Ximian Evolution camel-lock-helper buffer overflow
| evolution-camellockhelper-bo (19031) |  High Risk |
Description:
Evolution is vulnerable to an integer overflow in the setuid root camel-lock-helper component. A local or remote attacker in control of a malicious POP3 server could supply a specially-crafted value to overflow a buffer and execute arbitrary code on the system with root privileges.
Consequences:
Gain Privileges
Remedy:
Apply the evolution patch, available from the evolution-patches Mailing List posting dated Thu, 20 Jan 2005. See References.
For Ubuntu Linux:
Upgrade to the latest evolution package (2.0.2-0ubuntu2.1or later), as listed in USN-69-1 January 24, 2005. See References.
For Debian GNU/Linux 3.0 (woody):
Upgrade to the latest version of evolution (1.0.5-1woody2 or later), as listed in DSA-673-1. See References.
For Red Hat Linux:
Refer to RHSA-2005:397-09 or RHSA-2005:238-18 for patch, upgrade, or suggested workaround information. See References.
For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2005-01-35 for patch, upgrade, or suggested workaround information. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
References:
- evolution-patches Mailing List, Thu, 20 Jan 2005 13:49:12 +0800: camel lock helper security fix.
- BID-12354: Novell Evolution Camel-Lock-Helper Application Remote Integer Overflow Vulnerability
- CVE-2005-0102: Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
- DSA-673: evolution -- integer overflow
- GLSA-200501-35: Evolution: Integer overflow in camel-lock-helper
- MDKSA-2005:024: Updated evolution packages fix vulnerability
- RHSA-2005-238: evolution security update
- RHSA-2005-397: evolution security update
- SA13830: Evolution camel-lock-helper Integer Overflow Vulnerability
- SECTRACK ID: 1012981: Evolution Integer Overflow in camel-lock-helper May Let Local and Remote Users Execute Arbitrary Code
- SUSE-SR:2005:003: SUSE Security Summary Report
- USN-69-1: Evolution vulnerability
Platforms Affected:
- Canonical Ubuntu 4.10
- Debian Debian Linux 3.0
- Gentoo Linux
- MandrakeSoft Mandrake Linux 10.0 AMD64
- MandrakeSoft Mandrake Linux 10.0
- MandrakeSoft Mandrake Linux 10.1
- MandrakeSoft Mandrake Linux 10.1 X86_64
- MandrakeSoft Mandrake Linux Corporate Server 3.0
- MandrakeSoft Mandrake Linux Corporate Server 3.0 X86_64
- RedHat Enterprise Linux 3 ES
- RedHat Enterprise Linux 3 AS
- RedHat Enterprise Linux 3 Desktop
- RedHat Enterprise Linux 3 WS
- RedHat Enterprise Linux 4 WS
- RedHat Enterprise Linux 4 ES
- RedHat Enterprise Linux 4 AS
- RedHat Enterprise Linux 4 Desktop
- Ximian Evolution
Reported:
Jan 24, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net