[Full-disclosure] [SECURITY] [DSA 960-1] New libmail-audit-perl packages fix insecure temporary file use
2006-01-31T00:00:00
ID SECURITYVULNS:DOC:11242 Type securityvulns Reporter Securityvulns Modified 2006-01-31T00:00:00
Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Debian Security Advisory DSA 960-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 31st, 2006 http://www.debian.org/security/faq
Package : libmail-audit-perl
Vulnerability : insecure temporay file createion
Problem type : local
Debian-specific: no
CVE ID : CVE-2005-4536
Debian Bug : 344029
Niko Tyni discovered that the Mail::Audit module, a Perl library for
creating simple mail filters, logs to a temporary file with a
predictable filename in an insecure fashion when logging is turned on,
which is not the case by default.
For the old stable distribution (woody) these problems have been fixed in
version 2.0-4woody1.
For the stable distribution (sarge) these problems have been fixed in
version 2.1-5sarge1.
For the unstable distribution (sid) these problems have been fixed in
version 2.1-5sarge1.
We recommend that you upgrade your libmail-audit-perl package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
These files will probably be moved into the stable distribution on
its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
{"id": "SECURITYVULNS:DOC:11242", "bulletinFamily": "software", "title": "[Full-disclosure] [SECURITY] [DSA 960-1] New libmail-audit-perl packages fix insecure temporary file use", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 960-1 security@debian.org\r\nhttp://www.debian.org/security/ Martin Schulze\r\nJanuary 31st, 2006 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : libmail-audit-perl\r\nVulnerability : insecure temporay file createion\r\nProblem type : local\r\nDebian-specific: no\r\nCVE ID : CVE-2005-4536\r\nDebian Bug : 344029\r\n\r\nNiko Tyni discovered that the Mail::Audit module, a Perl library for\r\ncreating simple mail filters, logs to a temporary file with a\r\npredictable filename in an insecure fashion when logging is turned on,\r\nwhich is not the case by default.\r\n\r\nFor the old stable distribution (woody) these problems have been fixed in\r\nversion 2.0-4woody1.\r\n\r\nFor the stable distribution (sarge) these problems have been fixed in\r\nversion 2.1-5sarge1.\r\n\r\nFor the unstable distribution (sid) these problems have been fixed in\r\nversion 2.1-5sarge1.\r\n\r\nWe recommend that you upgrade your libmail-audit-perl package.\r\n\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.0 alias woody\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody1.dsc\r\n Size/MD5 checksum: 663 f1cc82dae98e2a7ae42e29e757797b41\r\n \r\nhttp://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody1.diff.gz\r\n Size/MD5 checksum: 5548 64f85349649a968db3493fa8ba27aea1\r\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0.orig.tar.gz\r\n Size/MD5 checksum: 12526 3bc6043611f0fabdd856498e25bd48f6\r\n\r\n Architecture independent components:\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody1_all.deb\r\n Size/MD5 checksum: 29446 d7e0e9264e08f04777eb05f543956498\r\n \r\nhttp://security.debian.org/pool/updates/main/libm/libmail-audit-perl/mail-audit-tools_2.0-4woody1_all.deb\r\n Size/MD5 checksum: 8840 f97415f72fcf1806b18e9e059ae5c6e0\r\n\r\n\r\nDebian GNU/Linux 3.1 alias sarge\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge1.dsc\r\n Size/MD5 checksum: 786 766a0a1d409fb6a55d0fd28cfeb9139d\r\n \r\nhttp://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge1.diff.gz\r\n Size/MD5 checksum: 4227 48ed975c7c87db86bcafde084cde94a5\r\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1.orig.tar.gz\r\n Size/MD5 checksum: 21669 b52b1142fa9ed7d847c531186f913ea6\r\n\r\n Architecture independent components:\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge1_all.deb\r\n Size/MD5 checksum: 41836 38128df51141ba4bd495f3d698629b52\r\n \r\nhttp://security.debian.org/pool/updates/main/libm/libmail-audit-perl/mail-audit-tools_2.1-5sarge1_all.deb\r\n Size/MD5 checksum: 12176 1d898a6a9f2a40cad0416d5b107df3bd\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.2 (GNU/Linux)\r\n\r\niD8DBQFD3ziMW5ql+IAeqTIRAhWbAJ9TIV09mVk/cctpxkCIeTqmFC8PrQCfTN3y\r\nm05zhJ1hxUem+gIZsybGOtw=\r\n=HCnP\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "published": "2006-01-31T00:00:00", "modified": "2006-01-31T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11242", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2005-4536"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:15", "edition": 1, "viewCount": 0, "enchantments": {"score": {"value": 5.4, "vector": "NONE", "modified": "2018-08-31T11:10:15", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-4536"]}, {"type": "osvdb", "idList": ["OSVDB:22814"]}, {"type": "debian", "idList": ["DEBIAN:DSA-960-3:FDB32", "DEBIAN:DSA-960-2:262BB", "DEBIAN:DSA-960-1:C9E73"]}, {"type": "openvas", "idList": ["OPENVAS:56219", "OPENVAS:56460", "OPENVAS:56218"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-960.NASL"]}], "modified": "2018-08-31T11:10:15", "rev": 2}, "vulnersScore": 5.4}, "affectedSoftware": []}
