Mail Transfer Agent and Mail Delivery Agent Remote Command Execution via Shellshock

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host has a mail agent installed that allows remote command
execution via Shellshock.

Description :

The remote host appears to be running a mail transfer or mail delivery
agent such as Courier, Exim, Postfix, or Procmail. Many of these
agents can be configured to run utility scripts for a diverse number
of tasks including filtering, sorting, and delivering mail. These
scripts may create the conditions that are exploitable, making the
agent vulnerable to remote code execution via Shellshock.

A negative result from this plugin does not prove conclusively that
the remote system is not affected by Shellshock, only that the mail
agent running on the system is not configured in such a way to allow
remote execution via Shellshock.

See also :

http://seclists.org/oss-sec/2014/q3/650
http://www.nessus.org/u?dacf7829
https://www.invisiblethreat.ca/post/shellshock/

Solution :

Apply the referenced Bash patch.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 78701 ()

Bugtraq ID: 70103
70137

CVE ID: CVE-2014-6271
CVE-2014-7169

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now