6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.4%
The remote host is missing an update to the system
as announced in the referenced advisory.
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.52188");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2005-0100");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/12462");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("FreeBSD Ports: zh-emacs, emacs");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdrel");
script_xref(name:"URL", value:"https://www.vuxml.org/freebsd/3e3c860d-7dae-11d9-a9e7-0001020eed82.html");
script_tag(name:"insight", value:"The following packages are affected:
zh-emacs
emacs
xemacs
xemacs-mule
zh-xemacs
zh-xemacs-mule
xemacs-devel
xemacs-devel-21.5
xemacs-devel-mule
mule-common
hanemacs
CVE-2005-0100
Format string vulnerability in the movemail utility in (1) Emacs 20.x,
21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier,
allows remote malicious POP3 servers to execute arbitrary code via
crafted packets.");
script_tag(name:"solution", value:"Update your system with the appropriate patches or
software upgrades.");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-bsd.inc");
vuln = FALSE;
txt = "";
bver = portver(pkg:"zh-emacs");
if(!isnull(bver) && revcomp(a:bver, b:"20.7_4")<0) {
txt += 'Package zh-emacs version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
if(!isnull(bver) && revcomp(a:bver, b:"21")>0 && revcomp(a:bver, b:"21.3_4")<0) {
txt += 'Package zh-emacs version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"emacs");
if(!isnull(bver) && revcomp(a:bver, b:"20.7_4")<0) {
txt += 'Package emacs version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
if(!isnull(bver) && revcomp(a:bver, b:"21")>0 && revcomp(a:bver, b:"21.3_4")<0) {
txt += 'Package emacs version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"xemacs");
if(!isnull(bver) && revcomp(a:bver, b:"21.4.17")<0) {
txt += 'Package xemacs version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"xemacs-mule");
if(!isnull(bver) && revcomp(a:bver, b:"21.4.17")<0) {
txt += 'Package xemacs-mule version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"zh-xemacs");
if(!isnull(bver) && revcomp(a:bver, b:"21.4.17")<0) {
txt += 'Package zh-xemacs version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"zh-xemacs-mule");
if(!isnull(bver) && revcomp(a:bver, b:"21.4.17")<0) {
txt += 'Package zh-xemacs-mule version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"xemacs-devel");
if(!isnull(bver) && revcomp(a:bver, b:"21.5.b19,1")<0) {
txt += 'Package xemacs-devel version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"xemacs-devel-21.5");
if(!isnull(bver) && revcomp(a:bver, b:"b11")==0) {
txt += 'Package xemacs-devel-21.5 version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"xemacs-devel-mule");
if(!isnull(bver) && revcomp(a:bver, b:"21.5.b19")<0) {
txt += 'Package xemacs-devel-mule version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"mule-common");
if(!isnull(bver) && revcomp(a:bver, b:"0")>0) {
txt += 'Package mule-common version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
bver = portver(pkg:"hanemacs");
if(!isnull(bver) && revcomp(a:bver, b:"0")>0) {
txt += 'Package hanemacs version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = TRUE;
}
if(vuln) {
security_message(data:txt);
} else if (__pkg_match) {
exit(99);
}