Qpopper < 4.0.6 Multiple Insecure File Handling Local Privilege Escalation

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote POP3 server is affected by multiple file handling flaws.

Description :

According to its banner, the remote host is running a version of the
Qpopper POP3 server that suffers from two local, insecure file
handling vulnerabilities. First, it fails to properly drop root
privileges when processing certain local files, which could lead to
overwriting or creation of arbitrary files as root. And second, it
fails to set the process umask, potentially allowing creation of
group- or world-writable files.

See also :

http://bugs.gentoo.org/show_bug.cgi?id=90622
http://www.mail-archive.com/qpopper@lists.pensive.org/msg05140.html

Solution :

Upgrade to Qpopper 4.0.6 or later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 18361 ()

Bugtraq ID: 13714

CVE ID: CVE-2005-1151
CVE-2005-1152

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial