Evolution Data Server ntlm_challenge()内存内容泄露漏洞

BUGTRAQ ID: 34109 CVECAN ID: CVE-2009-0582 Evolution Data Server为地址簿、日历事件等常见的桌面信息提供单一的服务器。 Evolution Data Server所捆绑的Camel库没有正确地处理NTLM SASL报文。在camel/camel-sasl-ntlm.c的ntlmchallenge函数中，没有对从type 2拷贝到type 3报文（客户端对服务器挑战的响应）的域字符串长度验证从服务器所接收到的剩余数据： 127 ntlmsetstring ret, NTLMRESPONSEDOMAINOFFSET, 128...

CVE-2009-0582

The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...

CVE-2009-0582

CVE-2009-0582 concerns Evolution Data Server’s Evolution/evolution-data-server NTLM authentication. The ntlm_challenge function in Camel’s NTLM SASL implementation does not validate that the length field in an NTLM type 2 challenge is consistent with the packet data, allowing a remote server to c...