{"cve": [{"lastseen": "2021-02-02T05:24:40", "description": "Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.", "edition": 4, "cvss3": {}, "published": "2005-12-31T05:00:00", "title": "CVE-2005-4536", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-4536"], "modified": "2017-07-20T01:29:00", "cpe": ["cpe:/a:debian:libmail-audit-perl:2.1-5"], "id": "CVE-2005-4536", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4536", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:debian:libmail-audit-perl:2.1-5:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "cvelist": ["CVE-2005-4536"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344029\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-960)\n[Secunia Advisory ID:18652](https://secuniaresearch.flexerasoftware.com/advisories/18652/)\n[Secunia Advisory ID:18656](https://secuniaresearch.flexerasoftware.com/advisories/18656/)\nISS X-Force ID: 24380\nFrSIRT Advisory: ADV-2006-0378\n[CVE-2005-4536](https://vulners.com/cve/CVE-2005-4536)\nBugtraq ID: 16434\n", "modified": "2006-01-31T06:33:19", "published": "2006-01-31T06:33:19", "href": "https://vulners.com/osvdb/OSVDB:22814", "id": "OSVDB:22814", "type": "osvdb", "title": "Mail::Audit Log File Symlink Arbitrary File Overwrite", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-24T12:49:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-4536"], "description": "The remote host is missing an update to libmail-audit-perl\nannounced via advisory DSA 960-3.\n\nThe former update caused temporary files to be created in the current\nworking directory due to a wrong function argument. This update will\ncreate temporary files in the users home directory if HOME is set or\nin the common temporary directory otherwise, usually /tmp. For\ncompleteness below is a copy of the original advisory text:\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library\nfor creating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned\non, which is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody3.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56460", "href": "http://plugins.openvas.org/nasl.php?oid=56460", "type": "openvas", "title": "Debian Security Advisory DSA 960-3 (libmail-audit-perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_960_3.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 960-3\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 2.1-5sarge4.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.1-5.1.\n\nWe recommend that you upgrade your libmail-audit-perl package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20960-3\";\ntag_summary = \"The remote host is missing an update to libmail-audit-perl\nannounced via advisory DSA 960-3.\n\nThe former update caused temporary files to be created in the current\nworking directory due to a wrong function argument. This update will\ncreate temporary files in the users home directory if HOME is set or\nin the common temporary directory otherwise, usually /tmp. For\ncompleteness below is a copy of the original advisory text:\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library\nfor creating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned\non, which is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody3.\";\n\n\nif(description)\n{\n script_id(56460);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(16434);\n script_cve_id(\"CVE-2005-4536\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 960-3 (libmail-audit-perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmail-audit-perl\", ver:\"2.0-4woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mail-audit-tools\", ver:\"2.0-4woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmail-audit-perl\", ver:\"2.1-5sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mail-audit-tools\", ver:\"2.1-5sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-4536"], "description": "The remote host is missing an update to libmail-audit-perl\nannounced via advisory DSA 960-2.\n\nThis update only corrects the update for sarge, the version in woody is correct.\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library for\ncreating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned on,\nwhich is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56219", "href": "http://plugins.openvas.org/nasl.php?oid=56219", "type": "openvas", "title": "Debian Security Advisory DSA 960-2 (libmail-audit-perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_960_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 960-2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 2.1-5sarge2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.1-5.1.\n\nWe recommend that you upgrade your libmail-audit-perl package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20960-2\";\ntag_summary = \"The remote host is missing an update to libmail-audit-perl\nannounced via advisory DSA 960-2.\n\nThis update only corrects the update for sarge, the version in woody is correct.\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library for\ncreating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned on,\nwhich is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody1.\";\n\n\nif(description)\n{\n script_id(56219);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(16434);\n script_cve_id(\"CVE-2005-4536\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 960-2 (libmail-audit-perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmail-audit-perl\", ver:\"2.1-5sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mail-audit-tools\", ver:\"2.1-5sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-4536"], "description": "The remote host is missing an update to libmail-audit-perl\nannounced via advisory DSA 960-1.\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library for\ncreating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned on,\nwhich is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:56218", "href": "http://plugins.openvas.org/nasl.php?oid=56218", "type": "openvas", "title": "Debian Security Advisory DSA 960-1 (libmail-audit-perl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_960_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 960-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 2.1-5sarge1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.1-5sarge1.