ID OPENVAS:870002 Type openvas Reporter Copyright (C) 2009 Greenbone Networks GmbH Modified 2017-07-12T00:00:00
Description
Check for the Version of evolution
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for evolution RHSA-2008:0516-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Evolution is the integrated collection of e-mail, calendaring, contact
management, communications and personal information management (PIM) tools
for the GNOME desktop environment.
A flaw was found in the way Evolution parsed iCalendar timezone attachment
data. If mail which included a carefully crafted iCalendar attachment was
opened, arbitrary code could be executed as the user running Evolution.
(CVE-2008-1108)
Red Hat would like to thank Alin Rad Pop of Secunia Research for
responsibly disclosing this issue.
All users of Evolution should upgrade to these updated packages, which
contains a backported patch which resolves this issue.";
tag_affected = "evolution on Red Hat Enterprise Linux AS version 3,
Red Hat Enterprise Linux ES version 3,
Red Hat Enterprise Linux WS version 3,
Red Hat Enterprise Linux AS version 4,
Red Hat Enterprise Linux ES version 4,
Red Hat Enterprise Linux WS version 4";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2008-June/msg00002.html");
script_id(870002);
script_version("$Revision: 6683 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)");
script_tag(name:"cvss_base", value:"7.6");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:H/Au:N/C:C/I:C/A:C");
script_xref(name: "RHSA", value: "2008:0516-01");
script_cve_id("CVE-2008-1108");
script_name( "RedHat Update for evolution RHSA-2008:0516-01");
script_summary("Check for the Version of evolution");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_4")
{
if ((res = isrpmvuln(pkg:"evolution", rpm:"evolution~2.0.2~35.0.4.el4_6.2", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"evolution-debuginfo", rpm:"evolution-debuginfo~2.0.2~35.0.4.el4_6.2", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"evolution-devel", rpm:"evolution-devel~2.0.2~35.0.4.el4_6.2", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "RHENT_3")
{
if ((res = isrpmvuln(pkg:"evolution", rpm:"evolution~1.4.5~22.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"evolution-debuginfo", rpm:"evolution-debuginfo~1.4.5~22.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"evolution-devel", rpm:"evolution-devel~1.4.5~22.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:870002", "type": "openvas", "bulletinFamily": "scanner", "title": "RedHat Update for evolution RHSA-2008:0516-01", "description": "Check for the Version of evolution", "published": "2009-03-06T00:00:00", "modified": "2017-07-12T00:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870002", "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "references": ["https://www.redhat.com/archives/rhsa-announce/2008-June/msg00002.html", "2008:0516-01"], "cvelist": ["CVE-2008-1108"], "lastseen": "2017-07-27T10:56:04", "viewCount": 1, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2017-07-27T10:56:04", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-1108"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2008-0516.NASL", "ORACLELINUX_ELSA-2008-0515.NASL", "SL_20080604_EVOLUTION_ON_SL5_X.NASL", "REDHAT-RHSA-2008-0517.NASL", "CENTOS_RHSA-2008-0516.NASL", "SL_20080604_EVOLUTION28_ON_SL4_6.NASL", "ORACLELINUX_ELSA-2008-0516.NASL", "SL_20080604_EVOLUTION_ON_SL3_X.NASL", "REDHAT-RHSA-2008-0514.NASL", "REDHAT-RHSA-2008-0515.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310880061", "OPENVAS:1361412562310870002", "OPENVAS:880204", "OPENVAS:1361412562310830584", "OPENVAS:880061", "OPENVAS:1361412562310880204", "OPENVAS:880107", "OPENVAS:880148", "OPENVAS:1361412562310880148", "OPENVAS:1361412562310880107"]}, {"type": "redhat", "idList": ["RHSA-2008:0514", "RHSA-2008:0516", "RHSA-2008:0517", "RHSA-2008:0515"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0515", "ELSA-2008-0516"]}, {"type": "centos", "idList": ["CESA-2008:0516", "CESA-2008:0515", "CESA-2008:0514"]}, {"type": "ubuntu", "idList": ["USN-615-1"]}, {"type": "gentoo", "idList": ["GLSA-200806-06"]}, {"type": "suse", "idList": ["SUSE-SA:2008:028"]}], "modified": "2017-07-27T10:56:04", "rev": 2}, "vulnersScore": 6.7}, "pluginID": "870002", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for evolution RHSA-2008:0516-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-June/msg00002.html\");\n script_id(870002);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0516-01\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"RedHat Update for evolution RHSA-2008:0516-01\");\n\n script_summary(\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.0.2~35.0.4.el4_6.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-debuginfo\", rpm:\"evolution-debuginfo~2.0.2~35.0.4.el4_6.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.0.2~35.0.4.el4_6.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~1.4.5~22.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-debuginfo\", rpm:\"evolution-debuginfo~1.4.5~22.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~1.4.5~22.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Red Hat Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:50:58", "description": "Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attackers to execute arbitrary code via a long timezone string in an iCalendar attachment.", "edition": 3, "cvss3": {}, "published": "2008-06-04T20:32:00", "title": "CVE-2008-1108", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1108"], "modified": "2017-09-29T01:30:00", "cpe": ["cpe:/a:gnome:evolution:2.2.1"], "id": "CVE-2008-1108", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1108", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:gnome:evolution:2.2.1:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:56:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880148", "href": "http://plugins.openvas.org/nasl.php?oid=880148", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014968.html\");\n script_id(880148);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos4 x86_64\");\n\n script_summary(\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880107", "href": "http://plugins.openvas.org/nasl.php?oid=880107", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014963.html\");\n script_id(880107);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos3 x86_64\");\n\n script_summary(\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880148", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880148", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014968.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880148\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880107", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880107", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014963.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880107\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880204", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880204", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014969.