oval:org.mitre.oval:def:13406

Definition Id: oval:org.mitre.oval:def:13406

Oval ID:	oval:org.mitre.oval:def:13406
Title:	DSA-1813-2 evolution-data-server -- Several vulnerabilities
Description:	The previous update introduced a regression that stopped encrypted and signed S/MIME messages to work properly. Also, there have been other regressions caused by the introduction of an undefined symbol. This update corrects these flaws. For reference the original advisory text is below. Several vulnerabilities have been found in evolution-data-server, the database backend server for the evolution groupware suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0587 It was discovered that evolution-data-server is prone to integer overflows triggered by large base64 strings. CVE-2009-0547 Joachim Breitner discovered that S/MIME signatures are not verified properly, which can lead to spoofing attacks. CVE-2009-0582 It was discovered that NTLM authentication challenge packets are not validated properly when using the NTLM authentication method, which could lead to an information disclosure or a denial of service. For the oldstable distribution, these problems have been fixed in version 1.6.3-5etch3. For the stable distribution, these problems have been fixed in version 2.22.3-1.1+lenny2. For the testing distribution and the unstable distribution , these problems have been fixed in version 2.26.1.1-1. We recommend that you upgrade your evolution-data-server packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1813-2 CVE-2009-0587 CVE-2009-0547 CVE-2009-0582	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	evolution-data-server
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Architecture section Architecture independent section Installed architecture is all AND volution-data-server-common DPKG is earlier than 2.22.3-1.1+lenny2 OR Architecture depended section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section libecal1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libegroupwise1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libebook1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libedataserverui1.2-8 DPKG is earlier than 2.22.3-1.1+lenny2 AND volution-data-server DPKG is earlier than 2.22.3-1.1+lenny2 AND volution-data-server-dbg DPKG is earlier than 2.22.3-1.1+lenny2 AND libedata-cal1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libexchange-storage1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libedata-book1.2-2 DPKG is earlier than 2.22.3-1.1+lenny2 AND libedata-book1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libedataserver1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libedataserver1.2-9 DPKG is earlier than 2.22.3-1.1+lenny2 AND libebook1.2-9 DPKG is earlier than 2.22.3-1.1+lenny2 AND libcamel1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libgdata-google1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libegroupwise1.2-13 DPKG is earlier than 2.22.3-1.1+lenny2 AND volution-data-server-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libexchange-storage1.2-3 DPKG is earlier than 2.22.3-1.1+lenny2 AND libgdata1.2-1 DPKG is earlier than 2.22.3-1.1+lenny2 AND libecal1.2-7 DPKG is earlier than 2.22.3-1.1+lenny2 AND libgdata1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libedataserverui1.2-dev DPKG is earlier than 2.22.3-1.1+lenny2 AND libedata-cal1.2-6 DPKG is earlier than 2.22.3-1.1+lenny2 AND libcamel1.2-11 DPKG is earlier than 2.22.3-1.1+lenny2 AND libgdata-google1.2-1 DPKG is earlier than 2.22.3-1.1+lenny2 OR Release section Debian GNU/Linux 4.0 is installed. AND Architecture section Architecture independent section Installed architecture is all AND volution-data-server-common DPKG is earlier than 1.6.3-5etch3 AND libcamel1.2-8 DPKG is earlier than 1.6.3-5etch3 AND libegroupwise1.2-10 DPKG is earlier than 1.6.3-5etch3 AND libedata-book1.2-2 DPKG is earlier than 1.6.3-5etch3 AND libedata-cal1.2-dev DPKG is earlier than 1.6.3-5etch3 AND libegroupwise1.2-dev DPKG is earlier than 1.6.3-5etch3 AND libebook1.2-5 DPKG is earlier than 1.6.3-5etch3 AND libexchange-storage1.2-1 DPKG is earlier than 1.6.3-5etch3 AND libedataserverui1.2-dev DPKG is earlier than 1.6.3-5etch3 AND libedata-cal1.2-5 DPKG is earlier than 1.6.3-5etch3 AND libebook1.2-dev DPKG is earlier than 1.6.3-5etch3 AND libedata-book1.2-dev DPKG is earlier than 1.6.3-5etch3 AND volution-data-server-dev DPKG is earlier than 1.6.3-5etch3 AND volution-data-server-dbg DPKG is earlier than 1.6.3-5etch3 AND libedataserverui1.2-6 DPKG is earlier than 1.6.3-5etch3 AND libexchange-storage1.2-dev DPKG is earlier than 1.6.3-5etch3 AND volution-data-server DPKG is earlier than 1.6.3-5etch3 AND libedataserver1.2-7 DPKG is earlier than 1.6.3-5etch3 AND libecal1.2-6 DPKG is earlier than 1.6.3-5etch3 AND libcamel1.2-dev DPKG is earlier than 1.6.3-5etch3 AND libecal1.2-dev DPKG is earlier than 1.6.3-5etch3 AND libedataserver1.2-dev DPKG is earlier than 1.6.3-5etch3

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:13406

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:13406

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0409s

Facebook rss twitter linkedin mail