ID OSVDB:16960 Type osvdb Reporter OSVDB Modified 2005-05-29T06:05:08
Description
Solution Description
Upgrade to version 0.7.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
References:
Vendor URL: http://ettercap.sf.net/
Vendor Specific News/Changelog Entry: http://ettercap.sourceforge.net/history.php
Security Tracker: 1014084
Secunia Advisory ID:15664Secunia Advisory ID:16000Secunia Advisory ID:15535Secunia Advisory ID:16413
Other Advisory URL: http://www.debian.org/security/2005/dsa-749
Other Advisory URL: http://www.debian.org/security/2005/dsa-773
Other Advisory URL: http://security.gentoo.org/glsa/glsa-200506-07.xml
CVE-2005-1796
Bugtraq ID: 13820
{"enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2017-04-28T13:20:13", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-1796"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-773.NASL", "GENTOO_GLSA-200506-07.NASL", "DEBIAN_DSA-749.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:54321", "OPENVAS:54959"]}, {"type": "cert", "idList": ["VU:286468"]}, {"type": "gentoo", "idList": ["GLSA-200506-07"]}, {"type": "debian", "idList": ["DEBIAN:DSA-749-1:5AE22"]}], "modified": "2017-04-28T13:20:13", "rev": 2}, "vulnersScore": 6.4}, "bulletinFamily": "software", "affectedSoftware": [], "references": [], "href": "https://vulners.com/osvdb/OSVDB:16960", "id": "OSVDB:16960", "title": "ettercap curses_msg() Format String", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "lastseen": "2017-04-28T13:20:13", "edition": 1, "reporter": "OSVDB", "description": "## Solution Description\nUpgrade to version 0.7.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://ettercap.sf.net/\nVendor Specific News/Changelog Entry: http://ettercap.sourceforge.net/history.php\nSecurity Tracker: 1014084\n[Secunia Advisory ID:15664](https://secuniaresearch.flexerasoftware.com/advisories/15664/)\n[Secunia Advisory ID:16000](https://secuniaresearch.flexerasoftware.com/advisories/16000/)\n[Secunia Advisory ID:15535](https://secuniaresearch.flexerasoftware.com/advisories/15535/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\nOther Advisory URL: http://www.debian.org/security/2005/dsa-749\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200506-07.xml\n[CVE-2005-1796](https://vulners.com/cve/CVE-2005-1796)\nBugtraq ID: 13820\n", "modified": "2005-05-29T06:05:08", "viewCount": 8, "published": "2005-05-29T06:05:08", "cvelist": ["CVE-2005-1796"], "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T05:24:36", "description": "Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.", "edition": 6, "cvss3": {}, "published": "2005-05-31T04:00:00", "title": "CVE-2005-1796", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-1796"], "modified": "2011-03-08T02:22:00", "cpe": ["cpe:/a:ettercap:ettercap:0.7.2"], "id": "CVE-2005-1796", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1796", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:ettercap:ettercap:0.7.2:*:*:*:*:*:*:*"]}], "gentoo": [{"lastseen": "2016-09-06T19:46:52", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1796"], "description": "### Background\n\nEttercap is a suite of tools for content filtering, sniffing and man in the middle attacks on a LAN. \n\n### Description\n\nThe curses_msg function of Ettercap's Ncurses-based user interface insecurely implements formatted printing. \n\n### Impact\n\nA remote attacker could craft a malicious network flow that would result in executing arbitrary code with the rights of the user running the Ettercap tool, which is often root. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Ettercap users should upgrade to the latest available version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/ettercap-0.7.3\"", "edition": 1, "modified": "2005-06-11T00:00:00", "published": "2005-06-11T00:00:00", "id": "GLSA-200506-07", "href": "https://security.gentoo.org/glsa/200506-07", "type": "gentoo", "title": "Ettercap: Format string vulnerability", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:49:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1796"], "description": "The remote host is missing an update to ettercap\nannounced via advisory DSA 749-1.\n\nA vulnerability was discovered in the ettercap package which could allow\na remote attacker to execute arbitrary code on the system running\nettercap.\n\nThe old stable distribution (woody) did not include ettercap.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:54321", "href": "http://plugins.openvas.org/nasl.php?oid=54321", "type": "openvas", "title": "Debian Security Advisory DSA 749-1 (ettercap)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_749_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 749-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge), this problem has been fixed in\nversion 0.7.1-1sarge1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.7.3-1.\n\nWe recommend that you upgrade your ettercap package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20749-1\";\ntag_summary = \"The remote host is missing an update to ettercap\nannounced via advisory DSA 749-1.\n\nA vulnerability was discovered in the ettercap package which could allow\na remote attacker to execute arbitrary code on the system running\nettercap.\n\nThe old stable distribution (woody) did not include ettercap.\";\n\n\nif(description)\n{\n script_id(54321);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(13820);\n script_cve_id(\"CVE-2005-1796\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 749-1 (ettercap)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ettercap-gtk\", ver:\"0.7.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ettercap-common\", ver:\"0.7.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ettercap\", ver:\"0.7.