124 matches found
CVE-2013-4166
The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...
CentOS Update for evolution28-evolution-data-server CESA-2009:0354 centos4 i386
Check for the Version of evolution28-evolution-data-server OpenVAS Vulnerability Test CentOS Update for evolution28-evolution-data-server CESA-2009:0354 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
CentOS 4 : evolution / evolution-data-server (CESA-2009:0355)
Updated evolution and evolution-data-server packages that fixes multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the integrated collection of e-mail,...
CentOS 4 : evolution-data-server (CESA-2009:0354)
Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution Data Server provide...
Evolution Data Server multiple security vulnerabilities
Signature spoofing, DoS, process memory disclosure, integer overflows...
Fedora Core 9 FEDORA-2009-2792 (evolution-data-server)
The remote host is missing an update to evolution-data-server announced via advisory FEDORA-2009-2792. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...
RedHat Security Advisory RHSA-2009:0354
The remote host is missing updates announced in advisory RHSA-2009:0354. Evolution Data Server provides a unified back-end for applications which interact with contacts, task, and calendar information. Evolution Data Server was originally developed as a back-end for Evolution, but is now used by...
RedHat Security Advisory RHSA-2009:0354
The remote host is missing updates announced in advisory RHSA-2009:0354. Evolution Data Server provides a unified back-end for applications which interact with contacts, task, and calendar information. Evolution Data Server was originally developed as a back-end for Evolution, but is now used by...
Fedora 9 : evolution-data-server-2.22.3-3.fc9 (2009-2792)
This update fixes two security issues: Evolution Data Server did not properly check the Secure/Multipurpose Internet Mail Extensions S/MIME signatures used for public key encryption and signing of e-mail messages. An attacker could use this flaw to spoof a signature by modifying the text of the...
Evolution Data Server Detection (Linux/Unix SSH Login)
Detects the installed version of Evolution. The script logs in via ssh, searches for executable SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
evolution28 security update
CentOS Errata and Security Advisory CESA-2009:0354 Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat...
Evolution Data Server ntlm_challenge()内存内容泄露漏洞
BUGTRAQ ID: 34109 CVECAN ID: CVE-2009-0582 Evolution Data Server为地址簿、日历事件等常见的桌面信息提供单一的服务器。 Evolution Data Server所捆绑的Camel库没有正确地处理NTLM SASL报文。在camel/camel-sasl-ntlm.c的ntlmchallenge函数中,没有对从type 2拷贝到type 3报文(客户端对服务器挑战的响应)的域字符串长度验证从服务器所接收到的剩余数据: 127 ntlmsetstring ret, NTLMRESPONSEDOMAINOFFSET, 128...
evolution-data-server: integer overflow in base64 encoding functions
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...
evolution-data-server: insufficient checking of NTLM authentication challenge packets
The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...
evolution-data-server: S/MIME signatures are considered to be valid even for modified messages (MITM)
Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077...
Moderate: Red Hat Security Advisory: evolution and evolution-data-server security update
Updated evolution and evolution-data-server packages that fixes multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the integrated collection of e-mail,...
evolution-data-server: integer overflow in base64 encoding functions
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...
evolution-data-server: insufficient checking of NTLM authentication challenge packets
The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...
Moderate: Red Hat Security Advisory: evolution-data-server security update
Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution Data Server provide...
DEBIAN-CVE-2009-0587
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...