{"id": "SECURITYVULNS:VULN:4770", "bulletinFamily": "software", "title": "Multiple Merak Mail Server vulnerabilities", "description": "Unauthorized access, crossite scripting, etc.", "published": "2005-05-06T00:00:00", "modified": "2005-05-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:4770", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:8558"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:19", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "8f840e725d741e4f598a73dfddcf4bb3"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "2129dead0de3c8a02d5368397b39a62f"}, {"key": "href", "hash": "7ca113fa8cbf4ea0d31a40c7102b7d5e"}, {"key": "modified", "hash": "928e5e6fdba24133019557a524338488"}, {"key": "published", "hash": "928e5e6fdba24133019557a524338488"}, {"key": "references", "hash": "144559aea9c3b7d31a14dcbaf6a9f1f2"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "4c635898750e162a915b6b58fc524841"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "11d78cd3c059a4698cdf510868650b42ad818041cc9f08fc0c67bac02f030850", "viewCount": 1, "enchantments": {"score": {"value": 4.0, "vector": "NONE", "modified": "2018-08-31T11:09:19"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310852529", "OPENVAS:1361412562310852527"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1485-1", "OPENSUSE-SU-2019:1481-1", "OPENSUSE-SU-2019:1479-1"]}, {"type": "zdt", "idList": ["1337DAY-ID-32825", "1337DAY-ID-32767", "1337DAY-ID-32728", "1337DAY-ID-32726", "1337DAY-ID-32721", "1337DAY-ID-32675", "1337DAY-ID-32678", "1337DAY-ID-32672"]}, {"type": "thn", "idList": ["THN:2A7DE929E5909B366E6F490ABBF0A6C1"]}, {"type": "threatpost", "idList": ["THREATPOST:720727931BBA026660C91151A9F50C2F"]}, {"type": "ubuntu", "idList": ["USN-3996-1"]}, {"type": "myhack58", "idList": ["MYHACK58:62201994293"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:152997"]}, {"type": "kitploit", "idList": ["KITPLOIT:3928947731225997712"]}, {"type": "zeroscience", "idList": ["ZSL-2019-5518"]}], "modified": "2018-08-31T11:09:19"}, "vulnersScore": 4.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "Merak Mail Server", "operator": "eq", "version": "8.0"}, {"name": "Icewarp Web Mail", "operator": "eq", "version": "5.4"}]}

{"nessus": [{"lastseen": "2020-02-15T06:57:58", "bulletinFamily": "scanner", "description": "debian-security-support, the Debian security support coverage checker,\nhas been updated in jessie-security.\n\nThis marks the end of life of the libqb package in jessie. A recently\nreported vulnerability against libqb which allows users to overwrite\narbitrary files via a symlink attack cannot be adequately addressed in\nlibqb in jessie. Upstream no longer supports this version and no\npackages in jessie depend upon libqb.\n\nWe recommend that if your systems or applications depend upon the\nlibqb package provided from the Debian archive that you upgrade your\nsystems to a more recent Debian release or find an alternate and up to\ndate source of libqb packages.\n\nAdditionally, MySQL 5.5 is no longer supported. Upstream has ended its\nsupport and we are unable to backport fixes from newer versions due to\nthe lack of patch details. Options are to switch to MariaDB 10.0 in\njessie or to a newer version of MySQL in more recent Debian releases.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "modified": "2020-02-02T00:00:00", "published": "2020-02-14T00:00:00", "id": "DEBIAN_DLA-2103.NASL", "href": "https://www.tenable.com/plugins/nessus/133698", "title": "Debian DLA-2103-1 : debian-security-support update: libqb and mysql-5.5 end", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2103-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133698);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2020/02/14\");\n\n script_name(english:\"Debian DLA-2103-1 : debian-security-support update: libqb and mysql-5.5 end\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"debian-security-support, the Debian security support coverage checker,\nhas been updated in jessie-security.\n\nThis marks the end of life of the libqb package in jessie. A recently\nreported vulnerability against libqb which allows users to overwrite\narbitrary files via a symlink attack cannot be adequately addressed in\nlibqb in jessie. Upstream no longer supports this version and no\npackages in jessie depend upon libqb.\n\nWe recommend that if your systems or applications depend upon the\nlibqb package provided from the Debian archive that you upgrade your\nsystems to a more recent Debian release or find an alternate and up to\ndate source of libqb packages.\n\nAdditionally, MySQL 5.5 is no longer supported. Upstream has ended its\nsupport and we are unable to backport fixes from newer versions due to\nthe lack of patch details. Options are to switch to MariaDB 10.0 in\njessie or to a newer version of MySQL in more recent Debian releases.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00011.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/debian-security-support\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected debian-security-support package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:debian-security-support\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"debian-security-support\", reference:\"2019.12.12~deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2020-02-14T14:32:44", "bulletinFamily": "NVD", "description": "Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.", "modified": "2020-02-13T21:23:00", "id": "CVE-2013-1400", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1400", "published": "2020-02-13T21:15:00", "title": "CVE-2013-1400", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-14T14:32:44", "bulletinFamily": "NVD", "description": "Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.", "modified": "2020-02-13T21:23:00", "id": "CVE-2013-1401", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1401", "published": "2020-02-13T21:15:00", "title": "CVE-2013-1401", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-14T14:30:33", "bulletinFamily": "NVD", "description": "A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information.", "modified": "2020-02-13T19:26:00", "published": "2020-02-13T19:15:00", "id": "CVE-2014-4170", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4170", "title": "CVE-2014-4170", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-13T14:32:08", "bulletinFamily": "NVD", "description": "MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm", "modified": "2020-02-12T18:17:00", "published": "2020-02-12T18:15:00", "id": "CVE-2013-7286", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7286", "title": "CVE-2013-7286", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-13T14:32:06", "bulletinFamily": "NVD", "description": "IZON