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1796"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200506-07.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54959", "href": "http://plugins.openvas.org/nasl.php?oid=54959", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200506-07 (ettercap)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A format string vulnerability in Ettercap could allow a remote attacker to\nexecute arbitrary code.\";\ntag_solution = \"All Ettercap users should upgrade to the latest available version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/ettercap-0.7.3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200506-07\nhttp://bugs.gentoo.org/show_bug.cgi?id=94474\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200506-07.\";\n\n \n\nif(description)\n{\n script_id(54959);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(13820);\n script_cve_id(\"CVE-2005-1796\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200506-07 (ettercap)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-analyzer/ettercap\", unaffected: make_list(\"ge 0.7.3\"), vulnerable: make_list(\"lt 0.7.3\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2020-09-18T20:43:26", "bulletinFamily": "info", "cvelist": ["CVE-2005-1796"], "description": "### Overview \n\nEttercap has a format string vulnerability in the ncurses user interface.\n\n### Description \n\nEttercap is open-source software designed for man-in-the-middle attacks on LANs. Ettercap contains multiple user interfaces, including one written using ncurses, a library for manipulating text screens. In Ettercap v.NG-0.7.2, the ncurses user interface suffers from a format string defect. Previous versions may also be vulnerable.\n\n`curses_msg()` in `ec_curses.c` calls `wdg_scroll_print()`, which takes a format string and its parameters and passes it to `vw_printw()`. `curses_msg()` uses one of its parameters as the format string. This input can include user-data, allowing for a format string vulnerability. \n \n--- \n \n### Impact \n\nAccording to public reports, if Ettercap is running in ncurses mode, a malicious network packet can be constructed to execute arbitrary code. \n \n--- \n \n### Solution \n\nUpgrade to Ettercap v.NG-0.7.3 or later. \n \n--- \n \n### Vendor Information\n\n286468\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian __ Affected\n\nUpdated: July 11, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nAccording to [Debian Security Advisory DSA-749-1](<http://www.debian.org/security/2005/dsa-749>):\n\nThe old stable distribution (woody) did not include ettercap. \n \nFor the stable distribution (sarge), this problem has been fixed in \nversion 0.7.1-1sarge1. \n \nFor the unstable distribution (sid), this problem has been fixed in \nversion 0.7.3-1.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nWe have no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23286468 Feedback>).\n\n### Ettercap __ Affected\n\nUpdated: June 21, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe Ettercap maintainers have released v.NG-0.7.3 to address this issue:\n\n<http://ettercap.sourceforge.net/history.php>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23286468 Feedback>).\n\n### Gentoo __ Affected\n\nUpdated: June 21, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPer advisory [GLSA 200506-07 / ettercap](<http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml>):\n\nAll Ettercap users should upgrade to the latest available version: \n# `emerge --sync` \n# `emerge --ask --oneshot --verbose \">=net-analyzer/ettercap-0.7.3\"`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23286468 Feedback>).\n\n### FreeBSD __ Unknown\n\nUpdated: July 11, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nFreeBSD does not include Ettercap in the base system, but it is available in the \"ports\" collection.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23286468 Feedback>).\n\n### NetBSD __ Unknown\n\nUpdated: July 11, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nNetBSD does not include ettercap in the base collection, but it is available via the \"ports\" collection.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23286468 Feedback>).\n\n### OpenBSD __ Unknown\n\nUpdated: July 11, 2005 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nEttercap is not included in the base system, but it is available via the \"ports\" collection.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23286468 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://secunia.com/advisories/15535/>\n * <http://securitytracker.com/alerts/2005/May/1014084.html>\n * <http://ettercap.sourceforge.net/history.php>\n * <http://www.securityfocus.com/archive/1/402049>\n\n### Acknowledgements\n\nThis report was created based on information from Ettercap maintainers.\n\nThis document was written by Hal Burch.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2005-1796](<http://web.nvd.nist.gov/vuln/detail/CVE-2005-1796>) \n---|--- \n**Severity Metric:** | 8.11 \n**Date Public:** | 2005-05-31 \n**Date First Published:** | 2005-07-06 \n**Date Last Updated: ** | 2005-07-11 19:08 UTC \n**Document Revision: ** | 19 \n", "modified": "2005-07-11T19:08:00", "published": "2005-07-06T00:00:00", "id": "VU:286468", "href": "https://www.kb.cert.org/vuls/id/286468", "type": "cert", "title": "Ettercap contains a format string error in the \"curses_msg()\" function", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:14:31", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1796"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA 749-1 security@debian.org\nhttp://www.debian.org/security/ Michael Stone\nJuly 10, 2005 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : ettercap\nVulnerability : arbitrary code execution\nProblem type : format string error\nDebian-specific: no\nCVE Id(s) : CAN-2005-1796\n\nA vulnerability was discovered in the ettercap package which could allow\na remote attacker to execute arbitrary code on the system running\nettercap.