Debian Security Advisory DSA 1016-1 (evolution) Network Vulnerability

Summary

The remote host is missing an update to evolution announced via advisory DSA 1016-1. Ulf Härnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code. For the old stable distribution (woody) these problems have been fixed in version 1.0.5-1woody3.

Solution

For the stable distribution (sarge) these problems have been fixed in version 2.0.4-2sarge1. For the unstable distribution (sid) these problems have been fixed in version 2.2.3-3. We recommend that you upgrade your evolution package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201016-1

Severity

Classification

CVE CVE-2005-2549, CVE-2005-2550

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 070-1 (netkit-telnet)
Debian Security Advisory DSA 060-1 (fetchmail)
Debian Security Advisory DSA 091-1 (ssh)
Debian Security Advisory DSA 085-1 (nvi, nvi-m17n)
Debian Security Advisory DSA 016-1 (wu-ftpd)

Take action and discover your vulnerabilities