RHSA-2007:0344

Executive Summary

Summary
Title	evolution-data-server security update

Informations
Name	RHSA-2007:0344	First vendor Publication	2007-05-30
Vendor	RedHat	Last vendor Modification	2007-05-30
Severity (Vendor)	Moderate	Revision	01

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:N/A:N)
Cvss Base Score	2.6	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	High
Cvss Expoit Score	4.9	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated evolution-data-server package that fixes a security bug are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

The evolution-data-server package provides a unified backend for programs
that work with contacts, tasks, and calendar information.

A flaw was found in the way evolution-data-server processed certain APOP
authentication requests. By sending certain responses when
evolution-data-server attempted to authenticate against an APOP server, a
remote attacker could potentially acquire certain portions of a user's
authentication credentials. (CVE-2007-1558)

All users of evolution-data-server should upgrade to these updated
packages, which contain a backported patch which resolves this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

235289 - CVE-2007-1558 Evolution APOP information disclosure

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2007-0344.html

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9782

Oval ID:	oval:org.mitre.oval:def:9782
Title:	The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
Description:	The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-1558	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section seamonkey-nspr is earlier than 0:1.0.9-0.1.el3 AND seamonkey-js-debugger is earlier than 0:1.0.9-0.1.el3 AND seamonkey-nss-devel is earlier than 0:1.0.9-0.1.el3 AND seamonkey is earlier than 0:1.0.9-0.1.el3 AND seamonkey-nspr-devel is earlier than 0:1.0.9-0.1.el3 AND evolution is earlier than 0:1.4.5-20.el3 AND seamonkey-mail is earlier than 0:1.0.9-0.1.el3 AND fetchmail is earlier than 0:6.2.0-3.el3.4 AND mutt is earlier than 5:1.4.1-5.el3 AND seamonkey-chat is earlier than 0:1.0.9-0.1.el3 AND seamonkey-nss is earlier than 0:1.0.9-0.1.el3 AND seamonkey-devel is earlier than 0:1.0.9-0.1.el3 AND seamonkey-dom-inspector is earlier than 0:1.0.9-0.1.el3 AND evolution-devel is earlier than 0:1.4.5-20.el3 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section seamonkey-js-debugger is earlier than 0:1.0.9-2.el4 AND seamonkey-nss-devel is earlier than 0:1.0.9-2.el4 AND irb is earlier than 0:1.8.1-7.el4_8.3 AND seamonkey-nss is earlier than 0:1.0.9-2.el4 AND devhelp-devel is earlier than 0:0.10-0.8.el4 AND ruby-docs is earlier than 0:1.8.1-7.el4_8.3 AND ruby-mode is earlier than 0:1.8.1-7.el4_8.3 AND seamonkey-nspr is earlier than 0:1.0.9-2.el4 AND ruby-devel is earlier than 0:1.8.1-7.el4_8.3 AND thunderbird is earlier than 0:1.5.0.12-0.1.el4 AND ruby is earlier than 0:1.8.1-7.el4_8.3 AND ruby-libs is earlier than 0:1.8.1-7.el4_8.3 AND seamonkey is earlier than 0:1.0.9-2.el4 AND seamonkey-nspr-devel is earlier than 0:1.0.9-2.el4 AND devhelp is earlier than 0:0.10-0.8.el4 AND evolution is earlier than 0:2.0.2-35.0.2.el4 AND seamonkey-mail is earlier than 0:1.0.9-2.el4 AND mutt is earlier than 5:1.4.1-12.0.3.el4 AND fetchmail is earlier than 0:6.2.5-6.0.1.el4 AND ruby-tcltk is earlier than 0:1.8.1-7.el4_8.3 AND seamonkey-chat is earlier than 0:1.0.9-2.el4 AND seamonkey-devel is earlier than 0:1.0.9-2.el4 AND seamonkey-dom-inspector is earlier than 0:1.0.9-2.el4 AND evolution-devel is earlier than 0:2.0.2-35.0.2.el4 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section ruby-ri is earlier than 0:1.8.5-5.el5_3.7 AND ruby-mode is earlier than 0:1.8.5-5.el5_3.7 AND ruby-docs is earlier than 0:1.8.5-5.el5_3.7 AND ruby-devel is earlier than 0:1.8.5-5.el5_3.7 AND thunderbird is earlier than 0:1.5.0.12-1.el5 AND ruby is earlier than 0:1.8.5-5.el5_3.7 AND ruby-libs is earlier than 0:1.8.5-5.el5_3.7 AND evolution-data-server-devel is earlier than 0:1.8.0-15.0.3.el5 AND evolution-data-server is earlier than 0:1.8.0-15.0.3.el5 AND fetchmail is earlier than 0:6.3.6-1.0.1.el5 AND mutt is earlier than 5:1.4.2.2-3.0.2.el5 AND ruby-tcltk is earlier than 0:1.8.5-5.el5_3.7 AND ruby-rdoc is earlier than 0:1.8.5-5.el5_3.7 AND ruby-irb is earlier than 0:1.8.5-5.el5_3.7

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apop Protocol Apop Protocol cpe:/a:apop_protocol:apop_protocol	1

Open Source Vulnerability Database (OSVDB)

id	Description
34856	APOP Protocol MiTM Crafted IDs/MD5 Collision Cleartext Password Fragment Disc...

Type	Count
Oval ID(s)	1
CPE ID(s)	1
osvdb(s)	1

Related	Severity
CVE-2007-1558	(Low)

Same Subject	Severity
Login to view 9 more Alert(s)

RHSA-2007:0344

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU