Vulnerabilities > CVE-2003-0129 - Unspecified vulnerability in Ximian Evolution

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ximian

nessus

exploit available

NVD

Published: 2003-03-24

Updated: 2017-10-11

Summary

Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.

Vulnerable Configurations

Part	Description	Count
Application	Ximian Ximian Evolution 1.0.7 Ximian Evolution 1.2.2 Ximian Evolution 1.0.3 Ximian Evolution 1.0.6 Ximian Evolution 1.2 Ximian Evolution 1.2.1 Ximian Evolution 1.0.4 Ximian Evolution 1.0.5 Ximian Evolution 1.1.1 Ximian Evolution 1.0.8	10

Exploit-Db

description	Ximian Evolution 1.x UUEncoding Parsing Memory Corruption Vulnerability. CVE-2003-0129. Remote exploit for linux platform
id	EDB-ID:22369
last seen	2016-02-02
modified	2003-03-17
published	2003-03-17
reporter	Core Security
source	https://www.exploit-db.com/download/22369/
title	Ximian Evolution 1.x UUEncoding Parsing Memory Corruption Vulnerability

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2003-045.NASL
description	Several vulnerabilities were discovered in the Evolution email client. These problems make it possible for a carefully constructed email message to crash the program, causing general system instability by starving resources.
last seen	2020-06-01
modified	2020-06-02
plugin id	14029
published	2004-07-31
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/14029
title	Mandrake Linux Security Advisory : evolution (MDKSA-2003:045)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2003:045. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(14029); script_version ("1.17"); script_cvs_date("Date: 2019/08/02 13:32:46"); script_cve_id("CVE-2003-0128", "CVE-2003-0129", "CVE-2003-0130"); script_xref(name:"MDKSA", value:"2003:045"); script_name(english:"Mandrake Linux Security Advisory : evolution (MDKSA-2003:045)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities were discovered in the Evolution email client. These problems make it possible for a carefully constructed email message to crash the program, causing general system instability by starving resources." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:evolution"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:evolution-pilot"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libevolution0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libevolution0-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1"); script_set_attribute(attribute:"patch_publication_date", value:"2003/04/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"evolution-1.0.8-3.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"evolution-pilot-1.0.8-3.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libevolution0-1.0.8-3.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libevolution0-devel-1.0.8-3.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"evolution-1.2.4-1.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"evolution-pilot-1.2.4-1.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libevolution0-1.2.4-1.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libevolution0-devel-1.2.4-1.1mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Oval

accepted

2007-04-25T19:52:13.970-04:00

class

vulnerability

contributors

name Jay Beale
organization Bastille Linux
name Jay Beale
organization Bastille Linux
name Thomas R. Jones
organization Maitreya Security

description

Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.

family

unix

oval:org.mitre.oval:def:108

status

accepted

submitted

2003-08-11T12:00:00.000-04:00

title

Ximian Evolution User Agent Multiple uuencoding Denial of Service

version

Redhat

advisories

rhsa

id	RHSA-2003:108

Summary

Vulnerable Configurations

Exploit-Db

Nessus

Oval

Redhat

References