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880204\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880061", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880061", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014962.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880061\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870002", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870002", "type": "openvas", "title": "RedHat Update for evolution RHSA-2008:0516-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for evolution RHSA-2008:0516-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-June/msg00002.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870002\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0516-01\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"RedHat Update for evolution RHSA-2008:0516-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.0.2~35.0.4.el4_6.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-debuginfo\", rpm:\"evolution-debuginfo~2.0.2~35.0.4.el4_6.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.0.2~35.0.4.el4_6.2\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~1.4.5~22.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-debuginfo\", rpm:\"evolution-debuginfo~1.4.5~22.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~1.4.5~22.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880204", "href": "http://plugins.openvas.org/nasl.php?oid=880204", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos4 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014969.html\");\n script_id(880204);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos4 i386\");\n\n script_summary(\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~2.0.2~35.0.4.el4_6.2\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "description": "Check for the Version of evolution", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880061", "href": "http://plugins.openvas.org/nasl.php?oid=880061", "type": "openvas", "title": "CentOS Update for evolution CESA-2008:0516 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution CESA-2008:0516 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If mail which included a carefully crafted iCalendar attachment was\n opened, arbitrary code could be executed as the user running Evolution.\n (CVE-2008-1108)\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing this issue.\n \n All users of Evolution should upgrade to these updated packages, which\n contains a backported patch which resolves this issue.\";\n\ntag_affected = \"evolution on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014962.html\");\n script_id(880061);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0516\");\n script_cve_id(\"CVE-2008-1108\");\n script_name( \"CentOS Update for evolution CESA-2008:0516 centos3 i386\");\n\n script_summary(\"Check for the Version of evolution\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution\", rpm:\"evolution~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution-devel\", rpm:\"evolution-devel~1.4.5~22.el3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "description": "Check for the Version of evolution28", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880299", "href": "http://plugins.openvas.org/nasl.php?oid=880299", "type": "openvas", "title": "CentOS Update for evolution28 CESA-2008:0515 centos4 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for evolution28 CESA-2008:0515 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Evolution is the integrated collection of e-mail, calendaring, contact\n management, communications and personal information management (PIM) tools\n for the GNOME desktop environment.\n\n A flaw was found in the way Evolution parsed iCalendar timezone attachment\n data. If the Itip Formatter plug-in was disabled and a user opened a mail\n with a carefully crafted iCalendar attachment, arbitrary code could be\n executed as the user running Evolution. (CVE-2008-1108)\n \n Note: the Itip Formatter plug-in, which allows calendar information\n (attachments with a MIME type of "text/calendar") to be displayed as part\n of the e-mail message, is enabled by default.\n \n A heap-based buffer overflow flaw was found in the way Evolution parsed\n iCalendar attachments with an overly long "DESCRIPTION" property string. If\n a user responded to a carefully crafted iCalendar attachment in a\n particular way, arbitrary code could be executed as the user running\n Evolution. (CVE-2008-1109).\n \n The particular response required to trigger this vulnerability was as\n follows:\n \n 1. Receive the carefully crafted iCalendar attachment.\n 2. Accept the associated meeting.\n 3. Open the calendar the meeting was in.\n 4. Reply to the sender.\n \n Red Hat would like to thank Alin Rad Pop of Secunia Research for\n responsibly disclosing these issues.\n \n All Evolution users should upgrade to these updated packages, which contain\n backported patches which resolves these issues.\";\n\ntag_affected = \"evolution28 on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-June/014966.html\");\n script_id(880299);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0515\");\n script_cve_id(\"CVE-2008-1108\", \"CVE-2008-1109\");\n script_name( \"CentOS Update for evolution28 CESA-2008:0515 centos4 x86_64\");\n\n script_summary(\"Check for the Version of evolution28\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"evolution28\", rpm:\"evolution28~2.8.0~53.el4_6.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"evolution28-devel\", rpm:\"evolution28-devel~2.8.0~53.el4_6.3\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:25:08", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1108"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0516\n\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM) tools\nfor the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone attachment\ndata. If mail which included a carefully crafted iCalendar attachment was\nopened, arbitrary code could be executed as the user running Evolution.\n(CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/026988.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/026989.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/026995.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/026996.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027000.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027001.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027006.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027007.html\n\n**Affected packages:**\nevolution\nevolution-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0516.html", "edition": 4, "modified": "2008-06-08T01:35:15", "published": "2008-06-04T13:42:10", "href": "http://lists.centos.org/pipermail/centos-announce/2008-June/026988.html", "id": "CESA-2008:0516", "title": "evolution security update", "type": "centos", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:11", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0515\n\n\nEvolution is the integrated collection of e-mail, calendaring, contact\r\nmanagement, communications and personal information management (PIM) tools\r\nfor the GNOME desktop environment.\r\n\r\nA flaw was found in the way Evolution parsed iCalendar timezone attachment\r\ndata. If the Itip Formatter plug-in was disabled and a user opened a mail\r\nwith a carefully crafted iCalendar attachment, arbitrary code could be\r\nexecuted as the user running Evolution. (CVE-2008-1108)\r\n\r\nNote: the Itip Formatter plug-in, which allows calendar information\r\n(attachments with a MIME type of \"text/calendar\") to be displayed as part\r\nof the e-mail message, is enabled by default.\r\n\r\nA heap-based buffer overflow flaw was found in the way Evolution parsed\r\niCalendar attachments with an overly long \"DESCRIPTION\" property string. If\r\na user responded to a carefully crafted iCalendar attachment in a\r\nparticular way, arbitrary code could be executed as the user running\r\nEvolution. (CVE-2008-1109).\r\n\r\nThe particular response required to trigger this vulnerability was as\r\nfollows:\r\n\r\n1. Receive the carefully crafted iCalendar attachment.\r\n2. Accept the associated meeting.\r\n3. Open the calender the meeting was in.\r\n4. Reply to the sender.\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing these issues.\r\n\r\nAll Evolution users should upgrade to these updated packages, which contain\r\nbackported patches which resolves these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/026994.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/026997.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027004.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027005.html\n\n**Affected packages:**\nevolution28\nevolution28-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0515.html", "edition": 3, "modified": "2008-06-08T01:30:25", "published": "2008-06-04T16:27:50", "href": "http://lists.centos.org/pipermail/centos-announce/2008-June/026994.html", "id": "CESA-2008:0515", "title": "evolution28 security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:04", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "description": "**CentOS Errata and Security Advisory** CESA-2008:0514\n\n\nEvolution is the integrated collection of e-mail, calendaring, contact\r\nmanagement, communications and personal information management (PIM) tools\r\nfor the GNOME desktop environment.\r\n\r\nA flaw was found in the way Evolution parsed iCalendar timezone attachment\r\ndata. If the Itip Formatter plug-in was disabled and a user opened a mail\r\nwith a carefully crafted iCalendar attachment, arbitrary code could be\r\nexecuted as the user running Evolution. (CVE-2008-1108)\r\n\r\nNote: the Itip Formatter plug-in, which allows calendar information\r\n(attachments with a MIME type of \"text/calendar\") to be displayed as part\r\nof the e-mail message, is enabled by default.\r\n\r\nA heap-based buffer overflow flaw was found in the way Evolution parsed\r\niCalendar attachments with an overly long \"DESCRIPTION\" property string. If\r\na user responded to a carefully crafted iCalendar attachment in a\r\nparticular way, arbitrary code could be executed as the user running\r\nEvolution. (CVE-2008-1109).\r\n\r\nThe particular response required to trigger this vulnerability was as\r\nfollows:\r\n\r\n1. Receive the carefully crafted iCalendar attachment.\r\n2. Accept the associated meeting.\r\n3. Open the calender the meeting was in.\r\n4. Reply to the sender.\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing these issues.\r\n\r\nAll Evolution users should upgrade to these updated packages, which contain\r\nbackported patches which resolves these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027070.html\nhttp://lists.centos.org/pipermail/centos-announce/2008-June/027071.html\n\n**Affected packages:**\nevolution\nevolution-devel\nevolution-help\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2008-0514.html", "edition": 3, "modified": "2008-06-26T01:08:59", "published": "2008-06-26T01:08:58", "href": "http://lists.centos.org/pipermail/centos-announce/2008-June/027070.html", "id": "CESA-2008:0514", "title": "evolution security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:24", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1108"], "description": "Evolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM) tools\nfor the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone attachment\ndata. If mail which included a carefully crafted iCalendar attachment was\nopened, arbitrary code could be executed as the user running Evolution.\n(CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.\n", "modified": "2017-09-08T11:54:15", "published": "2008-06-04T04:00:00", "id": "RHSA-2008:0516", "href": "https://access.redhat.com/errata/RHSA-2008:0516", "type": "redhat", "title": "(RHSA-2008:0516) Critical: evolution security update", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:03", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1108"], "description": "Evolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM) tools\nfor the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone attachment\ndata. If mail which included a carefully crafted iCalendar attachment was\nopened, arbitrary code could be executed as the user running Evolution.\n(CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.\n\n", "modified": "2017-09-08T11:55:15", "published": "2008-06-04T04:00:00", "id": "RHSA-2008:0517", "href": "https://access.redhat.com/errata/RHSA-2008:0517", "type": "redhat", "title": "(RHSA-2008:0517) Critical: evolution security update", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:20", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1108", "CVE-2008-1109"], "description": "Evolution is the integrated collection of e-mail, calendaring, contact\r\nmanagement, communications and personal information management (PIM) tools\r\nfor the GNOME desktop environment.\r\n\r\nA flaw was found in the way Evolution parsed iCalendar timezone attachment\r\ndata. If the Itip Formatter plug-in was disabled and a user opened a mail\r\nwith a carefully crafted iCalendar attachment, arbitrary code could be\r\nexecuted as the user running Evolution. (CVE-2008-1108)\r\n\r\nNote: the Itip Formatter plug-in, which allows calendar information\r\n(attachments with a MIME type of \"text/calendar\") to be displayed as part\r\nof the e-mail message, is enabled by default.\r\n\r\nA heap-based buffer overflow flaw was found in the way Evolution parsed\r\niCalendar attachments with an overly long \"DESCRIPTION\" property string. If\r\na user responded to a carefully crafted iCalendar attachment in a\r\nparticular way, arbitrary code could be executed as the user running\r\nEvolution. (CVE-2008-1109).\r\n\r\nThe particular response required to trigger this vulnerability was as\r\nfollows:\r\n\r\n1. Receive the carefully crafted iCalendar attachment.\r\n2. Accept the associated meeting.\r\n3. Open the calender the meeting was in.\r\n4. Reply to the sender.\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing these issues.\r\n\r\nAll Evolution users should upgrade to these updated packages, which contain\r\nbackported patches which resolves these issues.", "modified": "2017-09-08T12:17:23", "published": "2008-06-04T04:00:00", "id": "RHSA-2008:0515", "href": "https://access.redhat.com/errata/RHSA-2008:0515", "type": "redhat", "title": "(RHSA-2008:0515) Important: evolution28 security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:07", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1108", "CVE-2008-1109"], "description": "Evolution is the integrated collection of e-mail, calendaring, contact\r\nmanagement, communications and personal information management (PIM) tools\r\nfor the GNOME desktop environment.\r\n\r\nA flaw was found in the way Evolution parsed iCalendar timezone attachment\r\ndata. If the Itip Formatter plug-in was disabled and a user opened a mail\r\nwith a carefully crafted iCalendar attachment, arbitrary code could be\r\nexecuted as the user running Evolution. (CVE-2008-1108)\r\n\r\nNote: the Itip Formatter plug-in, which allows calendar information\r\n(attachments with a MIME type of \"text/calendar\") to be displayed as part\r\nof the e-mail message, is enabled by default.\r\n\r\nA heap-based buffer overflow flaw was found in the way Evolution parsed\r\niCalendar attachments with an overly long \"DESCRIPTION\" property string. If\r\na user responded to a carefully crafted iCalendar attachment in a\r\nparticular way, arbitrary code could be executed as the user running\r\nEvolution. (CVE-2008-1109).\r\n\r\nThe particular response required to trigger this vulnerability was as\r\nfollows:\r\n\r\n1. Receive the carefully crafted iCalendar attachment.\r\n2. Accept the associated meeting.\r\n3. Open the calender the meeting was in.\r\n4. Reply to the sender.\r\n\r\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\r\nresponsibly disclosing these issues.\r\n\r\nAll Evolution users should upgrade to these updated packages, which contain\r\nbackported patches which resolves these issues.", "modified": "2017-09-08T12:19:12", "published": "2008-06-04T04:00:00", "id": "RHSA-2008:0514", "href": "https://access.redhat.com/errata/RHSA-2008:0514", "type": "redhat", "title": "(RHSA-2008:0514) Important: evolution security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:18", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1108"], "description": "[2.0.2-35.0.4.el4.2]\n- Add patch for RH bug #448725 (buffer overflow vulnerability).", "edition": 4, "modified": "2008-06-04T00:00:00", "published": "2008-06-04T00:00:00", "id": "ELSA-2008-0516", "href": "http://linux.oracle.com/errata/ELSA-2008-0516.html", "title": "evolution security update", "type": "oraclelinux", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:43", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "description": "[2.8.0-53.0.1.el4_6.3]\n- Comment evolution-2.8.0-red-hat-branding.patch to make evolution as vendor neutral\n[2.8.0-53.el4_6.3]\n- Add patches for RH bug #448721 (buffer overflow vulnerabilities).", "edition": 4, "modified": "2008-06-04T00:00:00", "published": "2008-06-04T00:00:00", "id": "ELSA-2008-0515", "href": "http://linux.oracle.com/errata/ELSA-2008-0515.html", "title": "evolution28 security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-06T09:25:20", "description": "Updated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 3 and Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.", "edition": 26, "published": "2008-06-09T00:00:00", "title": "CentOS 3 / 4 : evolution (CESA-2008:0516)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "modified": "2008-06-09T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:evolution", "p-cpe:/a:centos:centos:evolution-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2008-0516.NASL", "href": "https://www.tenable.com/plugins/nessus/33111", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0516 and \n# CentOS Errata and Security Advisory 2008:0516 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33111);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1108\");\n script_bugtraq_id(29527);\n script_xref(name:\"RHSA\", value:\"2008:0516\");\n\n script_name(english:\"CentOS 3 / 4 : evolution (CESA-2008:0516)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 3 and Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014950.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dc608e35\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014951.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?32f6a19b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014962.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?958a2e83\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014963.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ebe8f6fd\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014968.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?16725494\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014969.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12acb687\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evolution-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"evolution-1.4.5-22.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"evolution-devel-1.4.5-22.el3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"evolution-2.0.2-35.0.4.el4_6.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"evolution-2.0.2-35.0.4.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"evolution-2.0.2-35.0.4.el4_6.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"evolution-devel-2.0.2-35.0.4.el4_6.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"evolution-devel-2.0.2-35.0.4.c4.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"evolution-devel-2.0.2-35.0.4.el4_6.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution / evolution-devel\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:43:56", "description": "A flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : evolution on SL3.x, SL4.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080604_EVOLUTION_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60417", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60417);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1108\");\n\n script_name(english:\"Scientific Linux Security Update : evolution on SL3.x, SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0806&L=scientific-linux-errata&T=0&P=200\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?86f6e892\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution and / or evolution-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"evolution-1.4.5-22.el3\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"evolution-devel-1.4.5-22.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"evolution-2.0.2-35.0.4.el4_6.2\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"evolution-devel-2.0.2-35.0.4.el4_6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:06:09", "description": "Updated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 3 and Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.", "edition": 27, "published": "2008-06-05T00:00:00", "title": "RHEL 3 / 4 : evolution (RHSA-2008:0516)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "modified": "2008-06-05T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:evolution", "p-cpe:/a:redhat:enterprise_linux:evolution-devel", "cpe:/o:redhat:enterprise_linux:4.6"], "id": "REDHAT-RHSA-2008-0516.NASL", "href": "https://www.tenable.com/plugins/nessus/33098", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0516. