Search...

libESMTP multiple vulnerabilities

2010-04-06T00:00:00

ID OPENVAS:800497
Type openvas
Reporter Copyright (c) 2010 Greenbone Networks GmbH
Modified 2017-02-16T00:00:00

Description

This host has libESMTP installed and is prone to multiple vulnerabilities.

Vulnerabilities Insight: Multiple flaws are due to: - An error in 'match_component()' function in 'smtp-tls.c' when processing substrings. It treats two strings as equal if one is a substring of the other, which allows attackers to spoof trusted certificates via a crafted subjectAltName. - An error in handling of 'X.509 certificate'. It does not properly handle a '&qt?&qt' character in a domain name in the 'subject&qts Common Name' field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate.

                                        
                                            ###############################################################################
# OpenVAS Vulnerabilities Test
# $Id: gb_libesmtp_mult_vuln.nasl 5306 2017-02-16 09:00:16Z teissa $
#
# libESMTP multiple vulnerabilities
#
# Authors:
# Antu Sanadi &lt;santu@secpod.com&gt;
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_summary = "This host has libESMTP installed and is prone to multiple
  vulnerabilities.

  Vulnerabilities Insight:
  Multiple flaws are due to:
  - An error in 'match_component()' function in 'smtp-tls.c' when processing
    substrings. It treats two strings as equal if one is a substring of the
    other, which allows attackers to spoof trusted certificates via a crafted
    subjectAltName.
  - An error in handling of 'X.509 certificate'. It does not properly
    handle a '&qt?&qt' character in a domain name in the 'subject&qts Common Name'
    field of an X.509 certificate, which allows man-in-the-middle attackers to
    spoof arbitrary SSL servers via a crafted certificate.";

tag_solution = "Apply patch from below links,
  https://bugzilla.redhat.com/attachment.cgi?id=399131&action=edit
  https://bugzilla.redhat.com/attachment.cgi?id=398839&action=edit

  *****
  NOTE: Ignore this warning, if above mentioned patch is manually applied.
  *****";

tag_impact = "Attackers can exploit this issue to conduct man-in-the-middle attacks to
  spoof arbitrary SSL servers and to spoof trusted certificates.
  Impact Level: Application";
tag_affected = "libESMTP version 1.0.4 and prior.";

if(description)
{
  script_id(800497);
  script_version("$Revision: 5306 $");
  script_tag(name:"last_modification", value:"$Date: 2017-02-16 10:00:16 +0100 (Thu, 16 Feb 2017) $");
  script_tag(name:"creation_date", value:"2010-04-06 08:47:09 +0200 (Tue, 06 Apr 2010)");
  script_cve_id("CVE-2010-1194", "CVE-2010-1192");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_name("libESMTP multiple vulnerabilities");

  script_xref(name : "URL" , value : "https://bugzilla.redhat.com/show_bug.cgi?id=571817");
  script_xref(name : "URL" , value : "http://www.openwall.com/lists/oss-security/2010/03/09/3");
  script_xref(name : "URL" , value : "http://www.openwall.com/lists/oss-security/2010/03/03/6");

  script_tag(name:"qod_type", value:"executable_version");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("General");
  script_dependencies("gb_libesmtp_detect.nasl");
  script_require_keys("libESMTP/Ver");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  exit(0);
}


include("version_func.inc");