\n\nThe old stable distribution (woody) did not include ettercap.\n\nFor the stable distribution (sarge), this problem has been fixed in\nversion 0.7.1-1sarge1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.7.3-1.\n\nWe recommend that you upgrade your ettercap package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 3.1 (sarge)\n- ------------------\n\n sarge was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1.orig.tar.gz\n Size/MD5 checksum: 1121758 f769039e0e967e9e09d0365fe358d683\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1.diff.gz\n Size/MD5 checksum: 4027 409603f119d07401bf7671b317e8ccef\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1.dsc\n Size/MD5 checksum: 746 12b96cbc18bdb3bd7b431efbbfa73c34\n\n alpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_alpha.deb\n Size/MD5 checksum: 262674 3360122f7ee141aa6f2d410f4f834933\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_alpha.deb\n Size/MD5 checksum: 318266 4b09b93eba161a30b2f6cd28c33d0f1d\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_alpha.deb\n Size/MD5 checksum: 221836 dbe0a871072bcd8d90318b271af1952b\n\n arm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_arm.deb\n Size/MD5 checksum: 202390 6feb651f0b27a18e36612804388356e8\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_arm.deb\n Size/MD5 checksum: 288022 062a0e8b4fdc2985a5bf9f5a0bc14fc4\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_arm.deb\n Size/MD5 checksum: 169426 b08226c852071b61b66c16fd012412ec\n\n hppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_hppa.deb\n Size/MD5 checksum: 304744 59be8a0479f3b0c9512e5193865c6bc2\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_hppa.deb\n Size/MD5 checksum: 227462 c364ecfec15360338b93176d45d759f3\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_hppa.deb\n Size/MD5 checksum: 190422 abbb689c039c829ab4358c4983c96c96\n\n i386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_i386.deb\n Size/MD5 checksum: 208398 91059e61c393851e8edb3b841450b46d\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_i386.deb\n Size/MD5 checksum: 286292 be3fff62821300e02ee004deb7a3bf91\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_i386.deb\n Size/MD5 checksum: 173010 cba1a300d2d2add3c7c8720c287a7d10\n\n ia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_ia64.deb\n Size/MD5 checksum: 331966 f316f4df7dfc6ea666288f7aa1ef955b\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_ia64.deb\n Size/MD5 checksum: 256862 64f34b09f95832daa6de66f4e5a9be0b\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_ia64.deb\n Size/MD5 checksum: 304328 6781371e63adcedd74db7a9435f77a64\n\n m68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_m68k.deb\n Size/MD5 checksum: 153950 310081b9ca119d2ce58c4cc779ea93c9\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_m68k.deb\n Size/MD5 checksum: 182234 6cea01aa78d8ab57b7365bcf1977f26a\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_m68k.deb\n Size/MD5 checksum: 284704 9fb2cbc636754bc116bb92136cd662c2\n\n mips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_mips.deb\n Size/MD5 checksum: 180014 430dad7d762ab3d21ffdf5452d038a6f\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_mips.deb\n Size/MD5 checksum: 296628 9dceaed8c2623ddb45a82b95f3c44480\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_mips.deb\n Size/MD5 checksum: 210476 53c398ef40193a1fc5eede9f8b6d5e76\n\n mipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_mipsel.deb\n Size/MD5 checksum: 298032 f599e9ca6ecf52622ccfcb3ac6f20bf3\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_mipsel.deb\n Size/MD5 checksum: 182216 1ea0f7044b6b65c56b0d7ebd23842705\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_mipsel.deb\n Size/MD5 checksum: 212338 c8e0734ab8090a77c84d63b57086dc06\n\n powerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_powerpc.deb\n Size/MD5 checksum: 322336 e7ab6f5e567b2cc271f180cb16f70476\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_powerpc.deb\n Size/MD5 checksum: 179370 b1f750e38e742030932ab076d4e62eac\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_powerpc.deb\n Size/MD5 checksum: 212186 96860165bf4e4e796eeaaea7d8ea4e51\n\n s390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_s390.deb\n Size/MD5 checksum: 296358 e2d6fac489aaca1da105b103dcf3c84c\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_s390.deb\n Size/MD5 checksum: 183506 d181a9d198e471ad6634c9b7b3fb6b18\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_s390.deb\n Size/MD5 checksum: 216164 f480772db37197c2ed364b61185e90f6\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_sparc.deb\n Size/MD5 checksum: 289156 f3de4592a6ec6678c36499fe6ed59915\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_sparc.deb\n Size/MD5 checksum: 169062 880af57dc7c562dbd0a668878115b5f4\n http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_sparc.deb\n Size/MD5 checksum: 201582 08f5653424161a44534bb0c5346cab53\n\n- -------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 9, "modified": "2005-07-10T00:00:00", "published": "2005-07-10T00:00:00", "id": "DEBIAN:DSA-749-1:5AE22", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00134.html", "title": "[SECURITY] [DSA 749-1] New ettercap packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-06T10:03:22", "description": "A vulnerability was discovered in the ettercap package which could\nallow a remote attacker to execute arbitrary code on the system\nrunning ettercap.