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33098);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1108\");\n script_bugtraq_id(29527);\n script_xref(name:\"RHSA\", value:\"2008:0516\");\n\n script_name(english:\"RHEL 3 / 4 : evolution (RHSA-2008:0516)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 3 and Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0516\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution and / or evolution-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:evolution-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0516\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"evolution-1.4.5-22.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"evolution-devel-1.4.5-22.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"evolution-2.0.2-35.0.4.el4_6.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"evolution-devel-2.0.2-35.0.4.el4_6.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution / evolution-devel\");\n }\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:06:09", "description": "Updated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 4.5\nExtended Update Support.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.", "edition": 24, "published": "2013-01-24T00:00:00", "title": "RHEL 4 : evolution (RHSA-2008:0517)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "modified": "2013-01-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:evolution", "cpe:/o:redhat:enterprise_linux:4.5", "p-cpe:/a:redhat:enterprise_linux:evolution-devel"], "id": "REDHAT-RHSA-2008-0517.NASL", "href": "https://www.tenable.com/plugins/nessus/63856", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0517. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63856);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1108\");\n script_xref(name:\"RHSA\", value:\"2008:0517\");\n\n script_name(english:\"RHEL 4 : evolution (RHSA-2008:0517)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 4.5\nExtended Update Support.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-1108.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2008-0517.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution and / or evolution-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:evolution-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", sp:\"5\", reference:\"evolution-2.0.2-35.0.4.el4_5.2\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"5\", reference:\"evolution-devel-2.0.2-35.0.4.el4_5.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:10", "description": "From Red Hat Security Advisory 2008:0516 :\n\nUpdated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 3 and Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 : evolution (ELSA-2008-0516)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1108"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:evolution-devel", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:evolution", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2008-0516.NASL", "href": "https://www.tenable.com/plugins/nessus/67705", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0516 and \n# Oracle Linux Security Advisory ELSA-2008-0516 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67705);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1108\");\n script_bugtraq_id(29527);\n script_xref(name:\"RHSA\", value:\"2008:0516\");\n\n script_name(english:\"Oracle Linux 3 / 4 : evolution (ELSA-2008-0516)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0516 :\n\nUpdated evolution packages that address a buffer overflow\nvulnerability are now available for Red Hat Enterprise Linux 3 and Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If mail which included a carefully crafted iCalendar\nattachment was opened, arbitrary code could be executed as the user\nrunning Evolution. (CVE-2008-1108)\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing this issue.\n\nAll users of Evolution should upgrade to these updated packages, which\ncontains a backported patch which resolves this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000625.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000630.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:evolution-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"evolution-1.4.5-22.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"evolution-1.4.5-22.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"evolution-devel-1.4.5-22.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"evolution-devel-1.4.5-22.el3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"evolution-2.0.2-35.0.4.el4_6.2\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"evolution-devel-2.0.2-35.0.4.el4_6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution / evolution-devel\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:33", "description": "Fix two buffer overflows in iCalendar .ics file fromat support\ndiscovered and reported by Alin Rad Pop of the Secunia Research:\nCVE-2008-1108, CVE-2008-1109, SA30298 See referenced bugzilla bugs or\nSecunia advisories for further details:\nhttp://secunia.com/advisories/30298\nhttp://secunia.com/secunia_research/2008-22/advisory/\nhttp://secunia.com/secunia_research/2008-23/advisory/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-06-09T00:00:00", "title": "Fedora 7 : evolution-2.10.3-10.fc7 (2008-5018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "modified": "2008-06-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:evolution"], "id": "FEDORA_2008-5018.NASL", "href": "https://www.tenable.com/plugins/nessus/33116", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-5018.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33116);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1108\", \"CVE-2008-1109\");\n script_bugtraq_id(29527);\n script_xref(name:\"FEDORA\", value:\"2008-5018\");\n script_xref(name:\"Secunia\", value:\"30298\");\n\n script_name(english:\"Fedora 7 : evolution-2.10.3-10.fc7 (2008-5018)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix two buffer overflows in iCalendar .ics file fromat support\ndiscovered and reported by Alin Rad Pop of the Secunia Research:\nCVE-2008-1108, CVE-2008-1109, SA30298 See referenced bugzilla bugs or\nSecunia advisories for further details:\nhttp://secunia.com/advisories/30298\nhttp://secunia.com/secunia_research/2008-22/advisory/\nhttp://secunia.com/secunia_research/2008-23/advisory/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://secunia.com/secunia_research/2008-22/advisory/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3030062b\"\n );\n # http://secunia.com/secunia_research/2008-23/advisory/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c11842bd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448541\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/010922.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13f017fe\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"evolution-2.10.3-10.