libesmtpVer = get_kb_item("libESMTP/Ver");
if(libesmtpVer != NULL)
{
  if(version_is_less_equal(version:libesmtpVer, test_version:"1.0.4")){
    security_message(0);
  }
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:800497", "type": "openvas", "bulletinFamily": "scanner", "title": "libESMTP multiple vulnerabilities", "description": "This host has libESMTP installed and is prone to multiple\n vulnerabilities.\n\n Vulnerabilities Insight:\n Multiple flaws are due to:\n - An error in 'match_component()' function in 'smtp-tls.c' when processing\n substrings. It treats two strings as equal if one is a substring of the\n other, which allows attackers to spoof trusted certificates via a crafted\n subjectAltName.\n - An error in handling of 'X.509 certificate'. It does not properly\n handle a '&qt?&qt' character in a domain name in the 'subject&qts Common Name'\n field of an X.509 certificate, which allows man-in-the-middle attackers to\n spoof arbitrary SSL servers via a crafted certificate.", "published": "2010-04-06T00:00:00", "modified": "2017-02-16T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=800497", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=571817", "http://www.openwall.com/lists/oss-security/2010/03/03/6", "http://www.openwall.com/lists/oss-security/2010/03/09/3"], "cvelist": ["CVE-2010-1194", "CVE-2010-1192"], "lastseen": "2017-07-02T21:10:00", "viewCount": 1, "enchantments": {"score": {"value": 6.2, "vector": "NONE", "modified": "2017-07-02T21:10:00", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-1192", "CVE-2010-1194"]}, {"type": "nessus", "idList": ["SUSE_11_2_LIBESMTP-100430.NASL", "SUSE_11_LIBESMTP-100430.NASL", "SUSE_11_1_LIBESMTP-100430.NASL", "MANDRIVA_MDVSA-2010-195.NASL", "SUSE_11_0_LIBESMTP-100430.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:831195", "OPENVAS:1361412562310831195", "OPENVAS:1361412562310800497"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24857", "SECURITYVULNS:VULN:11184"]}], "modified": "2017-07-02T21:10:00", "rev": 2}, "vulnersScore": 6.2}, "pluginID": "800497", "sourceData": "###############################################################################\n# OpenVAS Vulnerabilities Test\n# $Id: gb_libesmtp_mult_vuln.nasl 5306 2017-02-16 09:00:16Z teissa $\n#\n# libESMTP multiple vulnerabilities\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"This host has libESMTP installed and is prone to multiple\n vulnerabilities.\n\n Vulnerabilities Insight:\n Multiple flaws are due to:\n - An error in 'match_component()' function in 'smtp-tls.c' when processing\n substrings. It treats two strings as equal if one is a substring of the\n other, which allows attackers to spoof trusted certificates via a crafted\n subjectAltName.\n - An error in handling of 'X.509 certificate'. It does not properly\n handle a '&qt?&qt' character in a domain name in the 'subject&qts Common Name'\n field of an X.509 certificate, which allows man-in-the-middle attackers to\n spoof arbitrary SSL servers via a crafted certificate.\";\n\ntag_solution = \"Apply patch from below links,\n https://bugzilla.redhat.com/attachment.cgi?id=399131&action=edit\n https://bugzilla.redhat.com/attachment.cgi?id=398839&action=edit\n\n *****\n NOTE: Ignore this warning, if above mentioned patch is manually applied.\n *****\";\n\ntag_impact = \"Attackers can exploit this issue to conduct man-in-the-middle attacks to\n spoof arbitrary SSL servers and to spoof trusted certificates.\n Impact Level: Application\";\ntag_affected = \"libESMTP version 1.0.4 and prior.\";\n\nif(description)\n{\n script_id(800497);\n script_version(\"$Revision: 5306 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-16 10:00:16 +0100 (Thu, 16 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-06 08:47:09 +0200 (Tue, 06 Apr 2010)\");\n script_cve_id(\"CVE-2010-1194\", \"CVE-2010-1192\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"libESMTP multiple vulnerabilities\");\n\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=571817\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/03/09/3\");\n script_xref(name : \"URL\" , value : \"http://www.openwall.com/lists/oss-security/2010/03/03/6\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_libesmtp_detect.nasl\");\n script_require_keys(\"libESMTP/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nlibesmtpVer = get_kb_item(\"libESMTP/Ver\");\nif(libesmtpVer != NULL)\n{\n if(version_is_less_equal(version:libesmtpVer, test_version:\"1.0.4\")){\n security_message(0);\n }\n}\n", "naslFamily": "General", "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:44:57", "description": "The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName.", "edition": 