ID OPENVAS:70265 Type openvas Reporter Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com Modified 2017-02-25T00:00:00
Description
The remote host is missing an update to the system
as announced in the referenced advisory.
#
#VID 879b0242-c5b6-11e0-abd1-0017f22d6707
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from VID 879b0242-c5b6-11e0-abd1-0017f22d6707
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "The following package is affected: dtc
CVE-2011-0434
Multiple SQL injection vulnerabilities in Domain Technologie Control
(DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL
commands via the cid parameter to (1) admin/bw_per_month.php or (2)
client/bw_per_month.php.
CVE-2011-0435
Domain Technologie Control (DTC) before 0.32.9 does not require
authentication for (1) admin/bw_per_month.php and (2)
client/bw_per_month.php, which allows remote attackers to obtain
potentially sensitive bandwidth information via a direct request.
CVE-2011-0436
The register_user function in client/new_account_form.php in Domain
Technologie Control (DTC) before 0.32.9 includes a cleartext password
in an e-mail message, which makes it easier for remote attackers to
obtain sensitive information by sniffing the network.
CVE-2011-0437
shared/inc/sql/ssh.php in the SSH accounts management implementation
in Domain Technologie Control (DTC) before 0.32.9 allows remote
authenticated users to delete arbitrary accounts via the edssh_account
parameter in a deletesshaccount Delete action.";
tag_solution = "Update your system with the appropriate patches or
software upgrades.
http://www.debian.org/security/2011/dsa-2179
http://www.vuxml.org/freebsd/879b0242-c5b6-11e0-abd1-0017f22d6707.html";
tag_summary = "The remote host is missing an update to the system
as announced in the referenced advisory.";
if(description)
{
script_id(70265);
script_version("$Revision: 5424 $");
script_tag(name:"last_modification", value:"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $");
script_tag(name:"creation_date", value:"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cve_id("CVE-2011-0434", "CVE-2011-0435", "CVE-2011-0436", "CVE-2011-0437");
script_name("FreeBSD Ports: dtc");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsdrel", "login/SSH/success");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-bsd.inc");
txt = "";
vuln = 0;
bver = portver(pkg:"dtc");
if(!isnull(bver) && revcomp(a:bver, b:"0.32.9")<0) {
txt += 'Package dtc version ' + bver + ' is installed which is known to be vulnerable.\n';
vuln = 1;
}
if(vuln) {
security_message(data:string(txt));
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:70265", "type": "openvas", "bulletinFamily": "scanner", "title": "FreeBSD Ports: dtc", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2011-09-21T00:00:00", "modified": "2017-02-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=70265", "reporter": "Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "lastseen": "2017-07-02T21:13:36", "viewCount": 0, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2017-07-02T21:13:36", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-0435", "CVE-2011-0436", "CVE-2011-0434", "CVE-2011-0437"]}, {"type": "freebsd", "idList": ["879B0242-C5B6-11E0-ABD1-0017F22D6707"]}, {"type": "openvas", "idList": ["OPENVAS:69114", "OPENVAS:136141256231069114", "OPENVAS:136141256231070265"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25859", "SECURITYVULNS:VULN:11476"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2179-1:CA5E6"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2179.NASL", "FREEBSD_PKG_879B0242C5B611E0ABD10017F22D6707.NASL"]}], "modified": "2017-07-02T21:13:36", "rev": 2}, "vulnersScore": 6.4}, "pluginID": "70265", "sourceData": "#\n#VID 879b0242-c5b6-11e0-abd1-0017f22d6707\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 879b0242-c5b6-11e0-abd1-0017f22d6707\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: dtc\n\nCVE-2011-0434\nMultiple SQL injection vulnerabilities in Domain Technologie Control\n(DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL\ncommands via the cid parameter to (1) admin/bw_per_month.php or (2)\nclient/bw_per_month.php.