\n\nWe recommend that you upgrade your libmail-audit-perl package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20960-1\";\ntag_summary = \"The remote host is missing an update to libmail-audit-perl\nannounced via advisory DSA 960-1.\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library for\ncreating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned on,\nwhich is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody1.\";\n\n\nif(description)\n{\n script_id(56218);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(16434);\n script_cve_id(\"CVE-2005-4536\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 960-1 (libmail-audit-perl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmail-audit-perl\", ver:\"2.0-4woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mail-audit-tools\", ver:\"2.0-4woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmail-audit-perl\", ver:\"2.1-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mail-audit-tools\", ver:\"2.1-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2020-11-11T13:13:09", "bulletinFamily": "unix", "cvelist": ["CVE-2005-4536"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 960-2 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 31st, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libmail-audit-perl\nVulnerability : insecure temporay file createion\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2005-4536\nDebian Bug : 344029\n\nThis update only corrects the update for sarge, the version in woody is correct.\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library for\ncreating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned on,\nwhich is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody1.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.1-5sarge2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.1-5.1.\n\nWe recommend that you upgrade your libmail-audit-perl package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge2.dsc\n Size/MD5 checksum: 786 00abe0533af4fb16e3f65a5dda9ded34\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge2.diff.gz\n Size/MD5 checksum: 4266 4348a85b636a87503374874354eefdcd\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1.orig.tar.gz\n Size/MD5 checksum: 21669 b52b1142fa9ed7d847c531186f913ea6\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge2_all.deb\n Size/MD5 checksum: 41874 136f752ab91f2ce393f1c943d151c0e3\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/mail-audit-tools_2.1-5sarge2_all.deb\n Size/MD5 checksum: 12222 d3caeeef4e88540511c1fdb3ae3f8877\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2006-01-31T00:00:00", "published": "2006-01-31T00:00:00", "id": "DEBIAN:DSA-960-2:262BB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00037.html", "title": "[SECURITY] [DSA 960-2] New libmail-audit-perl packages fix insecure temporary file use", "type": "debian", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-11-11T13:29:48", "bulletinFamily": "unix", "cvelist": ["CVE-2005-4536"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 960-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 31st, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libmail-audit-perl\nVulnerability : insecure temporay file createion\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2005-4536\nDebian Bug : 344029\n\nNiko Tyni discovered that the Mail::Audit module, a Perl library for\ncreating simple mail filters, logs to a temporary file with a\npredictable filename in an insecure fashion when logging is turned on,\nwhich is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody1.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.1-5sarge1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.1-5sarge1.\n\nWe recommend that you upgrade your libmail-audit-perl package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody1.dsc\n Size/MD5 checksum: 663 f1cc82dae98e2a7ae42e29e757797b41\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody1.diff.gz\n Size/MD5 checksum: 5548 64f85349649a968db3493fa8ba27aea1\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0.orig.tar.gz\n Size/MD5 checksum: 12526 3bc6043611f0fabdd856498e25bd48f6\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody1_all.deb\n Size/MD5 checksum: 29446 d7e0e9264e08f04777eb05f543956498\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/mail-audit-tools_2.0-4woody1_all.deb\n Size/MD5 checksum: 8840 f97415f72fcf1806b18e9e059ae5c6e0\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge1.dsc\n Size/MD5 checksum: 786 766a0a1d409fb6a55d0fd28cfeb9139d\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge1.diff.gz\n Size/MD5 checksum: 4227 48ed975c7c87db86bcafde084cde94a5\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1.orig.tar.gz\n Size/MD5 checksum: 21669 b52b1142fa9ed7d847c531186f913ea6\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge1_all.deb\n Size/MD5 checksum: 41836 38128df51141ba4bd495f3d698629b52\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/mail-audit-tools_2.1-5sarge1_all.deb\n Size/MD5 checksum: 12176 1d898a6a9f2a40cad0416d5b107df3bd\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2006-01-31T00:00:00", "published": "2006-01-31T00:00:00", "id": "DEBIAN:DSA-960-1:C9E73", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00036.html", "title": "[SECURITY] [DSA 960-1] New libmail-audit-perl packages fix insecure temporary file use", "type": "debian", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-11-11T13:16:10", "bulletinFamily": "unix", "cvelist": ["CVE-2005-4536"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 960-3 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 20th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libmail-audit-perl\nVulnerability : insecure temporay file createion\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2005-4536\nDebian Bug : 344029\n\nThe former update caused temporary files to be created in the current\nworking directory due to a wrong function argument. This update will\ncreate temporary files in the users home directory if HOME is set or\nin the common temporary directory otherwise, usually /tmp. For\ncompleteness below is a copy of the original advisory text:\n\n Niko Tyni discovered that the Mail::Audit module, a Perl library\n for creating simple mail filters, logs to a temporary file with a\n predictable filename in an insecure fashion when logging is turned\n on, which is not the case by default.