CVE-2005-0806
CVSS5.0
发布时间 :2005-05-02 00:00:00
修订时间 :2010-08-21 00:27:04
NMCOPS    

[原文]Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.


[CNNVD]Novell Evolution未明拒绝服务漏洞(CNNVD-200505-413)

        Evolution 2.0.3允许远程攻击者通过精心编制的消息来引起拒绝服务(应用程序崩溃或挂起)攻击,可能涉及附件文件名中包含的字符集。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10532Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving ch...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0806
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0806
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-413
(官方数据源) CNNVD

- 其它链接及资源

http://www.redhat.com/support/errata/RHSA-2005-397.html
(UNKNOWN)  REDHAT  RHSA-2005:397
http://bugzilla.ximian.com/show_bug.cgi?id=72609
(UNKNOWN)  CONFIRM  http://bugzilla.ximian.com/show_bug.cgi?id=72609
http://www.ubuntulinux.org/support/documentation/usn/usn-166-1
(UNKNOWN)  UBUNTU  USN-166-1
http://www.mandriva.com/security/advisories?name=MDKSA-2005:059
(UNKNOWN)  MANDRAKE  MDKSA-2005:059

- 漏洞信息

Novell Evolution未明拒绝服务漏洞
中危 其他
2005-05-02 00:00:00 2005-10-20 00:00:00
远程  
        Evolution 2.0.3允许远程攻击者通过精心编制的消息来引起拒绝服务(应用程序崩溃或挂起)攻击,可能涉及附件文件名中包含的字符集。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Novell Evolution 2.0.2
        Conectiva evolution-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-2.0.4- 75609U10_5cl.i386.rpm
        Conectiva evolution-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-2.0.4-75609U10_6 cl.i386.rpm
        Conectiva evolution-devel-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-devel- 2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-devel-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-devel-2.0.4-7560 9U10_6cl.i386.rpm
        Conectiva evolution-devel-static-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-devel- static-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-devel-static-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-devel-static-2.0 .4-75609U10_6cl.i386.rpm
        Conectiva evolution-i18n-am-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-a m-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-am-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-am-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-ar-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-a r-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-ar-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-ar-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-az-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-a z-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-az-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-az-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-be-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-b e-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-be-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-be-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-bg-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-b g-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-bg-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-bg-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-bn-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-b n-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-bn-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-bn-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-bs-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-b s-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-bs-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-bs-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-ca-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-c a-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-ca-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-ca-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-cs-2.0.4-75609U10_5cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS.evolution/evolution-i18n-c s-2.0.4-75609U10_5cl.i386.rpm
        Conectiva evolution-i18n-cs-2.0.4-75609U10_6cl.i386.rpm
        Conectiva 10
        ftp://atualizacoes.conectiva.com.br/10/RPMS/evolution-i18n-cs-2.0.4-75 609U10_6cl.i386.rpm
        Conectiva evolution-i18n-cy

- 漏洞信息 (F39232)

Ubuntu Security Notice 166-1 (PacketStormID:F39232)
2005-08-12 00:00:00
Ubuntu  ubuntu.com
advisory,remote,arbitrary,vulnerability
linux,ubuntu
CVE-2005-0806
[点击下载]

Ubuntu Security Notice USN-166-1 - Ulf Harnhammar disovered several format string vulnerabilities in Evolution. By tricking an user into viewing a specially crafted vCard attached to an email, specially crafted contact data from an LDAP server, specially crafted task lists from remote servers, or saving Calendar entries with this malicious task list data, it was possible for an attacker to execute arbitrary code with the privileges of the user running Evolution.

===========================================================
Ubuntu Security Notice USN-166-1	    August 11, 2005
evolution vulnerabilities
http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035922.html
CAN-2005-0806
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

evolution

The problem can be corrected by upgrading the affected package to
version 2.0.2-0ubuntu2.3 (for Ubuntu 4.10), or 2.2.1.1-0ubuntu4.2 (for
Ubuntu 5.04). After performing a standard system upgrade you need to
restart Evolution to effect the necessary changes.

Details follow:

Ulf Harnhammar disovered several format string vulnerabilities in
Evolution. By tricking an user into viewing a specially crafted vCard
attached to an email, specially crafted contact data from an LDAP
server, specially crafted task lists from remote servers, or saving
Calendar entries with this malicious task list data, it was possible
for an attacker to execute arbitrary code with the privileges of the
user running Evolution.