\n\nCVE-2011-0435\nDomain Technologie Control (DTC) before 0.32.9 does not require\nauthentication for (1) admin/bw_per_month.php and (2)\nclient/bw_per_month.php, which allows remote attackers to obtain\npotentially sensitive bandwidth information via a direct request.\n\nCVE-2011-0436\nThe register_user function in client/new_account_form.php in Domain\nTechnologie Control (DTC) before 0.32.9 includes a cleartext password\nin an e-mail message, which makes it easier for remote attackers to\nobtain sensitive information by sniffing the network.\n\nCVE-2011-0437\nshared/inc/sql/ssh.php in the SSH accounts management implementation\nin Domain Technologie Control (DTC) before 0.32.9 allows remote\nauthenticated users to delete arbitrary accounts via the edssh_account\nparameter in a deletesshaccount Delete action.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.debian.org/security/2011/dsa-2179\nhttp://www.vuxml.org/freebsd/879b0242-c5b6-11e0-abd1-0017f22d6707.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70265);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-0434\", \"CVE-2011-0435\", \"CVE-2011-0436\", \"CVE-2011-0437\");\n script_name(\"FreeBSD Ports: dtc\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"dtc\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.32.9\")<0) {\n txt += 'Package dtc version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "FreeBSD Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:50:58", "description": "Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php or (2) client/bw_per_month.php.", "edition": 6, "cvss3": {}, "published": "2011-03-07T21:00:00", "title": "CVE-2011-0434", "type": "cve", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0434"], "modified": "2017-08-17T01:33:00", "cpe": ["cpe:/a:gplhost:domain_technologie_control:0.32.1", "cpe:/a:gplhost:domain_technologie_control:0.26.8", "cpe:/a:gplhost:domain_technologie_control:0.29.1", "cpe:/a:gplhost:domain_technologie_control:0.30.6", "cpe:/a:gplhost:domain_technologie_control:0.32.6", "cpe:/a:gplhost:domain_technologie_control:0.29.6", "cpe:/a:gplhost:domain_technologie_control:0.32.8", "cpe:/a:gplhost:domain_technologie_control:0.30.8", "cpe:/a:gplhost:domain_technologie_control:0.26.7", "cpe:/a:gplhost:domain_technologie_control:0.32.3", "cpe:/a:gplhost:domain_technologie_control:0.29.8", "cpe:/a:gplhost:domain_technologie_control:0.27.3", "cpe:/a:gplhost:domain_technologie_control:0.26.9", "cpe:/a:gplhost:domain_technologie_control:0.29.16", "cpe:/a:gplhost:domain_technologie_control:0.28.4", "cpe:/a:gplhost:domain_technologie_control:0.29.15", "cpe:/a:gplhost:domain_technologie_control:0.32.4", "cpe:/a:gplhost:domain_technologie_control:0.28.2", "cpe:/a:gplhost:domain_technologie_control:0.32.2", "cpe:/a:gplhost:domain_technologie_control:0.28.10", "cpe:/a:gplhost:domain_technologie_control:0.25.3", "cpe:/a:gplhost:domain_technologie_control:0.24.6", "cpe:/a:gplhost:domain_technologie_control:0.25.2", "cpe:/a:gplhost:domain_technologie_control:0.32.5", "cpe:/a:gplhost:domain_technologie_control:0.30.18", "cpe:/a:gplhost:domain_technologie_control:0.25.1", "cpe:/a:gplhost:domain_technologie_control:0.32.7", "cpe:/a:gplhost:domain_technologie_control:0.30.20", "cpe:/a:gplhost:domain_technologie_control:0.29.17", "cpe:/a:gplhost:domain_technologie_control:0.28.3", "cpe:/a:gplhost:domain_technologie_control:0.29.10", "cpe:/a:gplhost:domain_technologie_control:0.30.10", "cpe:/a:gplhost:domain_technologie_control:0.28.6", "cpe:/a:gplhost:domain_technologie_control:0.29.14", "cpe:/a:gplhost:domain_technologie_control:0.28.9"], "id": "CVE-2011-0434", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0434", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:50:58", "description": "shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_account