Lucene search
+L

4 matches found

nessus
nessus
added 2009/09/24 12:0 a.m.30 views

SuSE 10 Security Update : evolution-data-server (ZYPP Patch Number 6166)

camel's NTLM SASL authentication mechanism as used by evolution did not properly validate server's challenge packets. CVE-2009-0582 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.8CVSS5.3AI score0.02269EPSS
Exploits1References2
seebug
seebug
added 2009/03/17 12:0 a.m.38 views

Evolution Data Server ntlm_challenge()内存内容泄露漏洞

BUGTRAQ ID: 34109 CVECAN ID: CVE-2009-0582 Evolution Data Server为地址簿、日历事件等常见的桌面信息提供单一的服务器。 Evolution Data Server所捆绑的Camel库没有正确地处理NTLM SASL报文。在camel/camel-sasl-ntlm.c的ntlmchallenge函数中,没有对从type 2拷贝到type 3报文(客户端对服务器挑战的响应)的域字符串长度验证从服务器所接收到的剩余数据: 127 ntlmsetstring ret, NTLMRESPONSEDOMAINOFFSET, 128...

5.8CVSS0.4AI score0.02269EPSS
Exploits1
ubuntucve
ubuntucve
added 2009/03/14 6:30 p.m.32 views

CVE-2009-0582

The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...

5.8CVSS5.9AI score0.02269EPSS
Exploits1References2
debiancve
debiancve
added 2009/03/14 6:0 p.m.37 views

CVE-2009-0582

The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...

5.8CVSS6.3AI score0.02269EPSS
Exploits1
Rows per page
Query Builder