Lucene search
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.SYMANTEC_SMS_SMTP_SYM_08-010.NASLHistoryJul 17, 2013 - 12:00 a.m.
Symantec Mail Security for SMTP Autonomy KeyView Module Multiple Buffer Overflows
2013-07-1700:00:00
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.783
Percentile
98.3%
The remote windows host has a version of Symantec Mail Security installed that is shipped with the third-party Autonomy KeyView module, which is affected by multiple buffer overflow vulnerabilities that could allow a remote attacker to execute arbitrary code.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(68936);
script_version("1.10");
script_cvs_date("Date: 2019/11/27");
script_cve_id(
"CVE-2007-5399",
"CVE-2007-5405",
"CVE-2007-5406",
"CVE-2007-6020",
"CVE-2008-0066",
"CVE-2008-1101"
);
script_bugtraq_id(28454);
script_xref(name:"IAVB", value:"2008-B-0039");
script_name(english:"Symantec Mail Security for SMTP Autonomy KeyView Module Multiple Buffer Overflows");
script_summary(english:"Checks the version of Symantec Mail Security for SMTP");
script_set_attribute(attribute:"synopsis", value:
"The remote host has software installed that is affected by multiple
buffer overflow vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote windows host has a version of Symantec Mail Security
installed that is shipped with the third-party Autonomy KeyView module,
which is affected by multiple buffer overflow vulnerabilities that could
allow a remote attacker to execute arbitrary code.");
script_set_attribute(attribute:"see_also", value:"http://www.symantec.com/avcenter/security/Content/2008.04.08e.html");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch per the vendor's advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2008-1101");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(119);
script_set_attribute(attribute:"vuln_publication_date", value:"2008/04/08");
script_set_attribute(attribute:"patch_publication_date", value:"2008/04/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/17");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:symantec:mail_security");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("sms_smtp_installed.nasl", "smb_enum_services.nasl");
script_require_keys("SMB/Registry/Enumerated", "Symantec/SMSSMTP/Version");
script_require_ports(139, 445);
exit(0);
}
include("audit.inc");
include("smb_func.inc");
include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
include("misc_func.inc");
app = "Symantec Mail Security for SMTP";
get_kb_item_or_exit("SMB/Registry/Enumerated");
port = kb_smb_transport();
# Make sure the SMS for SMTP service is running, unless we're
# being paranoid.
if (report_paranoia < 2)
{
services = get_kb_item("SMB/svcs");
if (
!services ||
("SMSTomcat" >!< services && "Symantec Mail Security for SMTP" >!< services)
)
exit(0, 'Symantec Mail Security for SMTP is not running.');
}
version = get_kb_item_or_exit("Symantec/SMSSMTP/Version");
path = get_kb_item_or_exit('SMB/Symantec/SMSSMTP/' + version);
if (version != "5.0.0" && version != "5.0.1")
audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);
dll = '';
if (path[strlen(path) - 1] == '\\')
dll = path + "scanner\bin\libdayzero.dll";
else
dll = path + "\scanner\bin\libdayzero.dll";
ver = hotfix_get_fversion(path:dll);
hotfix_check_fversion_end();
if (ver['error'] == HCF_NOENT)
audit(AUDIT_UNINST, app);
else if (ver['error'] != HCF_OK)
audit(AUDIT_VER_FAIL, path);
dll_ver = join(ver['value'], sep:'.');
if (ver_compare(ver:dll_ver, fix:"5.0.1.189", strict:FALSE) == -1)
{
if (report_verbosity > 0)
{
report = '\n Path : ' + path +
'\n Installed version : ' + dll_ver +
'\n Fixed version : 5.0.1.189' +
'\n';
security_hole(extra:report, port:port);
}
else security_hole(port);
exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app, dll_ver, path);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5399
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5406
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0066
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1101
www.symantec.com/avcenter/security/Content/2008.04.08e.html
Related
nessus
nessus
securityvulns
securityvulns
prion
prion
cvelist
cvelist
nvd
nvd
cve
cve
saint
saint
Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow
2008-06-06 00:00:00
Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow
2008-06-06 00:00:00
Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow
2008-06-06 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (CVE-2007-5405)
2010-07-27 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.783
Percentile
98.3%
Related for SYMANTEC_SMS_SMTP_SYM_08-010.NASL