Lucene search
Copyright (C) 2008 Greenbone AGOPENVAS:136141256231053550HistoryJan 17, 2008 - 12:00 a.m.
Debian: Security Advisory (DSA-722-1)
2008-01-1700:00:00
Copyright (C) 2008 Greenbone AG
plugins.openvas.org
3
7.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.7%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2008 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53550");
script_cve_id("CVE-2005-0892");
script_tag(name:"creation_date", value:"2008-01-17 22:00:53 +0000 (Thu, 17 Jan 2008)");
script_version("2024-02-01T14:37:10+0000");
script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Debian: Security Advisory (DSA-722-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB3\.0");
script_xref(name:"Advisory-ID", value:"DSA-722-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2005/DSA-722-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-722");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'smail' package(s) announced via the DSA-722-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"A buffer overflow has been discovered in Smail, an electronic mail transport system, which allows remote attackers and local users to execute arbitrary code.
For the stable distribution (woody) this problem has been fixed in version 3.2.0.114-4woody1.
For the unstable distribution (sid) this problem has been fixed in version 3.2.0.115-7.
We recommend that you upgrade your smail package.");
script_tag(name:"affected", value:"'smail' package(s) on Debian 3.0.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB3.0") {
if(!isnull(res = isdpkgvuln(pkg:"smail", ver:"3.2.0.114-4woody1", rls:"DEB3.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
cve
cve
CVE-2005-0892
2005-03-28 05:00:00
debian
debian
[SECURITY] [DSA 722-1] New smail packages fix arbitrary code execution
2005-05-09 13:18:00
[SECURITY] [DSA 722-1] New smail packages fix arbitrary code execution
2005-05-09 00:00:00
openvas
openvas
Debian Security Advisory DSA 722-1 (smail)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2005-0892
2005-03-29 05:00:00
ubuntucve
ubuntucve
CVE-2005-0892
2005-03-28 00:00:00
nessus
nessus
Debian DSA-722-1 : smail - buffer overflow
2005-05-11 00:00:00
Smail-3 < 3.2.0.121 Multiple Vulnerabilities
2005-03-25 00:00:00
7.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.7%
Related for OPENVAS:136141256231053550