OVAL query for evolution query CAN-2003-0128

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

OVAL query for evolution query CAN-2003-0128

Jay Beale
CVE-ID: CAN-2003-0128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0128

CVE Description: "The try_uudecoding function in mail-format.c for
Ximian
Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to
cause a denial of service (crash) and possibly execute arbitrary code
via
a malicious uuencoded (UUE) header, possibly triggering a heap-based
buffer overflow."

Red Hat Security Advisory RHSA-2003:108-19
Updated Evolution packages fix multiple vulnerabilities
https://rhn.redhat.com/errata/RHSA-2003-108.html

"Updated Evolution packages are available which fix several
vulnerabilities.

Evolution is a GNOME-based collection of personal information management
(PIM) tools.

Multiple vulnerabilities have been found in the Ximian Evolution email
client. These vulnerabilities make it possible for a carefully crafted
email to crash the program, cause general system instability through
resource starvation, and get around security measures implemented within
the program.

Users of Evolution are advised to upgrade to these erratum packages. For
Red Hat Linux 7.3, these packages update Evolution to version 1.0.8 with
patches to correct these vulnerabilities. For Red Hat Linux 8.0, these
packages contain backported security fixes which correct these
vulnerabilities."

I propose the following SQL query for this vulnerability on Red Hat 9:

OVAL-ID: TBA

Status: Initial Submission
Version: 0
Date Modified: 2003-08-11
Platform: Red Hat 9
Query Synopsis:
-- Vulnerable software exists:
        o Red Hat 9 on ix86
        o evolution rpm version prior to 1.2.2-5 is installed

SELECT 'CAN-2003-0128' FROM Placeholder WHERE EXISTS
-- ### BEGIN VULNERABLE SOFTWARE EXISTS
--
-- Red Hat 9
-- This query is for Red Hat 9...
        (SELECT 'Red Hat 9 is installed'
FROM RedHat_RPMinfo WHERE
                RPMName = 'redhat-release' AND
                RPMVersion = '9')
AND EXISTS
--
-- ...on i386 machines.
--
        (SELECT 'ix86 architecture' FROM RedHat_Uname WHERE
                MachineClass LIKE 'i_86')
AND EXISTS
--
-- evolution rpm version prior to 1.2.2-5 is installed
--
        (SELECT 'evolution version < 1.2.2-5'
FROM RedHat_RPMVersionCompare WHERE
                RPMName = 'evolution' AND
                RPMTestedEpoch IS NULL AND
                RPMTestedVersion = '1.2.2' AND
                RPMTestedRelease = '5' AND
                RPMInstalledVersion = 'earlier'
)
-- ### END VULNERABLE SOFTWARE EXISTS
--
-- ### BEGIN VULNERABLE CONFIGURATION
-- ### END VULNERABLE CONFIGURATION
;
-----------------------------------------------------------------
INSERT IDs used:

New INSERTs:


-----------------------------------------------------------------