Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231053218HistoryJan 17, 2008 - 12:00 a.m.
Debian Security Advisory DSA 529-1 (netkit-telnet-ssl)
2008-01-1700:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
6
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.027
Percentile
90.5%
The remote host is missing an update to netkit-telnet-ssl
announced via advisory DSA 529-1.
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53218");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:45:44 +0100 (Thu, 17 Jan 2008)");
script_cve_id("CVE-2004-0640");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Debian Security Advisory DSA 529-1 (netkit-telnet-ssl)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB3\.0");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20529-1");
script_tag(name:"insight", value:"b0f discovered a format string vulnerability in netkit-telnet-ssl
which could potentially allow a remote attacker to cause the execution
of arbitrary code with the privileges of the telnet daemon (the
'telnetd' user by default).
For the current stable distribution (woody), this problem has been
fixed in version 0.17.17+0.1-2woody1.
For the unstable distribution (sid), this problem has been fixed in
version 0.17.24+0.1-2.
We recommend that you update your netkit-telnet-ssl package.");
script_tag(name:"summary", value:"The remote host is missing an update to netkit-telnet-ssl
announced via advisory DSA 529-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"telnet-ssl", ver:"0.17.17+0.1-2woody1", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"telnetd-ssl", ver:"0.17.17+0.1-2woody1", rls:"DEB3.0")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Related
securityvulns
securityvulns
nessus
nessus
FreeBSD : Format string vulnerability in SSLtelnet (4aec9d58-ce7b-11d8-858d-000d610a3b12)
2004-07-06 00:00:00
Debian DSA-529-1 : netkit-telnet-ssl - format string
2004-09-29 00:00:00
ubuntucve
ubuntucve
CVE-2004-0640
2004-08-06 00:00:00
freebsd
freebsd
Format string vulnerability in SSLtelnet
2003-04-03 00:00:00
osv
osv
netkit-telnet-ssl - format string
2004-07-17 00:00:00
debiancve
debiancve
CVE-2004-0640
2004-08-06 04:00:00
openvas
openvas
Debian Security Advisory DSA 529-1 (netkit-telnet-ssl)
2008-01-17 00:00:00
FreeBSD Ports: SSLtelnet
2008-09-04 00:00:00
FreeBSD Ports: SSLtelnet
2008-09-04 00:00:00
nvd
nvd
CVE-2004-0640
2004-08-06 04:00:00
cvelist
cvelist
CVE-2004-0640
2004-07-09 04:00:00
cve
cve
CVE-2004-0640
2004-08-06 04:00:00
debian
debian
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.027
Percentile
90.5%
Related for OPENVAS:136141256231053218