4, "cvss3": {}, "published": "2010-03-31T18:00:00", "title": "CVE-2010-1194", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1194"], "modified": "2010-05-22T05:46:00", "cpe": ["cpe:/a:stafford.uklinux:libesmtp:0.3", "cpe:/a:stafford.uklinux:libesmtp:0.8.3", "cpe:/a:stafford.uklinux:libesmtp:0.8.9", "cpe:/a:stafford.uklinux:libesmtp:0.8.8", "cpe:/a:stafford.uklinux:libesmtp:0.6.1", "cpe:/a:stafford.uklinux:libesmtp:0.8.11", "cpe:/a:stafford.uklinux:libesmtp:0.4", "cpe:/a:stafford.uklinux:libesmtp:1.0.4", "cpe:/a:stafford.uklinux:libesmtp:1.0.1", "cpe:/a:stafford.uklinux:libesmtp:0.8.7", "cpe:/a:stafford.uklinux:libesmtp:1.0", "cpe:/a:stafford.uklinux:libesmtp:0.8.4", "cpe:/a:stafford.uklinux:libesmtp:0.5", "cpe:/a:stafford.uklinux:libesmtp:0.8.10", "cpe:/a:stafford.uklinux:libesmtp:0.8.1", "cpe:/a:stafford.uklinux:libesmtp:0.6", "cpe:/a:stafford.uklinux:libesmtp:0.8.0", "cpe:/a:stafford.uklinux:libesmtp:0.1", "cpe:/a:stafford.uklinux:libesmtp:0.8.2", "cpe:/a:stafford.uklinux:libesmtp:1.0.3", "cpe:/a:stafford.uklinux:libesmtp:0.8.5", "cpe:/a:stafford.uklinux:libesmtp:0.8.12", "cpe:/a:stafford.uklinux:libesmtp:0.2", "cpe:/a:stafford.uklinux:libesmtp:0.7.0", "cpe:/a:stafford.uklinux:libesmtp:0.8.6", "cpe:/a:stafford.uklinux:libesmtp:0.7.1", "cpe:/a:stafford.uklinux:libesmtp:1.0.2"], "id": "CVE-2010-1194", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1194", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:stafford.uklinux:libesmtp:0.2:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.12:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.10:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.11:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.6:a:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.5:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.1:a:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.3:r1:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.1:-:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.10:p1:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.3:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.4:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.6:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:44:57", "description": "libESMTP, probably 1.0.4 and earlier, does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", "edition": 6, "cvss3": {}, "published": "2010-03-31T18:00:00", "title": "CVE-2010-1192", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1192"], "modified": "2010-05-22T05:46:00", "cpe": ["cpe:/a:stafford.uklinux:libesmtp:0.3", "cpe:/a:stafford.uklinux:libesmtp:0.8.3", "cpe:/a:stafford.uklinux:libesmtp:0.8.9", "cpe:/a:stafford.uklinux:libesmtp:0.8.8", "cpe:/a:stafford.uklinux:libesmtp:0.6.1", "cpe:/a:stafford.uklinux:libesmtp:0.8.11", "cpe:/a:stafford.uklinux:libesmtp:0.4", "cpe:/a:stafford.uklinux:libesmtp:1.0.4", "cpe:/a:stafford.uklinux:libesmtp:1.0.1", "cpe:/a:stafford.uklinux:libesmtp:0.8.7", "cpe:/a:stafford.uklinux:libesmtp:1.0", "cpe:/a:stafford.uklinux:libesmtp:0.8.4", "cpe:/a:stafford.uklinux:libesmtp:0.5", "cpe:/a:stafford.uklinux:libesmtp:0.8.10", "cpe:/a:stafford.uklinux:libesmtp:0.8.1", "cpe:/a:stafford.uklinux:libesmtp:0.6", "cpe:/a:stafford.uklinux:libesmtp:0.8.0", "cpe:/a:stafford.uklinux:libesmtp:0.1", "cpe:/a:stafford.uklinux:libesmtp:0.8.2", "cpe:/a:stafford.uklinux:libesmtp:1.0.3", "cpe:/a:stafford.uklinux:libesmtp:0.8.5", "cpe:/a:stafford.uklinux:libesmtp:0.8.12", "cpe:/a:stafford.uklinux:libesmtp:0.2", "cpe:/a:stafford.uklinux:libesmtp:0.7.0", "cpe:/a:stafford.uklinux:libesmtp:0.8.6", "cpe:/a:stafford.uklinux:libesmtp:0.7.1", "cpe:/a:stafford.uklinux:libesmtp:1.0.2"], "id": "CVE-2010-1192", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1192", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:stafford.uklinux:libesmtp:0.2:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.12:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.10:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.11:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.6:a:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.5:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.1:a:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.1:-:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.10:p1:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.3:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.4:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:stafford.uklinux:libesmtp:0.6:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-04-27T19:23:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2010-1192"], "description": "This host has libESMTP installed and is prone to multiple\n vulnerabilities.", "modified": "2020-04-23T00:00:00", "published": "2010-04-06T00:00:00", "id": "OPENVAS:1361412562310800497", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800497", "type": "openvas", "title": "libESMTP <= 1.0.4 Multiple Vulnerabilities", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# libESMTP multiple vulnerabilities\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:stafford.uklinux:libesmtp\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800497\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_cve_id(\"CVE-2010-1194\", \"CVE-2010-1192\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-04-06 08:47:09 +0200 (Tue, 06 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"libESMTP <= 1.0.4 Multiple Vulnerabilities\");\n\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=571817\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/03/09/3\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2010/03/03/6\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/attachment.cgi?id=399131&action=edit\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_libesmtp_detect.nasl\");\n script_mandatory_keys(\"libesmtp/detected\");\n\n script_tag(name:\"impact\", value:\"Attackers can exploit this issue to conduct man-in-the-middle attacks to\n spoof arbitrary SSL servers and to spoof trusted certificates.\");\n\n script_tag(name:\"affected\", value:\"libESMTP version 1.0.4 and prior.\");\n\n script_tag(name:\"solution\", value:\"Apply the update/patch from the references.\");\n\n script_tag(name:\"summary\", value:\"This host has libESMTP installed and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - An error in 'match_component()' function in 'smtp-tls.c' when processing\n substrings. It treats two strings as equal if one is a substring of the\n other, which allows attackers to spoof trusted certificates via a crafted\n subjectAltName.\n\n - An error in handling of 'X.509 certificate'. It does not properly\n handle a '&qt?&qt' character in a domain name in the 'subject&qts Common Name'\n field of an X.509 certificate, which allows man-in-the-middle attackers to\n spoof arbitrary SSL servers via a crafted certificate.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif(version_is_less_equal(version:version, test_version:\"1.0.4\")) {\n report = report_fixed_ver(installed_version:version, fixed_version:\"See references\", install_path:location, vulnerable_range:\"Less than or equal to 1.0.4\");\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:53:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2009-2408", "CVE-2010-1192"], "description": "Check for the Version of libesmtp", "modified": "2017-12-29T00:00:00", "published": "2010-10-19T00:00:00", "id": "OPENVAS:1361412562310831195", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831195", "type": "openvas", "title": "Mandriva Update for libesmtp MDVSA-2010:195 (libesmtp)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libesmtp MDVSA-2010:195 (libesmtp)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in libesmtp:\n\n libESMTP, probably 1.0.4 and earlier, does not properly handle a \\'\\0\\'\n (NUL) character in a domain name in the subject's Common Name (CN)\n field of an X.509 certificate, which allows man-in-the-middle attackers\n to spoof arbitrary SSL servers via a crafted certificate issued by a\n legitimate Certification Authority, a related issue to CVE-2009-2408\n (CVE-2010-1192).\n \n The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and\n possibly other versions including 1.0.4, treats two strings as equal if\n one is a substring of the other, which allows remote attackers to spoof\n trusted certificates via a crafted subjectAltName (CVE-2010-1194).\n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"libesmtp on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-10/msg00007.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831195\");\n script_version(\"$Revision: 8258 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 08:28:57 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-19 15:54:15 +0200 (Tue, 19 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:195\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2010-1192\", \"CVE-2010-1194\");\n script_name(\"Mandriva Update for libesmtp MDVSA-2010:195 (libesmtp)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libesmtp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp5-devel\", rpm:\"libesmtp5-devel~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5-devel\", rpm:\"lib64esmtp5-devel~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2009-2408", "CVE-2010-1192"], "description": "Check for the Version of libesmtp", "modified": "2017-12-14T00:00:00", "published": "2010-10-19T00:00:00", "id": "OPENVAS:831195", "href": "http://plugins.openvas.org/nasl.php?oid=831195", "type": "openvas", "title": "Mandriva Update for libesmtp MDVSA-2010:195 (libesmtp)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libesmtp MDVSA-2010:195 (libesmtp)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in libesmtp:\n\n libESMTP, probably 1.0.4 and earlier, does not properly handle a \\'\\0\\'\n (NUL) character in a domain name in the subject's Common Name (CN)\n field of an X.509 certificate, which allows man-in-the-middle attackers\n to spoof arbitrary SSL servers via a crafted certificate issued by a\n legitimate Certification Authority, a related issue to CVE-2009-2408\n (CVE-2010-1192).