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:52:23", "description": "The remote host is affected by the vulnerability described in GLSA-200806-06\n(Evolution: User-assisted execution of arbitrary code)\n\n Alin Rad Pop (Secunia Research) reported two vulnerabilities in\n Evolution:\n A boundary error exists when parsing overly long timezone strings\n contained within iCalendar attachments and when the ITip formatter is\n disabled (CVE-2008-1108).\n A boundary error exists when replying to an iCalendar request with an\n overly long 'DESCRIPTION' property while in calendar view\n (CVE-2008-1109).\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted\n iCalendar attachment, resulting in the execution of arbitrary code with\n the privileges of the user running Evolution.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "published": "2008-06-18T00:00:00", "title": "GLSA-200806-06 : Evolution: User-assisted execution of arbitrary code", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "modified": "2008-06-18T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:evolution", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200806-06.NASL", "href": "https://www.tenable.com/plugins/nessus/33203", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200806-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33203);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1108\", \"CVE-2008-1109\");\n script_xref(name:\"GLSA\", value:\"200806-06\");\n\n script_name(english:\"GLSA-200806-06 : Evolution: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200806-06\n(Evolution: User-assisted execution of arbitrary code)\n\n Alin Rad Pop (Secunia Research) reported two vulnerabilities in\n Evolution:\n A boundary error exists when parsing overly long timezone strings\n contained within iCalendar attachments and when the ITip formatter is\n disabled (CVE-2008-1108).\n A boundary error exists when replying to an iCalendar request with an\n overly long 'DESCRIPTION' property while in calendar view\n (CVE-2008-1109).\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted\n iCalendar attachment, resulting in the execution of arbitrary code with\n the privileges of the user running Evolution.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200806-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Evolution users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=mail-client/evolution-2.12.3-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"mail-client/evolution\", unaffected:make_list(\"ge 2.12.3-r2\"), vulnerable:make_list(\"lt 2.12.3-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Evolution\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:56:37", "description": "Alin Rad Pop of Secunia Research discovered that Evolution did not\nproperly validate timezone data when processing iCalendar attachments.\nIf a user disabled the ITip Formatter plugin and viewed a crafted\niCalendar attachment, an attacker could cause a denial of service or\npossibly execute code with user privileges. Note that the ITip\nFormatter plugin is enabled by default in Ubuntu. (CVE-2008-1108)\n\nAlin Rad Pop of Secunia Research discovered that Evolution did not\nproperly validate the DESCRIPTION field when processing iCalendar\nattachments. If a user were tricked into accepting a crafted iCalendar\nattachment and replied to it from the calendar window, an attacker\ncode cause a denial of service or execute code with user privileges.\n(CVE-2008-1109)\n\nMatej Cepl discovered that Evolution did not properly validate date\nfields when processing iCalendar attachments. If a user disabled the\nITip Formatter plugin and viewed a crafted iCalendar attachment, an\nattacker could cause a denial of service. Note that the ITip Formatter\nplugin is enabled by default in Ubuntu.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2008-06-09T00:00:00", "title": "Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : evolution vulnerabilities (USN-615-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:evolution", "cpe:/o:canonical:ubuntu_linux:7.10", "p-cpe:/a:canonical:ubuntu_linux:evolution-plugins-experimental", "p-cpe:/a:canonical:ubuntu_linux:evolution-plugins", "p-cpe:/a:canonical:ubuntu_linux:evolution-dev", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:evolution-common", "cpe:/o:canonical:ubuntu_linux:7.04", "p-cpe:/a:canonical:ubuntu_linux:evolution-dbg", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-615-1.NASL", "href": "https://www.tenable.com/plugins/nessus/33124", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-615-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(33124);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/08/02 13:33:02\");\n\n script_cve_id(\"CVE-2008-1108\", \"CVE-2008-1109\");\n script_xref(name:\"USN\", value:\"615-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : evolution vulnerabilities (USN-615-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alin Rad Pop of Secunia Research discovered that Evolution did not\nproperly validate timezone data when processing iCalendar attachments.\nIf a user disabled the ITip Formatter plugin and viewed a crafted\niCalendar attachment, an attacker could cause a denial of service or\npossibly execute code with user privileges. Note that the ITip\nFormatter plugin is enabled by default in Ubuntu. (CVE-2008-1108)\n\nAlin Rad Pop of Secunia Research discovered that Evolution did not\nproperly validate the DESCRIPTION field when processing iCalendar\nattachments. If a user were tricked into accepting a crafted iCalendar\nattachment and replied to it from the calendar window, an attacker\ncode cause a denial of service or execute code with user privileges.\n(CVE-2008-1109)\n\nMatej Cepl discovered that Evolution did not properly validate date\nfields when processing iCalendar attachments. If a user disabled the\nITip Formatter plugin and viewed a crafted iCalendar attachment, an\nattacker could cause a denial of service. Note that the ITip Formatter\nplugin is enabled by default in Ubuntu.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/615-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evolution-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evolution-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evolution-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evolution-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evolution-plugins-experimental\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"evolution\", pkgver:\"2.6.1-0ubuntu7.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"evolution-dbg\", pkgver:\"2.6.1-0ubuntu7.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"evolution-dev\", pkgver:\"2.6.1-0ubuntu7.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"evolution-plugins\", pkgver:\"2.6.1-0ubuntu7.