374 matches found
Ubuntu 6.06 LTS / 6.10 / 7.04 : evolution-data-server vulnerability (USN-475-1)
Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from...
openSUSE 10 Security Update : evolution-data-server (evolution-data-server-3825)
A malicious IMAP server could execute code within evolution by sending a malformed response to a SEQUENCE command. CVE-2007-3257 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
SUSE-SA:2007:042: evolution,evolution-data-server
The remote host is missing the patch for the advisory SUSE-SA:2007:042 evolution,evolution-data-server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:042 if ! definedfunc"bnrandom" exit0;...
Debian DSA-1325-1 : evolution - several vulnerabilities
Several remote vulnerabilities have been discovered in Evolution, a groupware suite with mail client and organizer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1002 Ulf Harnhammar discovered that a format string vulnerability in the handling of...
Evolution: User-assisted remote execution of arbitrary code
Background Evolution is the mail client of the GNOME desktop environment. Camel is the Evolution Data Server module that handles mail functions. Description The imaprescan function of the file camel-imap-folder.c does not properly sanitize the "SEQUENCE" response sent by an IMAP server before bei...
Debian DSA-1321-1 : evolution-data-server - programming error
It was discovered that the IMAP code in the Evolution Data Server performs insufficient sanitising of a value later used an array index, which can lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
Fedora Core 5 : evolution-data-server-1.6.3-5.fc5 (2007-595)
This update fixes a security flaw in Evolution's IMAP module. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
[SECURITY] Fedora Core 6 Update: evolution-data-server-1.8.3-7.fc6
The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...
[SECURITY] Fedora Core 5 Update: evolution-data-server-1.6.3-5.fc5
The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...
evolution security update
CentOS Errata and Security Advisory CESA-2007:0510 Updated evolution-data-server package that fixes a security bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The evolution-data-server...
RHEL 5 : evolution-data-server (RHSA-2007:0510)
Updated evolution-data-server package that fixes a security bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The evolution-data-server package provides a unified backend for programs that wo...
FreeBSD : evolution-data-server -- remote execution of arbitrary code vulnerability (b1b5c125-2308-11dc-b91a-001921ab2fa4)
Debian project reports : It was discovered that the IMAP code in the Evolution Data Server performs insufficient sanitising of a value later used an array index, which can lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
CentOS 5 : evolution-data-server (CESA-2007:0510)
Updated evolution-data-server package that fixes a security bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The evolution-data-server package provides a unified backend for programs that wo...
Moderate: evolution-data-server security update
1.8.0-15.0.3.el5 - Add patch for RH bug 235289 APOP authentication vulnerability. 1.8.0-15.0.2.el5 - Remove Makefile.in changes that accidentally slipped into the patch. 1.8.0-15.0.1.el5 - Add patch for RH bug 229707 timezone updates...
Important: evolution-data-server security update
1.8.0-15.0.4.el5 - Add patch for RH bug 244293 Camel IMAP security flaw...
evolution malicious server arbitrary code execution
Camel camel-imap-folder.c in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index...
evolution malicious server arbitrary code execution
Camel camel-imap-folder.c in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index...
[SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1321-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 23rd, 2007 http://www.debian.org/security/faq -...
DSA-1321-1 evolution-data-server
Bulletin has no description...
[Full-disclosure] [USN-475-1] evolution-data-server vulnerability
=========================================================== Ubuntu Security Notice USN-475-1 June 21, 2007 evolution-data-server vulnerability CVE-2007-3257 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu...