CVE-2009-0582
evolution-data-server: insufficient checking of NTLM authentication challenge packets
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount of data in a challenge packet, which allows remote mail servers to read information from the process memory of a client, or cause a denial of service (client crash), via an NTLM authentication type 2 packet with a length value that exceeds the amount of packet data.
La función ntlm_challenge en el mecanismo de autenticación NTLM SASL de camel/camel-sasl-ntlm.c en Camel en Evolution Data Server (alias evolution-data-server) 2.24.5 y anteriores, and 2.25.92 and earlier 2.25.x , no valida si cierto valor de longitud es coherente con la cantidad de datos almacenados en el paquete del desafío, lo cual permite leer, a los servidores de correo remotos, información de la memoria del proceso de un cliente, o provocar una denegación de servicio (con caida del cliente), a través de una autenticación NTLM autenticación de tipo 2 con un valor de longitud del paquete que supera la cantidad de paquetes de datos.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-02-13 CVE Reserved
- 2009-03-14 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (24)
| URL | Tag | Source |
|---|---|---|
| http://mail.gnome.org/archives/release-team/2009-March/msg00096.html | Mailing List | |
| http://osvdb.org/52673 | Vdb Entry | |
| http://secunia.com/advisories/34338 | Third Party Advisory | |
| http://secunia.com/advisories/34339 | Third Party Advisory | |
| http://secunia.com/advisories/34348 | Third Party Advisory | |
| http://secunia.com/advisories/34363 | Third Party Advisory | |
| http://secunia.com/advisories/35065 | Third Party Advisory | |
| http://secunia.com/advisories/35357 | Third Party Advisory | |
| http://securitytracker.com/id?1021845 | Vdb Entry | |
| http://www.securityfocus.com/bid/34109 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2009/0716 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49233 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10081 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnome Search vendor "Gnome" | Evolution-data-server Search vendor "Gnome" for product "Evolution-data-server" | <= 2.24.5 Search vendor "Gnome" for product "Evolution-data-server" and version " <= 2.24.5" | - |
Affected
| ||||||
| Gnome Search vendor "Gnome" | Evolution-data-server Search vendor "Gnome" for product "Evolution-data-server" | 2.25.92 Search vendor "Gnome" for product "Evolution-data-server" and version "2.25.92" | - |
Affected
| ||||||