367 matches found
[SECURITY] Fedora 9 Update: evolution-data-server-2.22.3-3.fc9
The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...
[SECURITY] Fedora 10 Update: evolution-data-server-2.24.5-4.fc10
The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...
Evolution Data Server Detection (Linux/Unix SSH Login)
Detects the installed version of Evolution. The script logs in via ssh, searches for executable SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
evolution28 security update
CentOS Errata and Security Advisory CESA-2009:0354 Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat...
RHEL 4 : evolution and evolution-data-server (RHSA-2009:0355)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:0355 advisory. Evolution is the integrated collection of e-mail, calendaring, contact management, communications, and personal information management PIM...
RHEL 4 / 5 : evolution-data-server (RHSA-2009:0354)
Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution Data Server provide...
Evolution Data Server ntlm_challenge()内存内容泄露漏洞
BUGTRAQ ID: 34109 CVECAN ID: CVE-2009-0582 Evolution Data Server为地址簿、日历事件等常见的桌面信息提供单一的服务器。 Evolution Data Server所捆绑的Camel库没有正确地处理NTLM SASL报文。在camel/camel-sasl-ntlm.c的ntlmchallenge函数中,没有对从type 2拷贝到type 3报文(客户端对服务器挑战的响应)的域字符串长度验证从服务器所接收到的剩余数据: 127 ntlmsetstring ret, NTLMRESPONSEDOMAINOFFSET, 128...
USN-733-1: evolution-data-server vulnerability
It was discovered that the Base64 encoding functions in evolution-data-server did not properly handle large strings. If a user were tricked into opening a specially crafted image file, or tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user...
evolution-data-server: insufficient checking of NTLM authentication challenge packets
The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...
evolution-data-server: integer overflow in base64 encoding functions
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...
evolution-data-server: S/MIME signatures are considered to be valid even for modified messages (MITM)
Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077...
evolution-data-server: integer overflow in base64 encoding functions
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...
evolution-data-server: insufficient checking of NTLM authentication challenge packets
The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...
Moderate: Red Hat Security Advisory: evolution and evolution-data-server security update
Updated evolution and evolution-data-server packages that fixes multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is the integrated collection of e-mail,...
evolution-data-server: integer overflow in base64 encoding functions
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...
Moderate: Red Hat Security Advisory: evolution-data-server security update
Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution Data Server provide...
evolution-data-server: insufficient checking of NTLM authentication challenge packets
The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...
evolution and evolution-data-server security update
evolution: 2.0.2-41.el47.2 - Add patch for RH bug 488439 CVE-2009-0547, S/MIME signatures. 2.0.2-41.el47.1 - Add patch for RH bug 488439 CVE-2009-0582, NTLM authentication. - Add patch for RH bug 488439 CVE-2009-0587, Base64 encoding. evolution-data-server: 1.0.2-14.el47.1 - Add patch for RH bug...
CVE-2009-0587
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...
DEBIAN-CVE-2009-0582
The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...