\n\nFor the old stable distribution (woody) these problems have been fixed in\nversion 2.0-4woody3.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.1-5sarge4.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.1-5.1.\n\nWe recommend that you upgrade your libmail-audit-perl package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody3.dsc\n Size/MD5 checksum: 665 62b652343a832093ba685dd9d3b18ab8\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody3.diff.gz\n Size/MD5 checksum: 6129 0b41c98f1bb290f6603aeb93729d3a30\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0.orig.tar.gz\n Size/MD5 checksum: 12526 3bc6043611f0fabdd856498e25bd48f6\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.0-4woody3_all.deb\n Size/MD5 checksum: 29620 444067ca6bd1319996aab95fa9390de0\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/mail-audit-tools_2.0-4woody3_all.deb\n Size/MD5 checksum: 8952 c984bed8ff43153a00a9f4b63069d2d7\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge4.dsc\n Size/MD5 checksum: 788 f313503b8ffc6df1cbd903666ca8a6fc\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge4.diff.gz\n Size/MD5 checksum: 4919 a3cff1ec8634add1753db93a6dccc402\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1.orig.tar.gz\n Size/MD5 checksum: 21669 b52b1142fa9ed7d847c531186f913ea6\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/libmail-audit-perl_2.1-5sarge4_all.deb\n Size/MD5 checksum: 42056 dd9859e1298376d1bde353fb33af4e72\n http://security.debian.org/pool/updates/main/libm/libmail-audit-perl/mail-audit-tools_2.1-5sarge4_all.deb\n Size/MD5 checksum: 12306 96515c877e6155fc4836d1b19674b28a\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2006-03-20T00:00:00", "published": "2006-03-20T00:00:00", "id": "DEBIAN:DSA-960-3:FDB32", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00089.html", "title": "[SECURITY] [DSA 960-3] New libmail-audit-perl packages fix insecure temporary file use", "type": "debian", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-06T10:03:48", "description": "The former update caused temporary files to be created in the current\nworking directory due to a wrong function argument. This update will\ncreate temporary files in the users home directory if HOME is set or\nin the common temporary directory otherwise, usually /tmp. For\ncompleteness below is a copy of the original advisory text :\n\n Niko Tyni discovered that the Mail::Audit module, a Perl library for\n creating simple mail filters, logs to a temporary file with a\n predictable filename in an insecure fashion when logging is turned\n on, which is not the case by default.", "edition": 25, "published": "2006-10-14T00:00:00", "title": "Debian DSA-960-3 : libmail-audit-perl - insecure temporary file creation", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-4536"], "modified": "2006-10-14T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libmail-audit-perl", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:debian:debian_linux:3.0"], "id": "DEBIAN_DSA-960.NASL", "href": "https://www.tenable.com/plugins/nessus/22826", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-960. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22826);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-4536\");\n script_xref(name:\"DSA\", value:\"960\");\n\n script_name(english:\"Debian DSA-960-3 : libmail-audit-perl - insecure temporary file creation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The former update caused temporary files to be created in the current\nworking directory due to a wrong function argument. This update will\ncreate temporary files in the users home directory if HOME is set or\nin the common temporary directory otherwise, usually /tmp. For\ncompleteness below is a copy of the original advisory text :\n\n Niko Tyni discovered that the Mail::Audit module, a Perl library for\n creating simple mail filters, logs to a temporary file with a\n predictable filename in an insecure fashion when logging is turned\n on, which is not the case by default.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-960\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libmail-audit-perl package.\n\nFor the old stable distribution (woody) these problems have been fixed\nin version 2.0-4woody3.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 2.1-5sarge4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmail-audit-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/01/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"libmail-audit-perl\", reference:\"2.0-4woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"mail-audit-tools\", reference:\"2.0-4woody3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libmail-audit-perl\", reference:\"2.1-5sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mail-audit-tools\", reference:\"2.1-5sarge4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}]}
