Vulnerabilities > CVE-2005-0806 - Unspecified vulnerability in Ximian Evolution 2.0.3

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

ximian

nessus

NVD

Published: 2005-05-02

Updated: 2018-10-03

Summary

Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.

Vulnerable Configurations

Part	Description	Count
Application	Ximian Ximian Evolution 2.0.3	1

Nessus

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2005-397.NASL
description	Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is a GNOME-based collection of personal information management (PIM) tools. A bug was found in the way Evolution displays mail messages. It is possible that an attacker could create a specially crafted mail message that when opened by a victim causes Evolution to stop responding. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0806 to this issue. A bug was also found in Evolution
last seen	2020-06-01
modified	2020-06-02
plugin id	18197
published	2005-05-04
reporter	This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/18197
title	RHEL 4 : evolution (RHSA-2005:397)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2005:397. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(18197); script_version ("1.25"); script_cvs_date("Date: 2019/10/25 13:36:11"); script_cve_id("CVE-2005-0102", "CVE-2005-0806"); script_xref(name:"RHSA", value:"2005:397"); script_name(english:"RHEL 4 : evolution (RHSA-2005:397)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is a GNOME-based collection of personal information management (PIM) tools. A bug was found in the way Evolution displays mail messages. It is possible that an attacker could create a specially crafted mail message that when opened by a victim causes Evolution to stop responding. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0806 to this issue. A bug was also found in Evolution's helper program camel-lock-helper. This bug could allow a local attacker to gain root privileges if camel-lock-helper has been built to execute with elevated privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0102 to this issue. On Red Hat Enterprise Linux, camel-lock-helper is not built to execute with elevated privileges by default. Please note however that if users have rebuilt Evolution from the source RPM, as the root user, camel-lock-helper may be given elevated privileges. All users of evolution should upgrade to these updated packages, which include backported fixes to correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2005-0102" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2005-0806" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2005:397" ); script_set_attribute( attribute:"solution", value:"Update the affected evolution and / or evolution-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:evolution"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:evolution-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/01/24"); script_set_attribute(attribute:"patch_publication_date", value:"2005/05/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/05/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^4([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2005:397"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"evolution-2.0.2-16")) flag++; if (rpm_check(release:"RHEL4", reference:"evolution-devel-2.0.2-16")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "evolution / evolution-devel"); } }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2005-338.NASL
description	- Fri Apr 22 2005 David Malcolm <dmalcolm at redhat.com> - 2.0.4-4 - Added the correct patch this time - Wed Apr 20 2005 David Malcolm <dmalcolm at redhat.com> - 2.0.4-3 - Added patch for #155378 (CVE-2005-0806) - Updated mozilla_build_version from 1.7.6 to 1.7.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	19655
published	2005-09-12
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/19655
title	Fedora Core 3 : evolution-2.0.4-4 (2005-338)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2005-338. # include("compat.inc"); if (description) { script_id(19655); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:24"); script_xref(name:"FEDORA", value:"2005-338"); script_name(english:"Fedora Core 3 : evolution-2.0.4-4 (2005-338)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Fri Apr 22 2005 David Malcolm <dmalcolm at redhat.com> - 2.0.4-4 - Added the correct patch this time - Wed Apr 20 2005 David Malcolm <dmalcolm at redhat.com> - 2.0.4-3 - Added patch for #155378 (CVE-2005-0806) - Updated mozilla_build_version from 1.7.6 to 1.7.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/announce/2005-April/000877.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2c99cddf" ); script_set_attribute( attribute:"solution", value: "Update the affected evolution, evolution-debuginfo and / or evolution-devel packages." ); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:evolution"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:evolution-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:evolution-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:3"); script_set_attribute(attribute:"patch_publication_date", value:"2005/04/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/09/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^3([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 3.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC3", reference:"evolution-2.0.4-4")) flag++; if (rpm_check(release:"FC3", reference:"evolution-debuginfo-2.0.4-4")) flag++; if (rpm_check(release:"FC3", reference:"evolution-devel-2.0.4-4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "evolution / evolution-debuginfo / evolution-devel"); }

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2005-397.NASL
description	Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution is a GNOME-based collection of personal information management (PIM) tools. A bug was found in the way Evolution displays mail messages. It is possible that an attacker could create a specially crafted mail message that when opened by a victim causes Evolution to stop responding. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0806 to this issue. A bug was also found in Evolution
last seen	2020-06-01
modified	2020-06-02
plugin id	23980
published	2007-01-08
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/23980
title	CentOS 4 : Evolution (CESA-2005:397)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-166-1.NASL
description	Ulf Harnhammar disovered several format string vulnerabilities in Evolution. By tricking an user into viewing a specially crafted vCard attached to an email, specially crafted contact data from an LDAP server, specially crafted task lists from remote servers, or saving Calendar entries with this malicious task list data, it was possible for an attacker to execute arbitrary code with the privileges of the user running Evolution. In addition, this update fixes a Denial of Service vulnerability in the mail attachment parser. This could be exploited to crash Evolution by tricking an user into opening a malicious email with a specially crafted attachment file name. This does only affect the Ubuntu 4.10 version, the Evolution package shipped with Ubuntu 5.04 is not affected. (CAN-2005-0806). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	20572
published	2006-01-15
reporter	Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20572
title	Ubuntu 4.10 / 5.04 : evolution vulnerabilities (USN-166-1)

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2005-059.NASL
description	It was discovered that certain types of messages could be used to crash the Evolution mail client. Fixes have been applied to correct this behaviour.
last seen	2020-06-01
modified	2020-06-02
plugin id	17347
published	2005-03-17
reporter	This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/17347
title	Mandrake Linux Security Advisory : evolution (MDKSA-2005:059)

Oval

accepted

2013-04-29T04:06:29.497-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990

description

Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.

family

unix

oval:org.mitre.oval:def:10532

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.

version

Redhat

advisories

rhsa

id	RHSA-2005:397

rpms

evolution-0:2.0.2-16
evolution-debuginfo-0:2.0.2-16
evolution-devel-0:2.0.2-16

Summary

Vulnerable Configurations

Nessus

Oval

Redhat

References