UMN Gopherd < 3.0.6 Multiple Remote Vulnerabilities

high Nessus Plugin ID 16195

Language:

Synopsis

The remote host is running a Gopher server that is affected by multiple vulnerabilities.

Description

The remote host is running the UMN Gopher server.

The remote version of the remote gopher server seems to be vulnerable to various issues including a buffer overflow and format string, which may be exploited by an attacker to execute arbitrary code on the remote host with the privileges of the gopher daemon.

Solution

Upgrade to UMN Gopherd 3.0.6 or newer

Plugin Details

Severity: High

ID: 16195

File Name: gopher_overflow.nasl

Version: 1.14

Type: remote

Family: Gain a shell remotely

Published: 1/18/2005

Updated: 7/12/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2004-0561

BID: 8157, 12254

Detections

Analytics