parameter in a deletesshaccount Delete action.", "edition": 6, "cvss3": {}, "published": "2011-03-07T21:00:00", "title": "CVE-2011-0437", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0437"], "modified": "2017-08-17T01:33:00", "cpe": ["cpe:/a:gplhost:domain_technologie_control:0.32.1", "cpe:/a:gplhost:domain_technologie_control:0.26.8", "cpe:/a:gplhost:domain_technologie_control:0.29.1", "cpe:/a:gplhost:domain_technologie_control:0.30.6", "cpe:/a:gplhost:domain_technologie_control:0.32.6", "cpe:/a:gplhost:domain_technologie_control:0.29.6", "cpe:/a:gplhost:domain_technologie_control:0.32.8", "cpe:/a:gplhost:domain_technologie_control:0.30.8", "cpe:/a:gplhost:domain_technologie_control:0.26.7", "cpe:/a:gplhost:domain_technologie_control:0.32.3", "cpe:/a:gplhost:domain_technologie_control:0.29.8", "cpe:/a:gplhost:domain_technologie_control:0.27.3", "cpe:/a:gplhost:domain_technologie_control:0.26.9", "cpe:/a:gplhost:domain_technologie_control:0.29.16", "cpe:/a:gplhost:domain_technologie_control:0.28.4", "cpe:/a:gplhost:domain_technologie_control:0.29.15", "cpe:/a:gplhost:domain_technologie_control:0.32.4", "cpe:/a:gplhost:domain_technologie_control:0.28.2", "cpe:/a:gplhost:domain_technologie_control:0.32.2", "cpe:/a:gplhost:domain_technologie_control:0.28.10", "cpe:/a:gplhost:domain_technologie_control:0.25.3", "cpe:/a:gplhost:domain_technologie_control:0.24.6", "cpe:/a:gplhost:domain_technologie_control:0.25.2", "cpe:/a:gplhost:domain_technologie_control:0.32.5", "cpe:/a:gplhost:domain_technologie_control:0.30.18", "cpe:/a:gplhost:domain_technologie_control:0.25.1", "cpe:/a:gplhost:domain_technologie_control:0.32.7", "cpe:/a:gplhost:domain_technologie_control:0.30.20", "cpe:/a:gplhost:domain_technologie_control:0.29.17", "cpe:/a:gplhost:domain_technologie_control:0.28.3", "cpe:/a:gplhost:domain_technologie_control:0.29.10", "cpe:/a:gplhost:domain_technologie_control:0.30.10", "cpe:/a:gplhost:domain_technologie_control:0.28.6", "cpe:/a:gplhost:domain_technologie_control:0.29.14", "cpe:/a:gplhost:domain_technologie_control:0.28.9"], "id": "CVE-2011-0437", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0437", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:50:58", "description": "Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sensitive bandwidth information via a direct request.", "edition": 6, "cvss3": {}, "published": "2011-03-07T21:00:00", "title": "CVE-2011-0435", "type": "cve", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0435"], "modified": "2017-08-17T01:33:00", "cpe": ["cpe:/a:gplhost:domain_technologie_control:0.32.1", "cpe:/a:gplhost:domain_technologie_control:0.26.8", "cpe:/a:gplhost:domain_technologie_control:0.29.1", "cpe:/a:gplhost:domain_technologie_control:0.30.6", "cpe:/a:gplhost:domain_technologie_control:0.32.6", "cpe:/a:gplhost:domain_technologie_control:0.29.6", "cpe:/a:gplhost:domain_technologie_control:0.32.8", "cpe:/a:gplhost:domain_technologie_control:0.30.8", "cpe:/a:gplhost:domain_technologie_control:0.26.7", "cpe:/a:gplhost:domain_technologie_control:0.32.3", "cpe:/a:gplhost:domain_technologie_control:0.29.8", "cpe:/a:gplhost:domain_technologie_control:0.27.3", "cpe:/a:gplhost:domain_technologie_control:0.26.9", "cpe:/a:gplhost:domain_technologie_control:0.29.16", "cpe:/a:gplhost:domain_technologie_control:0.28.4", "cpe:/a:gplhost:domain_technologie_control:0.29.15", "cpe:/a:gplhost:domain_technologie_control:0.32.4", "cpe:/a:gplhost:domain_technologie_control:0.28.2", "cpe:/a:gplhost:domain_technologie_control:0.32.2", "cpe:/a:gplhost:domain_technologie_control:0.28.10", "cpe:/a:gplhost:domain_technologie_control:0.25.3", "cpe:/a:gplhost:domain_technologie_control:0.24.6", "cpe:/a:gplhost:domain_technologie_control:0.25.2", "cpe:/a:gplhost:domain_technologie_control:0.32.5", "cpe:/a:gplhost:domain_technologie_control:0.30.18", "cpe:/a:gplhost:domain_technologie_control:0.25.1", "cpe:/a:gplhost:domain_technologie_control:0.32.7", "cpe:/a:gplhost:domain_technologie_control:0.30.20", "cpe:/a:gplhost:domain_technologie_control:0.29.17", "cpe:/a:gplhost:domain_technologie_control:0.28.3", "cpe:/a:gplhost:domain_technologie_control:0.29.10", "cpe:/a:gplhost:domain_technologie_control:0.30.10", "cpe:/a:gplhost:domain_technologie_control:0.28.6", "cpe:/a:gplhost:domain_technologie_control:0.29.14", "cpe:/a:gplhost:domain_technologie_control:0.28.9"], "id": "CVE-2011-0435", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0435", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:50:58", "description": "The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.", "edition": 6, "cvss3": {}, "published": "2011-03-07T21:00:00", "title": "CVE-2011-0436", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0436"], "modified": "2017-08-17T01:33:00", "cpe": ["cpe:/a:gplhost:domain_technologie_control:0.32.1", "cpe:/a:gplhost:domain_technologie_control:0.26.8", "cpe:/a:gplhost:domain_technologie_control:0.29.1", "cpe:/a:gplhost:domain_technologie_control:0.30.6", "cpe:/a:gplhost:domain_technologie_control:0.32.6", "cpe:/a:gplhost:domain_technologie_control:0.29.6", "cpe:/a:gplhost:domain_technologie_control:0.32.8", "cpe:/a:gplhost:domain_technologie_control:0.30.8", "cpe:/a:gplhost:domain_technologie_control:0.26.7", "cpe:/a:gplhost:domain_technologie_control:0.32.3", "cpe:/a:gplhost:domain_technologie_control:0.29.8", "cpe:/a:gplhost:domain_technologie_control:0.27.3", "cpe:/a:gplhost:domain_technologie_control:0.26.9", "cpe:/a:gplhost:domain_technologie_control:0.29.16", "cpe:/a:gplhost:domain_technologie_control:0.28.4", "cpe:/a:gplhost:domain_technologie_control:0.29.15", "cpe:/a:gplhost:domain_technologie_control:0.32.4", "cpe:/a:gplhost:domain_technologie_control:0.28.2", "cpe:/a:gplhost:domain_technologie_control:0.32.2", "cpe:/a:gplhost:domain_technologie_control:0.28.10", "cpe:/a:gplhost:domain_technologie_control:0.25.3", "cpe:/a:gplhost:domain_technologie_control:0.24.6", "cpe:/a:gplhost:domain_technologie_control:0.25.2", "cpe:/a:gplhost:domain_technologie_control:0.32.5", "cpe:/a:gplhost:domain_technologie_control:0.30.18", "cpe:/a:gplhost:domain_technologie_control:0.25.1", "cpe:/a:gplhost:domain_technologie_control:0.32.7", "cpe:/a:gplhost:domain_technologie_control:0.30.20", "cpe:/a:gplhost:domain_technologie_control:0.29.17", "cpe:/a:gplhost:domain_technologie_control:0.28.3", "cpe:/a:gplhost:domain_technologie_control:0.29.10", "cpe:/a:gplhost:domain_technologie_control:0.30.10", "cpe:/a:gplhost:domain_technologie_control:0.28.6", "cpe:/a:gplhost:domain_technologie_control:0.29.14", "cpe:/a:gplhost:domain_technologie_control:0.28.9"], "id": "CVE-2011-0436", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0436", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*", "cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:55:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "description": "The remote host is missing an update to dtc\nannounced via advisory DSA 2179-1.", "modified": "2017-07-07T00:00:00", "published": "2011-03-09T00:00:00", "id": "OPENVAS:69114", "href": "http://plugins.openvas.org/nasl.php?oid=69114", "type": "openvas", "title": "Debian Security Advisory DSA 2179-1 (dtc)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2179_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2179-1 (dtc)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the oldstable distribution (lenny), this problem has been fixed in\nversion 0.29.17-1+lenny1.\n\nThe stable distribution (squeeze) and the the testing distribution\n(wheezy) do not contain any dtc packages.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.32.10-1.\n\nWe recommend that you upgrade your dtc packages.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=DSA%202179-1\";\n\ntag_insight = \"Ansgar Burchardt discovered several vulnerabilities in DTC, a web\ncontrol panel for admin and accounting hosting services.\n\nCVE-2011-0434\nThe bw_per_moth.php graph contains an SQL injection vulnerability.