\n\nThe old stable distribution (woody) did not include ettercap.", "edition": 25, "published": "2005-07-11T00:00:00", "title": "Debian DSA-749-1 : ettercap - format string error", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1796"], "modified": "2005-07-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ettercap", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-749.NASL", "href": "https://www.tenable.com/plugins/nessus/18664", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-749. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18664);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-1796\");\n script_xref(name:\"DSA\", value:\"749\");\n\n script_name(english:\"Debian DSA-749-1 : ettercap - format string error\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered in the ettercap package which could\nallow a remote attacker to execute arbitrary code on the system\nrunning ettercap.\n\nThe old stable distribution (woody) did not include ettercap.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-749\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ettercap package.\n\nFor the stable distribution (sarge), this problem has been fixed in\nversion 0.7.1-1sarge1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/11\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"ettercap\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-common\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-gtk\", reference:\"0.7.1-1sarge1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:51:57", "description": "The remote host is affected by the vulnerability described in GLSA-200506-07\n(Ettercap: Format string vulnerability)\n\n The curses_msg function of Ettercap's Ncurses-based user interface\n insecurely implements formatted printing.\n \nImpact :\n\n A remote attacker could craft a malicious network flow that would\n result in executing arbitrary code with the rights of the user running\n the Ettercap tool, which is often root.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2005-06-11T00:00:00", "title": "GLSA-200506-07 : Ettercap: Format string vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1796"], "modified": "2005-06-11T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:ettercap"], "id": "GENTOO_GLSA-200506-07.NASL", "href": "https://www.tenable.com/plugins/nessus/18464", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200506-07.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18464);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-1796\");\n script_xref(name:\"GLSA\", value:\"200506-07\");\n\n script_name(english:\"GLSA-200506-07 : Ettercap: Format string vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200506-07\n(Ettercap: Format string vulnerability)\n\n The curses_msg function of Ettercap's Ncurses-based user interface\n insecurely implements formatted printing.\n \nImpact :\n\n A remote attacker could craft a malicious network flow that would\n result in executing arbitrary code with the rights of the user running\n the Ettercap tool, which is often root.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200506-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Ettercap users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/ettercap-0.7.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/06/11\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/ettercap\", unaffected:make_list(\"ge 0.7.3\"), vulnerable:make_list(\"lt 0.7.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ettercap\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:03:25", "description": "This advisory adds security support for the stable amd64 distribution.\nIt covers all security updates since the release of sarge, which were\nmissing updated packages for the not yet official amd64 port. Future\nsecurity advisories will include updates for this port as well.", "edition": 25, "published": "2012-01-12T00:00:00", "title": "Debian DSA-773-1 : amd64 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1266", "CVE-2005-1922", "CVE-2005-2070", "CVE-2005-2277", "CVE-2005-1852", "CVE-2005-1858", "CVE-2005-2301", "CVE-2005-1849", "CVE-2005-1152", "CVE-2005-1923", "CVE-2005-1689", "CVE-2005-1934", "CVE-2005-1914", "CVE-2005-2231", "CVE-2005-1546", "CVE-2005-1174", "CVE-2005-2056", "CVE-2005-1848", "CVE-2005-0469", "CVE-2005-2024", "CVE-2005-1850", "CVE-2005-1545", "CVE-2005-0753", "CVE-2005-1269", "CVE-2005-1796", "CVE-2005-1916", "CVE-2005-2040", "CVE-2005-1151", "CVE-2005-2302", "CVE-2005-2370", "CVE-2005-1992", "CVE-2005-2096", "CVE-2005-1686", "CVE-2005-1993", "CVE-2005-1175", "CVE-2005-0393", "CVE-2005-1851", "CVE-2005-0392", "CVE-2005-2250", "CVE-2005-1853"], "modified": "2012-01-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:several", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-773.NASL", "href": "https://www.tenable.com/plugins/nessus/57528", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-773. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57528);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-0392\", \"CVE-2005-0393\", \"CVE-2005-0469\", \"CVE-2005-0753\", \"CVE-2005-1151\", \"CVE-2005-1152\", \"CVE-2005-1174\", \"CVE-2005-1175\", \"CVE-2005-1266\", \"CVE-2005-1269\", \"CVE-2005-1545\", \"CVE-2005-1546\", \"CVE-2005-1686\", \"CVE-2005-1689\", \"CVE-2005-1796\", \"CVE-2005-1848\", \"CVE-2005-1849\", \"CVE-2005-1850\", \"CVE-2005-1851\", \"CVE-2005-1852\", \"CVE-2005-1853\", \"CVE-2005-1858\", \"CVE-2005-1914\", \"CVE-2005-1916\", \"CVE-2005-1922\", \"CVE-2005-1923\", \"CVE-2005-1934\", \"CVE-2005-1992\", \"CVE-2005-1993\", \"CVE-2005-2024\", \"CVE-2005-2040\", \"CVE-2005-2056\", \"CVE-2005-2070\", \"CVE-2005-2096\", \"CVE-2005-2231\", \"CVE-2005-2250\", \"CVE-2005-2277\", \"CVE-2005-2301\", \"CVE-2005-2302\", \"CVE-2005-2370\");\n script_xref(name:\"DSA\", value:\"773\");\n\n script_name(english:\"Debian DSA-773-1 : amd64 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory adds security support for the stable amd64 distribution.