CVE-2009-0582

2009-03-1418:30:00

CWE-20

redhat

web.nvd.nist.gov

cve

2009

ntlm_challenge

ntlm

sasl

authentication

evolution data server

remote mail servers

denial of service

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

66.4%

JSON

The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount of data in a challenge packet, which allows remote mail servers to read information from the process memory of a client, or cause a denial of service (client crash), via an NTLM authentication type 2 packet with a length value that exceeds the amount of packet data.

Affected configurations

Nvd

Node

gnomeevolution-data-serverRange≤2.24.5

gnomeevolution-data-serverMatch2.25.92

VendorProductVersionCPE
gnomeevolution-data-server*cpe:2.3:a:gnome:evolution-data-server:*:*:*:*:*:*:*:*
gnomeevolution-data-server2.25.92cpe:2.3:a:gnome:evolution-data-server:2.25.92:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gnome	evolution-data-server	*	cpe:2.3:a:gnome:evolution-data-server::::::::
gnome	evolution-data-server	2.25.92	cpe:2.3:a:gnome:evolution-data-server:2.25.92:::::::*