\n \n The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and\n possibly other versions including 1.0.4, treats two strings as equal if\n one is a substring of the other, which allows remote attackers to spoof\n trusted certificates via a crafted subjectAltName (CVE-2010-1194).\n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"libesmtp on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-10/msg00007.php\");\n script_id(831195);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-19 15:54:15 +0200 (Tue, 19 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:195\");\n script_cve_id(\"CVE-2009-2408\", \"CVE-2010-1192\", \"CVE-2010-1194\");\n script_name(\"Mandriva Update for libesmtp MDVSA-2010:195 (libesmtp)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libesmtp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp5-devel\", rpm:\"libesmtp5-devel~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5-devel\", rpm:\"lib64esmtp5-devel~1.0.4~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~5.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~8.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libesmtp5\", rpm:\"libesmtp5~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp-devel\", rpm:\"libesmtp-devel~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libesmtp\", rpm:\"libesmtp~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp5\", rpm:\"lib64esmtp5~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64esmtp-devel\", rpm:\"lib64esmtp-devel~1.0.4~6.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:38", "bulletinFamily": "software", "cvelist": ["CVE-2010-1194", "CVE-2010-1192"], "description": "It's possible to spoof certificate by different ways.", "edition": 1, "modified": "2010-10-08T00:00:00", "published": "2010-10-08T00:00:00", "id": "SECURITYVULNS:VULN:11184", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11184", "title": "libESMTP SSL vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:37", "bulletinFamily": "software", "cvelist": ["CVE-2010-1194", "CVE-2009-2408", "CVE-2010-1192"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:195\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : libesmtp\r\n Date : October 4, 2010\r\n Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,\r\n Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in libesmtp:\r\n \r\n libESMTP, probably 1.0.4 and earlier, does not properly handle a \'\0\'\r\n (NUL) character in a domain name in the subject's Common Name (CN)\r\n field of an X.509 certificate, which allows man-in-the-middle attackers\r\n to spoof arbitrary SSL servers via a crafted certificate issued by a\r\n legitimate Certification Authority, a related issue to CVE-2009-2408\r\n (CVE-2010-1192).\r\n \r\n The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and\r\n possibly other versions including 1.0.4, treats two strings as equal if\r\n one is a substring of the other, which allows remote attackers to spoof\r\n trusted certificates via a crafted subjectAltName (CVE-2010-1194).\r\n \r\n Packages for 2008.0 and 2009.0 are provided as of the Extended\r\n Maintenance Program. Please visit this link to learn more:\r\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\r\n \r\n The updated packages have been patched to correct these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1192\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1194\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.0:\r\n d5d325c2a9394b23714c60c230146162 2008.0/i586/libesmtp5-1.0.4-1.1mdv2008.0.i586.rpm\r\n 01e2b2aee7b00bb2c1c63628750ce61a 2008.0/i586/libesmtp5-devel-1.0.4-1.1mdv2008.0.i586.rpm \r\n 66721fe590c7b76c26b7f167d3b8d4a4 2008.0/SRPMS/libesmtp-1.0.4-1.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n 7f9003c599ceef90b25d7f0582515a66 2008.0/x86_64/lib64esmtp5-1.0.4-1.1mdv2008.0.x86_64.rpm\r\n 530085f77adcd0dec9e3fb154b0c8c2b 2008.0/x86_64/lib64esmtp5-devel-1.0.4-1.1mdv2008.0.x86_64.rpm \r\n 66721fe590c7b76c26b7f167d3b8d4a4 2008.0/SRPMS/libesmtp-1.0.4-1.1mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n 43e4795d0259c57eefd34d9662b1182d 2009.0/i586/libesmtp5-1.0.4-4.1mdv2009.0.i586.rpm\r\n f1436a52a7ffcc8f38b2d6617e8324eb 2009.0/i586/libesmtp-devel-1.0.4-4.1mdv2009.0.i586.rpm \r\n 2405545e5e3e9cf3a60b0edbbafc61b9 2009.0/SRPMS/libesmtp-1.0.4-4.