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"evolution\", pkgver:\"2.10.1-0ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"evolution-common\", pkgver:\"2.10.1-0ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"evolution-dbg\", pkgver:\"2.10.1-0ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"evolution-dev\", pkgver:\"2.10.1-0ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"evolution-plugins\", pkgver:\"2.10.1-0ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"evolution-plugins-experimental\", pkgver:\"2.10.1-0ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"evolution\", pkgver:\"2.12.1-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"evolution-common\", pkgver:\"2.12.1-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"evolution-dbg\", pkgver:\"2.12.1-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"evolution-dev\", pkgver:\"2.12.1-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"evolution-plugins\", pkgver:\"2.12.1-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"evolution-plugins-experimental\", pkgver:\"2.12.1-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"evolution\", pkgver:\"2.22.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"evolution-common\", pkgver:\"2.22.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"evolution-dbg\", pkgver:\"2.22.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"evolution-dev\", pkgver:\"2.22.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"evolution-plugins\", pkgver:\"2.22.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"evolution-plugins-experimental\", pkgver:\"2.22.2-0ubuntu1.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution / evolution-common / evolution-dbg / evolution-dev / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:20", "description": "Updated evolution28 packages that address two buffer overflow\nvulnerabilities are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If the Itip Formatter plug-in was disabled and a user\nopened a mail with a carefully crafted iCalendar attachment, arbitrary\ncode could be executed as the user running Evolution. (CVE-2008-1108)\n\nNote: the Itip Formatter plug-in, which allows calendar information\n(attachments with a MIME type of 'text/calendar') to be displayed as\npart of the e-mail message, is enabled by default.\n\nA heap-based buffer overflow flaw was found in the way Evolution\nparsed iCalendar attachments with an overly long 'DESCRIPTION'\nproperty string. If a user responded to a carefully crafted iCalendar\nattachment in a particular way, arbitrary code could be executed as\nthe user running Evolution. (CVE-2008-1109).\n\nThe particular response required to trigger this vulnerability was as\nfollows :\n\n1. Receive the carefully crafted iCalendar attachment. 2. Accept the\nassociated meeting. 3. Open the calender the meeting was in. 4. Reply\nto the sender.\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing these issues.\n\nAll Evolution users should upgrade to these updated packages, which\ncontain backported patches which resolves these issues.", "edition": 27, "published": "2008-06-09T00:00:00", "title": "CentOS 4 : evolution28 (CESA-2008:0515)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "modified": "2008-06-09T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:evolution28-devel", "p-cpe:/a:centos:centos:evolution28"], "id": "CENTOS_RHSA-2008-0515.NASL", "href": "https://www.tenable.com/plugins/nessus/33110", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0515 and \n# CentOS Errata and Security Advisory 2008:0515 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33110);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1108\", \"CVE-2008-1109\");\n script_bugtraq_id(29527);\n script_xref(name:\"RHSA\", value:\"2008:0515\");\n\n script_name(english:\"CentOS 4 : evolution28 (CESA-2008:0515)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated evolution28 packages that address two buffer overflow\nvulnerabilities are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If the Itip Formatter plug-in was disabled and a user\nopened a mail with a carefully crafted iCalendar attachment, arbitrary\ncode could be executed as the user running Evolution. (CVE-2008-1108)\n\nNote: the Itip Formatter plug-in, which allows calendar information\n(attachments with a MIME type of 'text/calendar') to be displayed as\npart of the e-mail message, is enabled by default.\n\nA heap-based buffer overflow flaw was found in the way Evolution\nparsed iCalendar attachments with an overly long 'DESCRIPTION'\nproperty string. If a user responded to a carefully crafted iCalendar\nattachment in a particular way, arbitrary code could be executed as\nthe user running Evolution. (CVE-2008-1109).\n\nThe particular response required to trigger this vulnerability was as\nfollows :\n\n1. Receive the carefully crafted iCalendar attachment. 2. Accept the\nassociated meeting. 3. Open the calender the meeting was in. 4. Reply\nto the sender.\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing these issues.\n\nAll Evolution users should upgrade to these updated packages, which\ncontain backported patches which resolves these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014956.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e8d2b296\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014966.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e045d2c8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/014967.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2718cd66\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution28 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evolution28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evolution28-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"evolution28-2.8.0-53.el4_6.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"evolution28-devel-2.8.0-53.el4_6.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution28 / evolution28-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:10", "description": "From Red Hat Security Advisory 2008:0515 :\n\nUpdated evolution28 packages that address two buffer overflow\nvulnerabilities are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If the Itip Formatter plug-in was disabled and a user\nopened a mail with a carefully crafted iCalendar attachment, arbitrary\ncode could be executed as the user running Evolution. (CVE-2008-1108)\n\nNote: the Itip Formatter plug-in, which allows calendar information\n(attachments with a MIME type of 'text/calendar') to be displayed as\npart of the e-mail message, is enabled by default.\n\nA heap-based buffer overflow flaw was found in the way Evolution\nparsed iCalendar attachments with an overly long 'DESCRIPTION'\nproperty string. If a user responded to a carefully crafted iCalendar\nattachment in a particular way, arbitrary code could be executed as\nthe user running Evolution. (CVE-2008-1109).\n\nThe particular response required to trigger this vulnerability was as\nfollows :\n\n1. Receive the carefully crafted iCalendar attachment. 2. Accept the\nassociated meeting. 3. Open the calender the meeting was in. 4. Reply\nto the sender.\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing these issues.