IP 2.0.2: hard-coded password vulnerability", "modified": "2020-02-12T16:22:00", "published": "2020-02-12T16:15:00", "id": "CVE-2013-6236", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6236", "title": "CVE-2013-6236", "type": "cve", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-15T13:35:29", "bulletinFamily": "NVD", "description": "libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify.", "modified": "2020-02-14T14:47:00", "id": "CVE-2013-7381", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7381", "published": "2020-02-12T15:15:00", "title": "CVE-2013-7381", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-15T13:35:29", "bulletinFamily": "NVD", "description": "scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands.", "modified": "2020-02-14T16:42:00", "id": "CVE-2013-7378", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7378", "published": "2020-02-12T14:15:00", "title": "CVE-2013-7378", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-15T13:32:21", "bulletinFamily": "NVD", "description": "The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a \"SIP Digest Leak\" issue.", "modified": "2020-02-14T15:30:00", "id": "CVE-2014-2560", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2560", "published": "2020-02-12T14:15:00", "title": "CVE-2014-2560", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-02-15T13:32:24", "bulletinFamily": "NVD", "description": "Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.", "modified": "2020-02-14T15:26:00", "id": "CVE-2014-4607", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4607", "published": "2020-02-12T14:15:00", "title": "CVE-2014-4607", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-15T13:32:28", "bulletinFamily": "NVD", "description": "LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.", "modified": "2020-02-14T18:17:00", "id": "CVE-2014-8128", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8128", "published": "2020-02-12T03:15:00", "title": "CVE-2014-8128", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cert": [{"lastseen": "2020-02-13T14:26:50", "bulletinFamily": "info", "description": "### Overview \n\nIBM ServeRAID Manager version 9.30-17006 and prior exposes a Java RMI that allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.\n\n### Description \n\nIBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java 1.4.2 are no longer supported. ServeRAID Manager uses a Java Remote Method Invocation (RMI) on port 34571/tcp that listens on all interfaces by default. ServeRAID Manager runs with SYSTEM privileges on Microsoft Windows systems. An unauthenticated attacker with network access can exploit the vulnerable RMI interface to launch a remote class loader attack. This appears to be an instance of CVE-2011-3556.\n\nThe ServeRAID product name is used for hardware and software components variously owned and maintained by IBM, Lenovo, and other vendors. This vulnerability applies to IBM ServeRAID Manager software and no products or components from Lenovo or any other vendor. \n \n--- \n \n### Impact \n\nAn unauthenticated remote attacker can execute arbitrary code on a vulnerable system, with SYSTEM privileges on Microsoft Windows. \n \n--- \n \n### Solution \n\nServeRAID Manager is no longer supported and we do not expect IBM to release fixes. \n \n--- \n \n**Restrict access** \n \nConfigure ServeRAID Manager to listen on specific network interfaces (like localhost) or use a host-based firewall to restrict network access to 34571/tcp. \n \n--- \n \n### Vendor Information\n\n597809\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ __ IBM Corporation\n\nNotified: November 07, 2019 Updated: February 11, 2020 \n\n**Statement Date: July 26, 2019**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nThe product team has reviewed further and determined this is unsupported software with no plans to fix. We will be removing it from the web to avoid future confusion.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.ibm.com/support/pages/ibm-serveraid-application-cd-v930-17006-ibm-system-x-and-bladecenter>\n\n### __ Lenovo\n\nNotified: June 06, 2019 Updated: February 11, 2020 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Addendum\n\nLenovo was never responsible for the IBM ServeRAID Manager software.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23597809 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C \nTemporal | 9.5 | E:F/RL:U/RC:C \nEnvironmental | 2.4 | CDP:ND/TD:L/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References \n\n * <https://www.ibm.com/support/pages/ibm-serveraid-application-cd-v930-17006-ibm-system-x-and-bladecenter>\n * <https://www.ibm.com/support/pages/node/827256>\n * <https://www.oracle.com/technetwork/java/javase/index-jsp-138567.html>\n\n### Acknowledgements\n\nThanks to Brendan Saulsbury, Ariel Montano Cardenas, Lavelle Perry, and Swagat Das for reporting this vulnerability.\n\nThis document was written by Laurie Tyzenhaus.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2011-3556](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3556>) \n---|--- \n**Date Public:** | 2020-02-12 \n**Date First Published:** | 2020-02-12 \n**Date Last Updated: ** | 2020-02-13 12:33 UTC \n**Document Revision: ** | 54 \n", "modified": "2020-02-13T12:33:00", "published": "2020-02-12T00:00:00", "id": "VU:597809", "href": "https://www.kb.cert.org/vuls/id/597809", "type": "cert", "title": "IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "msupdate": [{"lastseen": "2020-02-12T14:57:36", "bulletinFamily": "microsoft", "description": "A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.", "modified": "2020-02-11T18:02:06", "id": "MS:93964199-BD33-4087-829A-76B9527F9739", "href": "https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=93964199-bd33-4087-829a-76b9527f9739", "published": "2020-02-11T18:02:06", "title": "2020-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4537820)", "type": "msupdate", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-02-12T14:58:12", "bulletinFamily": "microsoft", "description": "A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.", "modified": "2020-02-11T18:00:09", "id": "MS:123E150E-FA00-4078-BE72-89AF5FE9EC3F", "href": "https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=123e150e-fa00-4078-be72-89af5fe9ec3f", "published": "2020-02-11T18:00:09", "title": "2020-02 Cumulative Security Update for Internet Explorer 11 for Windows Embedded Standard 7 for x64-based systems (KB4537767)", "type": "msupdate", "cvss": {"score": 0.0, "vector": "NONE"}}]}