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 85583d41d8b45be05d893af5756ec8d2 2009.0/x86_64/lib64esmtp5-1.0.4-4.1mdv2009.0.x86_64.rpm\r\n 2c9cfdf87cd3d1e91792d7e9d4dbdc80 2009.0/x86_64/lib64esmtp-devel-1.0.4-4.1mdv2009.0.x86_64.rpm \r\n 2405545e5e3e9cf3a60b0edbbafc61b9 2009.0/SRPMS/libesmtp-1.0.4-4.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n fbbae5b5574e8e014253cb5d1f5cfca0 2009.1/i586/libesmtp5-1.0.4-5.1mdv2009.1.i586.rpm\r\n 6e08c2b25ea7200bba7a22e2ba7e2bfa 2009.1/i586/libesmtp-devel-1.0.4-5.1mdv2009.1.i586.rpm \r\n f2d40725974760c629e0bb296176f1ec 2009.1/SRPMS/libesmtp-1.0.4-5.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n ee3ff7a9b146f55eccaaefeb966eb473 2009.1/x86_64/lib64esmtp5-1.0.4-5.1mdv2009.1.x86_64.rpm\r\n fd3300fcc6a99b084b5fc5cb69478feb 2009.1/x86_64/lib64esmtp-devel-1.0.4-5.1mdv2009.1.x86_64.rpm \r\n f2d40725974760c629e0bb296176f1ec 2009.1/SRPMS/libesmtp-1.0.4-5.1mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n 4e992cfb253ac51c72ff420d2862fe35 2010.0/i586/libesmtp5-1.0.4-6.1mdv2010.0.i586.rpm\r\n fdccc3a0c98049bb236eeecd7869e666 2010.0/i586/libesmtp-devel-1.0.4-6.1mdv2010.0.i586.rpm \r\n 5047b7270f09adffaf5202df4ec4e2cd 2010.0/SRPMS/libesmtp-1.0.4-6.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n e3dc2c0ced2c25f3ac5ae63931a7f67e 2010.0/x86_64/lib64esmtp5-1.0.4-6.1mdv2010.0.x86_64.rpm\r\n 4e1ac4edd11f17dc1e3607be87984077 2010.0/x86_64/lib64esmtp-devel-1.0.4-6.1mdv2010.0.x86_64.rpm \r\n 5047b7270f09adffaf5202df4ec4e2cd 2010.0/SRPMS/libesmtp-1.0.4-6.1mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.1:\r\n 5499b0406f43651b5fffd6b5223c0d38 2010.1/i586/libesmtp5-1.0.4-8.1mdv2010.1.i586.rpm\r\n 169b22760527862bf65d074179112ac3 2010.1/i586/libesmtp-devel-1.0.4-8.1mdv2010.1.i586.rpm \r\n 06903188f0a5201dd2288cc1126a499f 2010.1/SRPMS/libesmtp-1.0.4-8.1mdv2010.1.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n da58a753b506123906c752350ee79168 2010.1/x86_64/lib64esmtp5-1.0.4-8.1mdv2010.1.x86_64.rpm\r\n b9b453aecbaa9740e5b2aaf0538975e5 2010.1/x86_64/lib64esmtp-devel-1.0.4-8.1mdv2010.1.x86_64.rpm \r\n 06903188f0a5201dd2288cc1126a499f 2010.1/SRPMS/libesmtp-1.0.4-8.1mdv2010.1.src.rpm\r\n\r\n Corporate 4.0:\r\n 7b2868bc2a7a58d921126c333c6862b1 corporate/4.0/i586/libesmtp5-1.0.4-0.1.20060mlcs4.i586.rpm\r\n febd67c3c2c68d8798c17cadfc3c79a8 corporate/4.0/i586/libesmtp5-devel-1.0.4-0.1.20060mlcs4.i586.rpm \r\n f2dbeb8bec24531e717b72608b8d5659 corporate/4.0/SRPMS/libesmtp-1.0.4-0.1.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n b0f3670dc01c62ea4f100ad41c4d9fc3 corporate/4.0/x86_64/lib64esmtp5-1.0.4-0.1.20060mlcs4.x86_64.rpm\r\n 065c29c3aa0a708c11602bf7ef029782 corporate/4.0/x86_64/lib64esmtp5-devel-1.0.4-0.1.20060mlcs4.x86_64.rpm \r\n f2dbeb8bec24531e717b72608b8d5659 corporate/4.0/SRPMS/libesmtp-1.0.4-0.1.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 700aaa77ad5f282e2df2049bd7132fe2 mes5/i586/libesmtp5-1.0.4-4.1mdvmes5.1.i586.rpm\r\n 71c70f199708b4e5e9a91dae8e2d680d mes5/i586/libesmtp-devel-1.0.4-4.1mdvmes5.1.i586.rpm \r\n 102df9e6ed4321d9580911c5806be92f mes5/SRPMS/libesmtp-1.0.4-4.1mdvmes5.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 403dbe77fd8e01c679ed8113f31068f6 mes5/x86_64/lib64esmtp5-1.0.4-4.1mdvmes5.1.x86_64.rpm\r\n 3a55f65b981f961081dc5087fc9ca365 mes5/x86_64/lib64esmtp-devel-1.0.4-4.1mdvmes5.1.x86_64.rpm \r\n 102df9e6ed4321d9580911c5806be92f mes5/SRPMS/libesmtp-1.0.4-4.1mdvmes5.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFMqgIUmqjQ0CJFipgRAmO1AJ9fqHxQIlI79RjLKU8EF6MhZpActgCfYp1R\r\nJQNl8vzOizgg7PXXnfrbOms=\r\n=MxHz\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2010-10-08T00:00:00", "published": "2010-10-08T00:00:00", "id": "SECURITYVULNS:DOC:24857", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24857", "title": "[ MDVSA-2010:195 ] libesmtp", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-17T14:13:13", "description": "libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192 /\nCVE-2010-1194). This has been fixed.", "edition": 23, "published": "2010-12-02T00:00:00", "title": "SuSE 11 Security Update : libesmtp (SAT Patch Number 2390)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2010-1192"], "modified": "2010-12-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:libesmtp"], "id": "SUSE_11_LIBESMTP-100430.NASL", "href": "https://www.tenable.com/plugins/nessus/50929", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50929);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1192\", \"CVE-2010-1194\");\n\n script_name(english:\"SuSE 11 Security Update : libesmtp (SAT Patch Number 2390)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192 /\nCVE-2010-1194). This has been fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=585393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1194.