Lucene search
GoogleOSV:DSA-1813-1HistoryJun 08, 2009 - 12:00 a.m.
evolution-data-server - several vulnerabilities
2009-06-0800:00:00
Google
osv.dev
14
EPSS
0.018
Percentile
88.2%
Several vulnerabilities have been found in evolution-data-server, the
database backend server for the evolution groupware suite. The Common
Vulnerabilities and Exposures project identifies the following problems:
- CVE-2009-0587
It was discovered that evolution-data-server is prone to integer
overflows triggered by large base64 strings. - CVE-2009-0547
Joachim Breitner discovered that S/MIME signatures are not verified
properly, which can lead to spoofing attacks. - CVE-2009-0582
It was discovered that NTLM authentication challenge packets are not
validated properly when using the NTLM authentication method, which
could lead to an information disclosure or a denial of service.
For the oldstable distribution (etch), these problems have been fixed in
version 1.6.3-5etch2.
For the stable distribution (lenny), these problems have been fixed in
version 2.22.3-1.1+lenny1.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 2.26.1.1-1.
We recommend that you upgrade your evolution-data-server packages.
References
Related
debian
debian
openvas
openvas
Debian Security Advisory DSA 1813-1 (evolution-data-server)
2009-06-09 00:00:00
CentOS Security Advisory CESA-2009:0354 (evolution-data-server)
2009-05-25 00:00:00
RedHat Security Advisory RHSA-2009:0355
2009-03-20 00:00:00
redhat
redhat
(RHSA-2009:0354) Moderate: evolution-data-server security update
2009-03-16 00:00:00
(RHSA-2009:0358) Moderate: evolution security update
2009-03-16 00:00:00
nessus
nessus
RHEL 4 / 5 : evolution-data-server (RHSA-2009:0354)
2009-03-17 00:00:00
Mandriva Linux Security Advisory : evolution-data-server (MDVSA-2009:078)
2009-04-23 00:00:00
CentOS 4 : evolution / evolution-data-server (CESA-2009:0355)
2009-05-26 00:00:00
oraclelinux
oraclelinux
evolution and evolution-data-server security update
2009-03-16 00:00:00
evolution-data-server security update
2009-03-16 00:00:00
evolution security update
2009-03-16 00:00:00
securityvulns
securityvulns
Evolution Data Server multiple security vulnerabilities
2009-03-24 00:00:00
[ MDVSA-2009:078 ] evolution-data-server
2009-03-24 00:00:00
glib library memory corruption
2009-03-15 00:00:00
centos
centos
evolution security update
2009-03-17 17:18:35
evolution28 security update
2009-03-17 17:19:33
evolution security update
2009-03-17 09:02:02
fedora
fedora
[SECURITY] Fedora 10 Update: evolution-data-server-2.24.5-4.fc10
2009-03-18 18:59:58
[SECURITY] Fedora 9 Update: evolution-data-server-2.22.3-3.fc9
2009-03-18 19:01:39
ubuntucve
ubuntucve
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:31:26
Denial Of Service (DoS)
2020-04-10 00:31:25
Signature Spoofing
2020-04-10 00:31:25
nvd
nvd
cvelist
cvelist
debiancve
debiancve
ubuntu
ubuntu
evolution-data-server vulnerability
2009-03-16 00:00:00
cve
cve
prion
prion
Integer overflow
2009-03-14 18:30:00
Authentication flaw
2009-03-14 18:30:00
Design/Logic Flaw
2009-02-12 23:30:00
seebug
seebug
Evolution Data Server ntlm_challenge()ĺ
ĺĺ
厚ćłé˛ćźć´
2009-03-17 00:00:00
GNOME glib Base64çźç 解ç ĺ¤ä¸Şć´ć°ćş˘ĺşćźć´
2009-03-14 00:00:00