Test ID:	1.3.6.1.4.1.25623.1.0.55313
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLSA-2005:1004
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLSA-2005:1004. This announcement fixes three vulnerabilities in Evolution: CVE-2005-0806 Evolution allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames. CVE-2005-2549 Multiple format string vulnerabilities in Evolution allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via full vCard data, contact data from remote LDAP servers or task list data from remote servers. CVE-2005-2550 Format string vulnerability in Evolution allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001004 http://www.ximian.com/products/ximian_evolution Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0806 http://www.mandriva.com/security/advisories?name=MDKSA-2005:059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10532 http://www.redhat.com/support/errata/RHSA-2005-397.html https://usn.ubuntu.com/166-1/ Common Vulnerability Exposure (CVE) ID: CVE-2005-2549 14532 http://www.securityfocus.com/bid/14532 16394 http://secunia.com/advisories/16394 19380 http://secunia.com/advisories/19380 20050810 Evolution multiple remote format string bugs http://marc.info/?l=full-disclosure&m=112368237712032&w=2 http://www.securityfocus.com/archive/1/407789 DSA-1016 http://www.debian.org/security/2006/dsa-1016 FEDORA-2005-743 http://www.redhat.com/archives/fedora-announce-list/2005-August/msg00031.html MDKSA-2005:141 http://www.mandriva.com/security/advisories?name=MDKSA-2005:141 RHSA-2005:267 http://www.redhat.com/support/errata/RHSA-2005-267.html SUSE-SA:2005:054 http://www.novell.com/linux/security/advisories/2005_54_evolution.html USN-166-1 http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html oval:org.mitre.oval:def:9553 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9553 Common Vulnerability Exposure (CVE) ID: CVE-2005-2550 oval:org.mitre.oval:def:10880 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10880
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.