Vulnerabilities > CVE-2005-0100 - Remote Format String vulnerability in GNU Emacs and Xemacs
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
Vulnerable Configurations
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-133.NASL description Updated XEmacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. XEmacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of XEmacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running xemacs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0100 to this issue. Users of XEmacs are advised to upgrade to these updated packages, which contain backported patches to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 17190 published 2005-02-22 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/17190 title RHEL 4 : xemacs (RHSA-2005:133) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-670.NASL description Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. last seen 2020-06-01 modified 2020-06-02 plugin id 16344 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16344 title Debian DSA-670-1 : emacs20 - format string NASL family Fedora Local Security Checks NASL id FEDORA_2005-145.NASL description Update to 21.4.17 stable release, which also fixes the CVE-2005-0100 movemail string format vulnerability. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 16466 published 2005-02-16 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16466 title Fedora Core 2 : xemacs-21.4.17-0.FC2 (2005-145) NASL family Fedora Local Security Checks NASL id FEDORA_2005-115.NASL description This update fixes the CVE-2005-0100 movemail vulnerability and backports current bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 16349 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16349 title Fedora Core 2 : emacs-21.3-21.FC2 (2005-115) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_3E3C860D7DAE11D9A9E70001020EED82.NASL description Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs. They can be exploited when connecting to a malicious POP server and can allow an attacker can execute arbitrary code under the privileges of the user running Emacs. last seen 2020-06-01 modified 2020-06-02 plugin id 18910 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18910 title FreeBSD : emacs -- movemail format string vulnerability (3e3c860d-7dae-11d9-a9e7-0001020eed82) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-110.NASL description Updated Emacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team Emacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running emacs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0100 to this issue. Users of Emacs are advised to upgrade to these updated packages, which contain backported patches to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 17189 published 2005-02-22 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/17189 title RHEL 4 : emacs (RHSA-2005:110) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-76-1.NASL description Max Vozeler discovered a format string vulnerability in the last seen 2020-06-01 modified 2020-06-02 plugin id 20698 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20698 title Ubuntu 4.10 : emacs21 vulnerability (USN-76-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-112.NASL description Updated Emacs packages that fix a string format issue are now available. Emacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running emacs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0100 to this issue. Users of Emacs are advised to upgrade to these updated packages, which contain backported patches to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 16368 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/16368 title RHEL 2.1 / 3 : emacs (RHSA-2005:112) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-685.NASL description Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. last seen 2020-06-01 modified 2020-06-02 plugin id 17130 published 2005-02-17 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17130 title Debian DSA-685-1 : emacs21 - format string NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-134.NASL description Updated XEmacs packages that fix a string format issue are now available. XEmacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of XEmacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running xemacs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0100 to this issue. Users of XEmacs are advised to upgrade to these updated packages, which contain backported patches to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 16369 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/16369 title RHEL 2.1 / 3 : xemacs (RHSA-2005:134) NASL family Fedora Local Security Checks NASL id FEDORA_2005-116.NASL description This update fixes the CVE-2005-0100 movemail vulnerability and backports the latest bug fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 16350 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16350 title Fedora Core 3 : emacs-21.3-21.FC3 (2005-116) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-038.NASL description Max Vozeler discovered several format string vulnerabilities in the movemail utility in Emacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running emacs. The updated packages have been patched to correct the problem. last seen 2020-06-01 modified 2020-06-02 plugin id 16473 published 2005-02-16 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16473 title Mandrake Linux Security Advisory : emacs (MDKSA-2005:038) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-671.NASL description Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. last seen 2020-06-01 modified 2020-06-02 plugin id 16345 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16345 title Debian DSA-671-1 : xemacs21 - format string NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200502-20.NASL description The remote host is affected by the vulnerability described in GLSA-200502-20 (Emacs, XEmacs: Format string vulnerabilities in movemail) Max Vozeler discovered that the movemail utility contains several format string errors. Impact : An attacker could set up a malicious POP server and entice a user to connect to it using movemail, resulting in the execution of arbitrary code with the rights of the victim user. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 16471 published 2005-02-16 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16471 title GLSA-200502-20 : Emacs, XEmacs: Format string vulnerabilities in movemail NASL family Fedora Local Security Checks NASL id FEDORA_2005-146.NASL description Update to 21.4.17 stable release, which also fixes the CVE-2005-0100 movemail string format vulnerability and the AltGr issue for European input. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 16467 published 2005-02-16 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16467 title Fedora Core 3 : xemacs-21.4.17-0.FC3 (2005-146)
Oval
| accepted | 2013-04-29T04:19:13.074-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:9408 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
| title | Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. | ||||||||||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||||||||||
| rpms |
|
References
- http://marc.info/?l=bugtraq&m=110780416112719&w=2
- http://www.debian.org/security/2005/dsa-670
- http://www.debian.org/security/2005/dsa-671
- http://www.debian.org/security/2005/dsa-685
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:038
- http://www.redhat.com/support/errata/RHSA-2005-110.html
- http://www.redhat.com/support/errata/RHSA-2005-112.html
- http://www.redhat.com/support/errata/RHSA-2005-133.html
- http://www.securityfocus.com/archive/1/433928/30/5010/threaded
- http://www.securityfocus.com/bid/12462
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19246
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408