Vulnerabilities > CVE-2010-0143 - Unspecified vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
NONE
Availability impact
NONE
network
low complexity
cisco
nessus

Summary

Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921.

Nessus

NASL familyCISCO
NASL idCISCO_IRONPORT_POSTX_6291.NASL
descriptionThe version of Cisco IronPort PostX on the remote device is a version prior to 6.2.9.1. As such, it is affected by multiple vulnerabilities : - An unspecified vulnerability in the administrative interface in the embedded HTTPS server allows remote attackers to read arbitrary files via unknown vectors. (CVE-2010-0143) - An unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server allows remote attackers to read arbitrary files via unknown vectors. (CVE-2010-0144) - An unspecified vulnerability in the embedded HTTPS server allows remote attackers to execute arbitrary code via unknown vectors. (CVE-2010-0145)
last seen2020-06-01
modified2020-06-02
plugin id70073
published2013-09-23
reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/70073
titleCisco IronPort PostX < 6.2.9.1 Multiple Vulnerabilities
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(70073);
  script_version("1.7");
  script_cvs_date("Date: 2019/09/26 15:14:18");

  script_cve_id("CVE-2010-0143", "CVE-2010-0144", "CVE-2010-0145");
  script_bugtraq_id(38168, 38169, 38170);

  script_name(english:"Cisco IronPort PostX < 6.2.9.1 Multiple Vulnerabilities");
  script_summary(english:"Checks version of Cisco IronPort PostX");

  script_set_attribute(attribute:"synopsis", value:
"The remote device runs a service that is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Cisco IronPort PostX on the remote device is a version
prior to 6.2.9.1.  As such, it is affected by multiple vulnerabilities :

  - An unspecified vulnerability in the administrative
    interface in the embedded HTTPS server allows remote
    attackers to read arbitrary files via unknown vectors.
    (CVE-2010-0143)

  - An unspecified vulnerability in the WebSafe
    DistributorServlet in the embedded HTTPS server allows
    remote attackers to read arbitrary files via unknown
    vectors. (CVE-2010-0144)

  - An unspecified vulnerability in the embedded HTTPS
    server allows remote attackers to execute arbitrary code
    via unknown vectors. (CVE-2010-0145)");
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a523d7e2");
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4cb89c45");
  script_set_attribute(attribute:"solution", value:"Contact Cisco IronPort technical support for update information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/02/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/23");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:ironport_postx");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.");

  script_dependencies("find_service1.nasl", "smtpserver_detect.nasl");
  script_require_ports("Services/smtp", 25);
  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("smtp_func.inc");

port = get_service(svc:"smtp", default:25, exit_on_fail:TRUE);

banner = get_smtp_banner(port:port);
if (!banner) audit(AUDIT_NO_BANNER, port);
if ("PostX" >!< banner) exit(0, "The banner from the SMTP server listening on port "+port+" is not from PostX.");

matches = eregmatch(pattern:"\(.*?PostX.*?([0-9]+\.[0-9]+\.[0-9]+(\.[0-9]+)?).*?\)", string:banner);
if (isnull(matches[1])) exit(1, "Failed to determine the version of PostX based on the banner from the SMTP server listening on port "+port+".");
version = matches[1];

# only do the version check when paranoid since mitigations that do not
# affect the SMTP banner are available
if (report_paranoia < 2) audit(AUDIT_PARANOID);

fixed = "6.2.9.1";

if (ver_compare(ver:version, fix:fixed, strict:FALSE) != -1) audit(AUDIT_LISTEN_NOT_VULN, "PostX", port, version);

if (report_verbosity > 0)
{
  report =
  '\n  Version source    : ' + banner +
  '\n  Installed version : ' + version +
  '\n  Fixed version     : ' + fixed +
  '\n';
  security_hole(port:port, extra:report);
}
else security_hole(port:port);

Seebug

bulletinFamilyexploit
descriptionNo description provided by source.
idSSV:19117
last seen2017-11-19
modified2010-02-13
published2010-02-13
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-19117
titleMultiple Vulnerabilities in Cisco IronPort Encryption Appliance