\nIt covers all security updates since the release of sarge, which were\nmissing updated packages for the not yet official amd64 port. Future\nsecurity advisories will include updates for this port as well.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-773\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected several package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:several\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"affix\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-common\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-fribidi\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-utf8\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-daemon\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-freshclam\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-milter\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"crip\", reference:\"3.5-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"cvs\", reference:\"1.11.1p1debian-11\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"dhcpcd\", reference:\"1.3.22pl4-21sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ekg\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-common\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-gtk\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"fuse-utils\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim-dev\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gedit\", reference:\"2.8.3-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gopher\", reference:\"3.0.7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heartbeat\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heartbeat-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-dev\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-kdc\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ht\", reference:\"0.8.0-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-admin-server\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-clients\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-ftpd\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-kdc\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-rsh-server\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-telnetd\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-user\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libaffix-dev\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libaffix2\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libasn1-6-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav-dev\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav1\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libdbm-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libfuse-dev\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libfuse2\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgadu-dev\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgadu3\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgdbm-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgssapi1-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libhdb7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm55\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5clnt4-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5srv7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkafs0-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-17-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-dev\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb53\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libopenssl-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libpils-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libpils0\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libreadline-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libruby1.8-dbg\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libstonith-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libstonith0\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libtcltk-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-geo\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-ldap\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-mysql\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-pgsql\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-pipe\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-sqlite\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-recursor\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-server\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-dev\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-tcltk\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-x11\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper\", reference:\"4.0.5-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper-drac\", reference:\"4.0.5-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"razor\", reference:\"2.670-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ruby1.8-dev\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"spamc\", reference:\"3.0.3-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"stonith\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"sudo\", reference:\"1.6.8p7-1.1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib-bin\", reference:\"1.2.2-4.sarge.2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib1g\", reference:\"1.2.2-4.sarge.2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib1g-dev\", reference:\"1.2.2-4.sarge.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