\n\nCVE-2011-0435\nInsufficient checks in bw_per_month.php can lead to bandwidth\nusage information disclosure.\n\nCVE-2011-0436\nAfter a registration, passwords are sent in cleartext\nemail messages.\n\nCVE-2011-0437\nAuthenticated users could delete accounts using an obsolete\ninterface which was incorrectly included in the package.\n\nThis update introduces a new configuration option which controls the\npresence of cleartext passwords in email messages. The default is not\nto include cleartext passwords\";\ntag_summary = \"The remote host is missing an update to dtc\nannounced via advisory DSA 2179-1.\";\n\n\n\n\nif(description)\n{\n script_id(69114);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_cve_id(\"CVE-2011-0434\", \"CVE-2011-0435\", \"CVE-2011-0436\", \"CVE-2011-0437\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 2179-1 (dtc)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dtc-common\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dtc-core\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dtc-cyrus\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dtc-postfix-courier\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dtc-stats-daemon\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dtc-toaster\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "description": "The remote host is missing an update to dtc\nannounced via advisory DSA 2179-1.", "modified": "2019-03-18T00:00:00", "published": "2011-03-09T00:00:00", "id": "OPENVAS:136141256231069114", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069114", "type": "openvas", "title": "Debian Security Advisory DSA 2179-1 (dtc)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2179_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2179-1 (dtc)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69114\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_cve_id(\"CVE-2011-0434\", \"CVE-2011-0435\", \"CVE-2011-0436\", \"CVE-2011-0437\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 2179-1 (dtc)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB5\");\n script_tag(name:\"insight\", value:\"Ansgar Burchardt discovered several vulnerabilities in DTC, a web\ncontrol panel for admin and accounting hosting services.\n\nCVE-2011-0434\nThe bw_per_moth.php graph contains an SQL injection vulnerability.\n\nCVE-2011-0435\nInsufficient checks in bw_per_month.php can lead to bandwidth\nusage information disclosure.\n\nCVE-2011-0436\nAfter a registration, passwords are sent in cleartext\nemail messages.\n\nCVE-2011-0437\nAuthenticated users could delete accounts using an obsolete\ninterface which was incorrectly included in the package.\n\nThis update introduces a new configuration option which controls the\npresence of cleartext passwords in email messages. The default is not\nto include cleartext passwords\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to dtc\nannounced via advisory DSA 2179-1.\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (lenny), this problem has been fixed in\nversion 0.29.17-1+lenny1.\n\nThe stable distribution (squeeze) and the the testing distribution\n(wheezy) do not contain any dtc packages.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.32.10-1.\n\nWe recommend that you upgrade your dtc packages.\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202179-1\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"dtc-common\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dtc-core\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dtc-cyrus\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dtc-postfix-courier\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dtc-stats-daemon\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dtc-toaster\", ver:\"0.29.17-1+lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2011-09-21T00:00:00", "id": "OPENVAS:136141256231070265", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070265", "type": "openvas", "title": "FreeBSD Ports: dtc", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_dtc.