\n\nAll Evolution users should upgrade to these updated packages, which\ncontain backported patches which resolves these issues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 : evolution28 (ELSA-2008-0515)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:evolution28-devel", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:evolution28"], "id": "ORACLELINUX_ELSA-2008-0515.NASL", "href": "https://www.tenable.com/plugins/nessus/67704", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0515 and \n# Oracle Linux Security Advisory ELSA-2008-0515 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67704);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1108\", \"CVE-2008-1109\");\n script_bugtraq_id(29527);\n script_xref(name:\"RHSA\", value:\"2008:0515\");\n\n script_name(english:\"Oracle Linux 4 : evolution28 (ELSA-2008-0515)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0515 :\n\nUpdated evolution28 packages that address two buffer overflow\nvulnerabilities are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nEvolution is the integrated collection of e-mail, calendaring, contact\nmanagement, communications and personal information management (PIM)\ntools for the GNOME desktop environment.\n\nA flaw was found in the way Evolution parsed iCalendar timezone\nattachment data. If the Itip Formatter plug-in was disabled and a user\nopened a mail with a carefully crafted iCalendar attachment, arbitrary\ncode could be executed as the user running Evolution. (CVE-2008-1108)\n\nNote: the Itip Formatter plug-in, which allows calendar information\n(attachments with a MIME type of 'text/calendar') to be displayed as\npart of the e-mail message, is enabled by default.\n\nA heap-based buffer overflow flaw was found in the way Evolution\nparsed iCalendar attachments with an overly long 'DESCRIPTION'\nproperty string. If a user responded to a carefully crafted iCalendar\nattachment in a particular way, arbitrary code could be executed as\nthe user running Evolution. (CVE-2008-1109).\n\nThe particular response required to trigger this vulnerability was as\nfollows :\n\n1. Receive the carefully crafted iCalendar attachment. 2. Accept the\nassociated meeting. 3. Open the calender the meeting was in. 4. Reply\nto the sender.\n\nRed Hat would like to thank Alin Rad Pop of Secunia Research for\nresponsibly disclosing these issues.\n\nAll Evolution users should upgrade to these updated packages, which\ncontain backported patches which resolves these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000627.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evolution28 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:evolution28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:evolution28-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"evolution28-2.8.0-53.0.1.el4_6.3\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"evolution28-devel-2.8.0-53.0.1.el4_6.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evolution28 / evolution28-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T01:34:54", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "description": "Alin Rad Pop of Secunia Research discovered that Evolution did not \nproperly validate timezone data when processing iCalendar attachments. \nIf a user disabled the ITip Formatter plugin and viewed a crafted \niCalendar attachment, an attacker could cause a denial of service or \npossibly execute code with user privileges. Note that the ITip \nFormatter plugin is enabled by default in Ubuntu. (CVE-2008-1108)\n\nAlin Rad Pop of Secunia Research discovered that Evolution did not \nproperly validate the DESCRIPTION field when processing iCalendar \nattachments. If a user were tricked into accepting a crafted \niCalendar attachment and replied to it from the calendar window, an \nattacker code cause a denial of service or execute code with user \nprivileges. (CVE-2008-1109)\n\nMatej Cepl discovered that Evolution did not properly validate date \nfields when processing iCalendar attachments. If a user disabled the \nITip Formatter plugin and viewed a crafted iCalendar attachment, an \nattacker could cause a denial of service. Note that the ITip \nFormatter plugin is enabled by default in Ubuntu.", "edition": 5, "modified": "2008-06-06T00:00:00", "published": "2008-06-06T00:00:00", "id": "USN-615-1", "href": "https://ubuntu.com/security/notices/USN-615-1", "title": "Evolution vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:52", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "description": "### Background\n\nEvolution is the mail client of the GNOME desktop environment. \n\n### Description\n\nAlin Rad Pop (Secunia Research) reported two vulnerabilities in Evolution: \n\n * A boundary error exists when parsing overly long timezone strings contained within iCalendar attachments and when the ITip formatter is disabled (CVE-2008-1108).\n * A boundary error exists when replying to an iCalendar request with an overly long \"DESCRIPTION\" property while in calendar view (CVE-2008-1109). \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted iCalendar attachment, resulting in the execution of arbitrary code with the privileges of the user running Evolution. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Evolution users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/evolution-2.12.3-r2\"", "edition": 1, "modified": "2008-06-16T00:00:00", "published": "2008-06-16T00:00:00", "id": "GLSA-200806-06", "href": "https://security.gentoo.org/glsa/200806-06", "type": "gentoo", "title": "Evolution: User-assisted execution of arbitrary code", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:14:56", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1109", "CVE-2008-1108"], "description": "Multiple buffer overflows have been fixed in Evolution.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-06-13T16:03:48", "published": "2008-06-13T16:03:48", "id": "SUSE-SA:2008:028", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00003.html", "title": "remote code execution in evolution", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1108", "CVE-2008-1109"], "description": "Evolution is the GNOME mailer, calendar, contact manager and communications tool. The components which make up Evolution are tightly integrated with one another and act as a seamless personal information-management tool. ", "modified": "2008-06-06T07:48:27", "published": "2008-06-06T07:48:27", "id": "FEDORA:M567LK8G016011", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: evolution-2.22.2-2.fc9", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0072", "CVE-2008-1108", "CVE-2008-1109"], "description": "Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool. ", "modified": "2008-06-06T07:50:16", "published": "2008-06-06T07:50:16", "id": "FEDORA:M567MTTP016202", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: evolution-2.10.3-10.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0072", "CVE-2008-1108", "CVE-2008-1109"], "description": "Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool. ", "modified": "2008-06-06T07:49:59", "published": "2008-06-06T07:49:59", "id": "FEDORA:M567MTTM016202", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: evolution-2.12.3-5.fc8", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
