Vulnerability CVE-2005-0100

Vulnerability Name:

CVE-2005-0100 (CCN-19246)

Assigned:

2005-02-06

Published:

2005-02-06

Updated:

2018-10-19

Summary:

Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2005-0100

Source: CCN
Type: GNU Web site
Index of ftp.gnu.org/gnu/emacs

Source: CCN
Type: XEmacs Announcements Web site
XEmacs 21.4.17, "Jumbo Shrimp", is released

Source: BUGTRAQ
Type: UNKNOWN
20050207 [USN-76-1] Emacs vulnerability

Source: CCN
Type: RHSA-2005-110
emacs security update

Source: CCN
Type: RHSA-2005-112
emacs security update

Source: CCN
Type: RHSA-2005-133
xemacs security update

Source: CCN
Type: RHSA-2005-134
xemacs security update

Source: CCN
Type: CIAC Information Bulletin P-123
Emacs20

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-670

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-671

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-685

Source: DEBIAN
Type: DSA-670
emacs20 -- format string

Source: DEBIAN
Type: DSA-671
xemacs21 -- format string

Source: DEBIAN
Type: DSA-685
emacs21 -- format string

Source: CCN
Type: GLSA-200502-20
Emacs, XEmacs: Format string vulnerabilities in movemail

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:038

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:110

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:112

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:133

Source: FEDORA
Type: UNKNOWN
FLSA-2006:152898

Source: BID
Type: UNKNOWN
12462

Source: CCN
Type: BID-12462
Emacs Movemail POP3 Remote Format String Vulnerability

Source: CCN
Type: TLSA-2005-37
Format string vulnerability

Source: CCN
Type: USN-76-1
Emacs vulnerability

Source: XF
Type: UNKNOWN
xemacs-movemail-format-string(19246)

Source: XF
Type: UNKNOWN
xemacs-movemail-format-string(19246)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9408

Source: SUSE
Type: SUSE-SR:2005:006
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:emacs:*:*:*:*:*:*:*:* (Version <= 20.0)

OR cpe:/a:gnu:emacs:21.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:xemacs:*:*:*:*:*:*:*:* (Version <= 21.4)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:emacs:20.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:emacs:21.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:xemacs:21.4:*:*:*:*:*:*:*

AND

cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*

OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:9408	V	Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.	2013-04-29
oval:org.debian:def:685	V	format string	2005-02-17
oval:com.redhat.rhsa:def:20050110	P	RHSA-2005:110: emacs security update (Important)	2005-02-15
oval:com.redhat.rhsa:def:20050133	P	RHSA-2005:133: xemacs security update (Important)	2005-02-15
oval:com.redhat.rhsa:def:20050112	P	RHSA-2005:112: emacs security update (Important)	2005-02-10
oval:com.redhat.rhsa:def:20050134	P	RHSA-2005:134: xemacs security update (Important)	2005-02-10
oval:org.debian:def:670	V	format string	2005-02-08
oval:org.debian:def:671	V	format string	2005-02-08

BACK