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 879b0242-c5b6-11e0-abd1-0017f22d6707\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70265\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-21 05:47:11 +0200 (Wed, 21 Sep 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-0434\", \"CVE-2011-0435\", \"CVE-2011-0436\", \"CVE-2011-0437\");\n script_name(\"FreeBSD Ports: dtc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: dtc\n\nCVE-2011-0434\nMultiple SQL injection vulnerabilities in Domain Technologie Control\n(DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL\ncommands via the cid parameter to (1) admin/bw_per_month.php or (2)\nclient/bw_per_month.php.\n\nCVE-2011-0435\nDomain Technologie Control (DTC) before 0.32.9 does not require\nauthentication for (1) admin/bw_per_month.php and (2)\nclient/bw_per_month.php, which allows remote attackers to obtain\npotentially sensitive bandwidth information via a direct request.\n\nCVE-2011-0436\nThe register_user function in client/new_account_form.php in Domain\nTechnologie Control (DTC) before 0.32.9 includes a cleartext password\nin an e-mail message, which makes it easier for remote attackers to\nobtain sensitive information by sniffing the network.\n\nCVE-2011-0437\nshared/inc/sql/ssh.php in the SSH accounts management implementation\nin Domain Technologie Control (DTC) before 0.32.9 allows remote\nauthenticated users to delete arbitrary accounts via the edssh_account\nparameter in a deletesshaccount Delete action.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2011/dsa-2179\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/879b0242-c5b6-11e0-abd1-0017f22d6707.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"dtc\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.32.9\")<0) {\n txt += 'Package dtc version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:39", "bulletinFamily": "software", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2179-1 security@debian.org\r\nhttp://www.debian.org/security/ Florian Weimer\r\nMarch 02, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : dtc\r\nVulnerability : SQL injection\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2011-0434 CVE-2011-0435 CVE-2011-0436 CVE-2011-0437\r\nDebian Bug : 614302\r\n\r\nAnsgar Burchardt discovered several vulnerabilities in DTC, a web\r\ncontrol panel for admin and accounting hosting services.\r\n\r\nCVE-2011-0434\r\n The bw_per_moth.php graph contains an SQL injection vulnerability.\r\n\r\nCVE-2011-0435\r\n Insufficient checks in bw_per_month.php can lead to bandwidth\r\n usage information disclosure.\r\n\r\nCVE-2011-0436\r\n After a registration, passwords are sent in cleartext\r\n email messages.\r\n\r\nCVE-2011-0437\r\n Authenticated users could delete accounts using an obsolete\r\n interface which was incorrectly included in the package.\r\n\r\nThis update introduces a new configuration option which controls the\r\npresence of cleartext passwords in email messages. The default is not\r\nto include cleartext passwords\r\n\r\nFor the oldstable distribution (lenny), this problem has been fixed in\r\nversion 0.29.17-1+lenny1.\r\n\r\nThe stable distribution (squeeze) and the the testing distribution\r\n(wheezy) do not contain any dtc packages.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 0.32.10-1.\r\n\r\nWe recommend that you upgrade your dtc packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJNbrJgAAoJEL97/wQC1SS+eDIH/jXzYyeewVlt7g3WkwJJEVt3\r\n0PGk+gGBPAAOkDGJAYAb9su8dIktS4HJNyKlcJbf5joGDVr5IPee6f47+f5zR1MG\r\nUYr3N4wrLAUOSt7Zed5p1FJwFpoaPD0S2D/4yynTI8yuBw055GUZkIZcB5ATrALV\r\nyRhW3ETIOPlPcBHW0D0BVe5VVIUdWpu2dzerNcvHuzOi5UaWU1OPBbgcP6wz/e/d\r\nHoTN1lec3mftRbAFYPf6C+cVCyJ7dhSH6Tq6ShZsyJ0DAdOOau7VwvgO6yifOMgE\r\n5XqBnT5uOcIMyk/Z6vQ89JLsyn9lBbNabXWi3yBIR28nFoTDm2Y9RGdli9CxOMs=\r\n=GmmS\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "SECURITYVULNS:DOC:25859", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25859", "title": "[SECURITY] [DSA 2179-1] dtc security update", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:41", "bulletinFamily": "software", "cvelist": ["CVE-2011-0434", "CVE-2011-0432", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "SECURITYVULNS:VULN:11476", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11476", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T10:46:52", "description": "Ansgar Burchardt reports :\n\nAnsgar Burchardt discovered several vulnerabilities in DTC, a web\ncontrol panel for admin and accounting hosting services : The\nbw_per_moth.php graph contains a SQL injection vulnerability;\ninsufficient checks in bw_per_month.php can lead to bandwidth usage\ninformation disclosure; after a registration, passwords are sent in\ncleartext email messages and Authenticated users could delete accounts\nusing an obsolete interface which was incorrectly included in the\npackage.", "edition": 24, "published": "2011-08-15T00:00:00", "title": "FreeBSD : dtc -- multiple vulnerabilities (879b0242-c5b6-11e0-abd1-0017f22d6707)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "modified": "2011-08-15T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:dtc"], "id": "FREEBSD_PKG_879B0242C5B611E0ABD10017F22D6707.NASL", "href": "https://www.tenable.com/plugins/nessus/55846", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55846);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0434\", \"CVE-2011-0435\", \"CVE-2011-0436\", \"CVE-2011-0437\");\n script_xref(name:\"DSA\", value:\"2179\");\n\n script_name(english:\"FreeBSD : dtc -- multiple vulnerabilities (879b0242-c5b6-11e0-abd1-0017f22d6707)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ansgar Burchardt reports :\n\nAnsgar Burchardt discovered several vulnerabilities in DTC, a web\ncontrol panel for admin and accounting hosting services : The\nbw_per_moth.php graph contains a SQL injection vulnerability;\ninsufficient checks in bw_per_month.php can lead to bandwidth usage\ninformation disclosure; after a registration, passwords are sent in\ncleartext email messages and Authenticated users could delete accounts\nusing an obsolete interface which was incorrectly included in the\npackage.\"\n );\n # https://vuxml.freebsd.org/freebsd/879b0242-c5b6-11e0-abd1-0017f22d6707.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2345d47a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:dtc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"dtc<0.32.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:46:20", "description": "Ansgar Burchardt discovered several vulnerabilities in DTC, a web\ncontrol panel for admin and accounting hosting services.\n\n - CVE-2011-0434\n The bw_per_moth.php graph contains a SQL injection\n vulnerability.\n\n - CVE-2011-0435\n Insufficient checks in bw_per_month.php can lead to\n bandwidth usage information disclosure.\n\n - CVE-2011-0436\n After a registration, passwords are sent in cleartext\n email messages.\n\n - CVE-2011-0437\n Authenticated users could delete accounts using an\n obsolete interface which was incorrectly included in the\n package.\n\nThis update introduces a new configuration option which controls the\npresence of cleartext passwords in email messages. The default is not\nto include cleartext passwords.", "edition": 16, "published": "2011-03-03T00:00:00", "title": "Debian DSA-2179-1 : dtc - SQL injection", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "modified": "2011-03-03T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:dtc", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2179.NASL", "href": "https://www.tenable.com/plugins/nessus/52513", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2179. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52513);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-0434\", \"CVE-2011-0435\", \"CVE-2011-0436\", \"CVE-2011-0437\");\n script_xref(name:\"DSA\", value:\"2179\");\n\n script_name(english:\"Debian DSA-2179-1 : dtc - SQL injection\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ansgar Burchardt discovered several vulnerabilities in DTC, a web\ncontrol panel for admin and accounting hosting services.\n\n - CVE-2011-0434\n The bw_per_moth.php graph contains a SQL injection\n vulnerability.\n\n - CVE-2011-0435\n Insufficient checks in bw_per_month.php can lead to\n bandwidth usage information disclosure.\n\n - CVE-2011-0436\n After a registration, passwords are sent in cleartext\n email messages.\n\n - CVE-2011-0437\n Authenticated users could delete accounts using an\n obsolete interface which was incorrectly included in the\n package.\n\nThis update introduces a new configuration option which controls the\npresence of cleartext passwords in email messages. The default is not\nto include cleartext passwords.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2179\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the dtc packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.29.17-1+lenny1.\n\nThe stable distribution (squeeze) and the testing distribution\n(wheezy) do not contain any dtc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dtc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"dtc\", reference:\"0.29.17-1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:57", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "description": "\nAnsgar Burchardt reports:\n\nAnsgar Burchardt discovered several vulnerabilities in DTC, a\n\t web control panel for admin and accounting hosting services:\n\t The bw_per_moth.php graph contains an SQL injection\n\t vulnerability; insufficient checks in bw_per_month.php can lead\n\t to bandwidth usage information disclosure; after a registration,\n\t passwords are sent in cleartext email messages and Authenticated\n\t users could delete accounts using an obsolete interface which\n\t was incorrectly included in the package.\n\n", "edition": 4, "modified": "2011-03-02T00:00:00", "published": "2011-03-02T00:00:00", "id": "879B0242-C5B6-11E0-ABD1-0017F22D6707", "href": "https://vuxml.freebsd.org/freebsd/879b0242-c5b6-11e0-abd1-0017f22d6707.html", "title": "dtc -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:30:21", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0434", "CVE-2011-0437", "CVE-2011-0435", "CVE-2011-0436"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2179-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nMarch 02, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : dtc\nVulnerability : SQL injection\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-0434 CVE-2011-0435 CVE-2011-0436 CVE-2011-0437\nDebian Bug : 614302\n\nAnsgar Burchardt discovered several vulnerabilities in DTC, a web\ncontrol panel for admin and accounting hosting services.\n\nCVE-2011-0434\n The bw_per_moth.php graph contains an SQL injection vulnerability.\n\nCVE-2011-0435\n Insufficient checks in bw_per_month.php can lead to bandwidth\n usage information disclosure.\n\nCVE-2011-0436\n After a registration, passwords are sent in cleartext\n email messages.\n\nCVE-2011-0437\n Authenticated users could delete accounts using an obsolete\n interface which was incorrectly included in the package.\n\nThis update introduces a new configuration option which controls the\npresence of cleartext passwords in email messages. The default is not\nto include cleartext passwords\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.29.17-1+lenny1.\n\nThe stable distribution (squeeze) and the the testing distribution\n(wheezy) do not contain any dtc packages.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.32.10-1.\n\nWe recommend that you upgrade your dtc packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2011-03-02T20:57:35", "published": "2011-03-02T20:57:35", "id": "DEBIAN:DSA-2179-1:CA5E6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00046.html", "title": "[SECURITY] [DSA 2179-1] dtc security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
