Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2008 Greenbone Networks GmbHOPENVAS:800206
HistoryDec 16, 2008 - 12:00 a.m.

MailScanner Multiple Insecure Temporary Files Vulnerabilities

2008-12-1600:00:00
Copyright (C) 2008 Greenbone Networks GmbH
plugins.openvas.org
10

0.0004 Low

EPSS

Percentile

5.7%

JSON

This host is installed with MailScanner and is prone to multiple
vulnerabilities.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_mailscanner_mult_vuln.nasl 7823 2017-11-20 08:54:04Z cfischer $
#
# MailScanner Multiple Insecure Temporary Files Vulnerabilities
#
# Authors:
# Sujit Ghosal <[email protected]>
#
# Copyright:
# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation will let the attacker execute arbitrary codes
  in the context of the application and can compromise a vulnerable system.";
tag_affected = "MailScanner version prior to 4.74.7-2 on Linux.";
tag_insight = "The flaws are due to,
  - Several autoupdate scripts for f-prot-autoupdate, clamav-autoupdate,
    panda-autoupdate, trend-autoupdate, bitdefender-wrapper, kaspersky-wrapper
    etc. use temporary files in an insecure manner.
  - The SpamAssassin and TNEF handlers use temporary files in an insecure manner.
  These can be exploited to affects local users to overwrite arbitrary files via
  symlink attacks.";
tag_solution = "Upgrade to the latest MailScanner version 4.74.7-2 or later
  http://www.mailscanner.info/downloads.html";
tag_summary = "This host is installed with MailScanner and is prone to multiple
  vulnerabilities.";

if(description)
{
  script_id(800206);
  script_version("$Revision: 7823 $");
  script_tag(name:"last_modification", value:"$Date: 2017-11-20 09:54:04 +0100 (Mon, 20 Nov 2017) $");
  script_tag(name:"creation_date", value:"2008-12-16 16:12:00 +0100 (Tue, 16 Dec 2008)");
  script_tag(name:"cvss_base", value:"6.9");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_cve_id("CVE-2008-5312", "CVE-2008-5313");
  script_bugtraq_id(32557);
  script_name("MailScanner Multiple Insecure Temporary Files Vulnerabilities");
  script_xref(name : "URL" , value : "http://secunia.com/advisories/33117/");
  script_xref(name : "URL" , value : "http://www.mailscanner.info/ChangeLog");
  script_xref(name : "URL" , value : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353");
  script_xref(name : "URL" , value : "http://www.openwall.com/lists/oss-security/2008/11/29/1");

  script_category(ACT_GATHER_INFO);
  script_tag(name:"qod_type", value:"executable_version");
  script_copyright("Copyright (C) 2008 Greenbone Networks GmbH");
  script_family("General");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("login/SSH/success");
  script_exclude_keys("ssh/no_linux_shell");

  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  exit(0);
}

include("ssh_func.inc");
include("version_func.inc");

sock = ssh_login_or_reuse_connection();
if(sock)
{
  send_cmd = ssh_cmd(socket:sock, cmd:"MailScanner -v", timeout:120);
  ssh_close_connection();
  if("MailScanner" >< send_cmd)
  {
    scanner_ver =  eregmatch(pattern:"MailScanner version ([0-9.]+)",
                             string:send_cmd);
    if(scanner_ver[1] != NULL)
    {
      #Grep for version prior to 4.74.7
      if(version_is_less_equal(version:scanner_ver[1], test_version:"4.74.7")){
        security_message(0);
      }
    }
  }
}

Related

ubuntucve 3
openvas 6
securityvulns 2
prion 3
cve 3
debian 2
ubuntucve
ubuntucve
CVE-2008-5313
2008-12-03 00:00:00
CVE-2008-5312
2008-12-03 00:00:00
CVE-2010-3095
2019-11-12 00:00:00
openvas
openvas
MailScanner Multiple Insecure Temporary Files Vulnerabilities
2008-12-16 00:00:00
Ubuntu USN-697-1 (imlib2)
2008-12-29 00:00:00
Ubuntu USN-698-2 (nagios3)
2008-12-29 00:00:00
securityvulns
securityvulns
mailscanner symbolic links vulnerability
2008-12-23 00:00:00
[ MDVA-2008:241 ] mailscanner
2008-12-23 00:00:00
prion
prion
Design/Logic Flaw
2008-12-03 17:30:00
Code injection
2019-11-12 21:15:00
Design/Logic Flaw
2008-12-03 17:30:00
cve
cve
CVE-2008-5313
2008-12-03 17:30:00
CVE-2010-3095
2019-11-12 21:15:00
CVE-2008-5312
2008-12-03 17:30:00
debian
debian
Subject: BSA-007 Security Update for mailscanner
2010-10-22 10:41:57
Subject: BSA-007 Security Update for mailscanner
2010-10-22 10:26:16

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for OPENVAS:800206
ubuntucve3openvas6securityvulns2prion3cve3debian2