0230\");\n script_name(\"SuSE Update for postfix SUSE-SA:2010:011\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postfix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"postfix-debuginfo\", rpm:\"postfix-debuginfo~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-debugsource\", rpm:\"postfix-debugsource~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-mysql-debuginfo\", rpm:\"postfix-mysql-debuginfo~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-postgresql-debuginfo\", rpm:\"postfix-postgresql-debuginfo~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix\", rpm:\"postfix~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-devel\", rpm:\"postfix-devel~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-doc\", rpm:\"postfix-doc~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-mysql\", rpm:\"postfix-mysql~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postfix-postgresql\", rpm:\"postfix-postgresql~2.6.1~2.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