In addition, this update fixes a Denial of Service vulnerability in
the mail attachment parser. This could be exploited to crash Evolution
by tricking an user into opening a malicious email with a specially
crafted attachment file name. This does only affect the Ubuntu 4.10
version, the Evolution package shipped with Ubuntu 5.04 is not
affected. (CAN-2005-0806)

Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.0.2-0ubuntu2.3.diff.gz
      Size/MD5:    52759 1c1f04dc9cd0710f3a61faf0dd029e79
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.0.2-0ubuntu2.3.dsc
      Size/MD5:     1186 74a30392895280e6829a2c2ca2b212ec
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.0.2.orig.tar.gz
      Size/MD5: 20925198 7b3c1b6b7f67c548d7e45bf2ed7abd0f

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution1.5-dev_2.0.2-0ubuntu2.3_all.deb
      Size/MD5:    16794 ab6b14f3a175d166c0e47720f0731f40
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution1.5_2.0.2-0ubuntu2.3_all.deb
      Size/MD5:    39842 a8064117dd789bdc66d3c5b003d55cbb

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.0.2-0ubuntu2.3_amd64.deb
      Size/MD5:   134350 2211b891401b73156d2b27037e20715d
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.0.2-0ubuntu2.3_amd64.deb
      Size/MD5: 10437964 50dc08b0993bb3cdb5a8c4f25f775e33

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.0.2-0ubuntu2.3_i386.deb
      Size/MD5:   134366 7fec365de11d7868a18ee4f1be6d5eff
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.0.2-0ubuntu2.3_i386.deb
      Size/MD5: 10201990 4e470ac7010cd86183839eedffe77d67

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.0.2-0ubuntu2.3_powerpc.deb
      Size/MD5:   134380 1288cb986f1adfbd48abef126b006e1f
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.0.2-0ubuntu2.3_powerpc.deb
      Size/MD5: 10255086 e1cf172b8b249d25ddad83a5814397b7

Updated packages for Ubuntu Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.2.1.1-0ubuntu4.2.diff.gz
      Size/MD5:    16398 749d47606d267a13fba5b178eb228063
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.2.1.1-0ubuntu4.2.dsc
      Size/MD5:     1244 c5a54e2bd7d7e83eedecf2d244f0018d
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.2.1.1.orig.tar.gz
      Size/MD5: 18423287 8a0e435c05b50fe2d7dbea8c1d5c7b84

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.2.1.1-0ubuntu4.2_amd64.deb
      Size/MD5:   106666 31a1d051cdaaf3f5f902cbb4a380ffd5
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.2.1.1-0ubuntu4.2_amd64.deb
      Size/MD5:  4393034 e3e161af68ebb6061884f94517abe1ef

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.2.1.1-0ubuntu4.2_i386.deb
      Size/MD5:   106660 697e4fdf746df3ea8a72fb2bd22987fe
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.2.1.1-0ubuntu4.2_i386.deb
      Size/MD5:  4211180 7487a4feb64c082574988f8390c732c3

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.2.1.1-0ubuntu4.2_powerpc.deb
      Size/MD5:   106660 6a72027f985938c70837a509e3948c8a
    http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.2.1.1-0ubuntu4.2_powerpc.deb
      Size/MD5:  4289442 f09870fb174824247038d32ce62c965e
    

- 漏洞信息

14577
Ximian Evolution Email Attachment Saturation DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-02-25 Unknow
2005-02-25 Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Novell Evolution Unspecified Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 12826
Yes No
2005-03-17 12:00:00 2009-07-12 10:56:00
Reported by cantona <cantona@softhome.net>.

- 受影响的程序版本

Novell Evolution 2.0.3
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Novell Evolution 2.0.2
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Conectiva Linux 10.0
Novell Evolution 2.0.4
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0

- 不受影响的程序版本

Novell Evolution 2.0.4
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0

- 漏洞讨论

Evolution is vulnerable to a remotely exploitable denial of service condition related to processing of messages with malformed unicode specifications. Messages with certain properties can cause a failure that will force the client to crash when the message is processed. The denial of service may persist until the message is manually removed from the mail archive. Usenet posts may be an ideal vector for a passive attack against unsuspecting readers.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

MandrakeSoft has issued patches in advisory MDKSA-2005:059. See reference section.

The vendor has released version 2.0.4 dealing with this issue.

Conectiva Linux has released advisory CLA-2005:950 along with fixes dealing with this issue. Please see the referenced advisory for more information.


Novell Evolution 2.0.2

Novell Evolution 2.0.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站