Lucene search
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-345-1.NASLHistoryNov 10, 2007 - 12:00 a.m.
Ubuntu 5.04 / 5.10 / 6.06 LTS : mailman vulnerabilities (USN-345-1)
2007-11-1000:00:00
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
Steve Alexander discovered that mailman did not properly handle attachments with special filenames. A remote user could exploit that to stop mail delivery until the server administrator manually cleaned these posts. (CVE-2006-2941)
Various cross-site scripting vulnerabilities have been reported by Barry Warsaw. By using specially crafted email addresses, names, and similar arbitrary user-defined strings, a remote attacker could exploit this to run web script code in the list administrator’s web browser. (CVE-2006-3636)
URLs logged to the error log file are now checked for invalid characters. Before, specially crafted URLs could inject arbitrary messages into the log.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-345-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(27924);
script_version("1.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2006-2941", "CVE-2006-3636");
script_bugtraq_id(19831);
script_xref(name:"USN", value:"345-1");
script_name(english:"Ubuntu 5.04 / 5.10 / 6.06 LTS : mailman vulnerabilities (USN-345-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"Steve Alexander discovered that mailman did not properly handle
attachments with special filenames. A remote user could exploit that
to stop mail delivery until the server administrator manually cleaned
these posts. (CVE-2006-2941)
Various cross-site scripting vulnerabilities have been reported by
Barry Warsaw. By using specially crafted email addresses, names, and
similar arbitrary user-defined strings, a remote attacker could
exploit this to run web script code in the list administrator's web
browser. (CVE-2006-3636)
URLs logged to the error log file are now checked for invalid
characters. Before, specially crafted URLs could inject arbitrary
messages into the log.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/345-1/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected mailman package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mailman");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
script_set_attribute(attribute:"patch_publication_date", value:"2006/09/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(5\.04|5\.10|6\.06)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 5.04 / 5.10 / 6.06", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"5.04", pkgname:"mailman", pkgver:"2.1.5-7ubuntu0.3")) flag++;
if (ubuntu_check(osver:"5.10", pkgname:"mailman", pkgver:"2.1.5-8ubuntu2.3")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"mailman", pkgver:"2.1.5-9ubuntu4.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mailman");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | mailman | p-cpe:/a:canonical:ubuntu_linux:mailman |
| canonical | ubuntu_linux | 5.04 | cpe:/o:canonical:ubuntu_linux:5.04 |
| canonical | ubuntu_linux | 5.10 | cpe:/o:canonical:ubuntu_linux:5.10 |
| canonical | ubuntu_linux | 6.06 | cpe:/o:canonical:ubuntu_linux:6.06:-:lts |
Related
nessus
nessus
RHEL 3 / 4 : mailman (RHSA-2006:0600)
2006-09-12 00:00:00
Oracle Linux 3 / 4 : mailman (ELSA-2006-0600)
2013-07-12 00:00:00
GLSA-200609-12 : Mailman: Multiple vulnerabilities
2006-09-22 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200609-12 (mailman)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200609-12 (mailman)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-345-1)
2022-08-26 00:00:00
ubuntu
ubuntu
mailman vulnerabilities
2006-09-13 00:00:00
centos
centos
mailman security update
2006-09-08 09:56:52
oraclelinux
oraclelinux
Moderate mailman security update
2006-11-30 00:00:00
gentoo
gentoo
Mailman: Multiple vulnerabilities
2006-09-19 00:00:00
redhat
redhat
(RHSA-2006:0600) mailman security update
2006-09-06 00:00:00
securityvulns
securityvulns
[Full-disclosure] [USN-347-1] Linux kernel vulnerabilities
2006-09-19 00:00:00
Mailman 2.1.8 Multiple Security Issues
2006-09-14 00:00:00
freebsd
freebsd
mailman -- Multiple Vulnerabilities
2006-06-09 00:00:00
cve
cve
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:13:19
Cross-Site Scripting (XSS)
2020-04-10 00:13:19
prion
prion
Design/Logic Flaw
2006-09-06 00:04:00
Cross site scripting
2008-02-05 02:00:00
debiancve
debiancve
ubuntucve
ubuntucve
packetstorm
packetstorm
0013.txt
2006-09-14 00:00:00
osv
osv
mailman
2006-10-04 00:00:00
debian
debian
[SECURITY] [DSA 1188-1] New mailman packages fix several problems
2006-10-04 07:23:33
Related for UBUNTU_USN-345-1.NASL