Fedora Core 10 FEDORA-2009-2784 (evolution-data-server)

The remote host is missing an update to evolution-data-server announced via advisory FEDORA-2009-2784. OpenVAS Vulnerability Test $Id: fcore20092784.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-2784 evolution-data-server Authors: Thomas Reinke...

Ubuntu USN-733-1 (evolution-data-server)

The remote host is missing an update to evolution-data-server announced via advisory USN-733-1. OpenVAS Vulnerability Test $Id: ubuntu7331.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7331.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-733-1...

RedHat Security Advisory RHSA-2009:0354

The remote host is missing updates announced in advisory RHSA-2009:0354. Evolution Data Server provides a unified back-end for applications which interact with contacts, task, and calendar information. Evolution Data Server was originally developed as a back-end for Evolution, but is now used by...

RedHat Security Advisory RHSA-2009:0354

The remote host is missing updates announced in advisory RHSA-2009:0354. Evolution Data Server provides a unified back-end for applications which interact with contacts, task, and calendar information. Evolution Data Server was originally developed as a back-end for Evolution, but is now used by...

Fedora Core 9 FEDORA-2009-2792 (evolution-data-server)

The remote host is missing an update to evolution-data-server announced via advisory FEDORA-2009-2792. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...

Fedora 9 : evolution-data-server-2.22.3-3.fc9 (2009-2792)

This update fixes two security issues: Evolution Data Server did not properly check the Secure/Multipurpose Internet Mail Extensions S/MIME signatures used for public key encryption and signing of e-mail messages. An attacker could use this flaw to spoof a signature by modifying the text of the...

Ubuntu: Security Advisory (USN-733-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 9 Update: evolution-data-server-2.22.3-3.fc9

The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...

[SECURITY] Fedora 10 Update: evolution-data-server-2.24.5-4.fc10

The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...

Evolution Data Server Detection (Linux/Unix SSH Login)

Detects the installed version of Evolution. The script logs in via ssh, searches for executable SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

evolution28 security update

CentOS Errata and Security Advisory CESA-2009:0354 Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat...

RHEL 4 / 5 : evolution-data-server (RHSA-2009:0354)

Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution Data Server provide...

RHEL 4 : evolution and evolution-data-server (RHSA-2009:0355)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:0355 advisory. Evolution is the integrated collection of e-mail, calendaring, contact management, communications, and personal information management PIM...

Evolution Data Server ntlm_challenge()内存内容泄露漏洞

BUGTRAQ ID: 34109 CVECAN ID: CVE-2009-0582 Evolution Data Server为地址簿、日历事件等常见的桌面信息提供单一的服务器。 Evolution Data Server所捆绑的Camel库没有正确地处理NTLM SASL报文。在camel/camel-sasl-ntlm.c的ntlmchallenge函数中，没有对从type 2拷贝到type 3报文（客户端对服务器挑战的响应）的域字符串长度验证从服务器所接收到的剩余数据： 127 ntlmsetstring ret, NTLMRESPONSEDOMAINOFFSET, 128...

USN-733-1: evolution-data-server vulnerability

It was discovered that the Base64 encoding functions in evolution-data-server did not properly handle large strings. If a user were tricked into opening a specially crafted image file, or tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user...

evolution-data-server: insufficient checking of NTLM authentication challenge packets

The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...

evolution-data-server: integer overflow in base64 encoding functions

Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...

evolution-data-server: S/MIME signatures are considered to be valid even for modified messages (MITM)

Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077...

evolution-data-server: integer overflow in base64 encoding functions

Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...

evolution-data-server: insufficient checking of NTLM authentication challenge packets

The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...