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 2390.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libesmtp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libesmtp-1.0.4-157.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:03:29", "description": "libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192,\nCVE-2010-1194).", "edition": 24, "published": "2010-05-07T00:00:00", "title": "openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2010-1192"], "modified": "2010-05-07T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:libesmtp", "p-cpe:/a:novell:opensuse:libesmtp-devel"], "id": "SUSE_11_0_LIBESMTP-100430.NASL", "href": "https://www.tenable.com/plugins/nessus/46249", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libesmtp-2389.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46249);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1192\", \"CVE-2010-1194\");\n\n script_name(english:\"openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)\");\n script_summary(english:\"Check for the libesmtp-2389 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192,\nCVE-2010-1194).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=585393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00009.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libesmtp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libesmtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libesmtp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libesmtp-1.0.4-142.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libesmtp-devel-1.0.4-142.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libesmtp / libesmtp-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:04:46", "description": "libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192,\nCVE-2010-1194).", "edition": 24, "published": "2010-05-07T00:00:00", "title": "openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2010-1192"], "modified": "2010-05-07T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libesmtp", "p-cpe:/a:novell:opensuse:libesmtp-devel"], "id": "SUSE_11_1_LIBESMTP-100430.NASL", "href": "https://www.tenable.com/plugins/nessus/46250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libesmtp-2389.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46250);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1192\", \"CVE-2010-1194\");\n\n script_name(english:\"openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)\");\n script_summary(english:\"Check for the libesmtp-2389 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192,\nCVE-2010-1194).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=585393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00009.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libesmtp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libesmtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libesmtp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libesmtp-1.0.4-157.35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libesmtp-devel-1.0.4-157.35.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libesmtp / libesmtp-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:06:03", "description": "libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192,\nCVE-2010-1194).", "edition": 24, "published": "2010-05-07T00:00:00", "title": "openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2010-1192"], "modified": "2010-05-07T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:libesmtp", "p-cpe:/a:novell:opensuse:libesmtp-devel"], "id": "SUSE_11_2_LIBESMTP-100430.NASL", "href": "https://www.tenable.com/plugins/nessus/46251", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libesmtp-2389.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46251);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1192\", \"CVE-2010-1194\");\n\n script_name(english:\"openSUSE Security Update : libesmtp (openSUSE-SU-2010:0220-1)\");\n script_summary(english:\"Check for the libesmtp-2389 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libesmtp did not properly handle wildcards and embedded null\ncharacters in the Common Name of X.509 certificates (CVE-2010-1192,\nCVE-2010-1194).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=585393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-05/msg00009.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libesmtp packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libesmtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libesmtp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/05/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libesmtp-1.0.4-158.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libesmtp-devel-1.0.4-158.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libesmtp / libesmtp-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:52:49", "description": "Multiple vulnerabilities has been found and corrected in libesmtp :\n\nlibESMTP, probably 1.0.4 and earlier, does not properly handle a\n\\'\\0\\' (NUL) character in a domain name in the subject's Common Name\n(CN) field of an X.509 certificate, which allows man-in-the-middle\nattackers to spoof arbitrary SSL servers via a crafted certificate\nissued by a legitimate Certification Authority, a related issue to\nCVE-2009-2408 (CVE-2010-1192).\n\nThe match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and\npossibly other versions including 1.0.4, treats two strings as equal\nif one is a substring of the other, which allows remote attackers to\nspoof trusted certificates via a crafted subjectAltName\n(CVE-2010-1194).\n\nPackages for 2008.0 and 2009.0 are provided as of the Extended\nMaintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4\n90\n\nThe updated packages have been patched to correct these issues.", "edition": 25, "published": "2010-10-06T00:00:00", "title": "Mandriva Linux Security Advisory : libesmtp (MDVSA-2010:195)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1194", "CVE-2009-2408", "CVE-2010-1192"], "modified": "2010-10-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libesmtp5-devel", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:lib64esmtp5", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:lib64esmtp5-devel", "cpe:/o:mandriva:linux:2009.1", "p-cpe:/a:mandriva:linux:libesmtp5", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:lib64esmtp-devel", "p-cpe:/a:mandriva:linux:libesmtp-devel"], "id": "MANDRIVA_MDVSA-2010-195.NASL", "href": "https://www.tenable.com/plugins/nessus/49742", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:195. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49742);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1192\", \"CVE-2010-1194\");\n script_bugtraq_id(38528, 38538);\n script_xref(name:\"MDVSA\", value:\"2010:195\");\n\n script_name(english:\"Mandriva Linux Security Advisory : libesmtp (MDVSA-2010:195)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in libesmtp :\n\nlibESMTP, probably 1.0.4 and earlier, does not properly handle a\n\\'\\0\\' (NUL) character in a domain name in the subject's Common Name\n(CN) field of an X.509 certificate, which allows man-in-the-middle\nattackers to spoof arbitrary SSL servers via a crafted certificate\nissued by a legitimate Certification Authority, a related issue to\nCVE-2009-2408 (CVE-2010-1192).\n\nThe match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and\npossibly other versions including 1.0.4, treats two strings as equal\nif one is a substring of the other, which allows remote attackers to\nspoof trusted certificates via a crafted subjectAltName\n(CVE-2010-1194).\n\nPackages for 2008.0 and 2009.0 are provided as of the Extended\nMaintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4\n90\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64esmtp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64esmtp5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64esmtp5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libesmtp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libesmtp5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libesmtp5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64esmtp5-1.0.4-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64esmtp5-devel-1.0.4-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libesmtp5-1.0.4-1.1mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libesmtp5-devel-1.0.4-1.1mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64esmtp-devel-1.0.4-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64esmtp5-1.0.4-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libesmtp-devel-1.0.4-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libesmtp5-1.0.4-4.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64esmtp-devel-1.0.4-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64esmtp5-1.0.4-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libesmtp-devel-1.0.4-5.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libesmtp5-1.0.4-5.1mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64esmtp-devel-1.0.4-6.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64esmtp5-1.0.4-6.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libesmtp-devel-1.0.4-6.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libesmtp5-1.0.4-6.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64esmtp-devel-1.0.4-8.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64esmtp5-1.0.4-8.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libesmtp-devel-1.0.4-8.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libesmtp5-1.0.4-8.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}