Secunia Logo
Netsikker nu! 2008
 Vulnerability IntelligenceVulnerability ScanningBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Ubuntu update for mozilla-thunderbird/mozilla-thunderbird-enigmail
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Ubuntu update for mozilla-thunderbird/mozilla-thunderbird-enigmail
Secunia Advisory: SA16302
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2005-08-01
Last Update: 2005-08-03
Popularity: 7,307 views

Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
Exposure of system information
Exposure of sensitive information
System access
Where: From remote
Solution Status: Vendor Patch

OS:Ubuntu Linux 4.10
Ubuntu Linux 5.04
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2005-0989
CVE-2005-1159
CVE-2005-1160
CVE-2005-1532
CVE-2005-2261
CVE-2005-2265
CVE-2005-2269
CVE-2005-2270
CVE-2005-2353
Description:
Ubuntu has issued updates for mozilla-thunderbird and mozilla-thunderbird-enigmail. These fix some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, gain knowledge of potentially sensitive information, conduct cross-site scripting attacks and compromise a user's system.

For more information:
SA16062

Solution:
Apply updated packages.

-- Ubuntu 4.10 (Warty Warthog) --

Source archives:

http://security.ubuntu.com/ubuntu/poo...hunderbird_1.0.6-0ubuntu04.10.diff.gz
Size/MD5: 73508 3648c2252f6267d642c8f4e28a14eba0
http://security.ubuntu.com/ubuntu/poo...la-thunderbird_1.0.6-0ubuntu04.10.dsc
Size/MD5: 942 867a7864f0bce2639df4684bd264ddb9
http://security.ubuntu.com/ubuntu/poo...mozilla-thunderbird_1.0.6.orig.tar.gz
Size/MD5: 32933620 c28fc1fd78785b5264e9830b7be6f8ea
http://security.ubuntu.com/ubuntu/poo.../enigmail_0.92-1ubuntu04.10.1.diff.gz
Size/MD5: 16772 93321a003c0504d04be198009246fda8
http://security.ubuntu.com/ubuntu/poo...mail/enigmail_0.92-1ubuntu04.10.1.dsc
Size/MD5: 892 2953c3a70568574ae3ea328a096c5297
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92.orig.tar.gz
Size/MD5: 2038607 c79925633b9e01fa6737d75c2e7acb89

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/poo...bird-dev_1.0.6-0ubuntu04.10_amd64.deb
Size/MD5: 3344106 f3e52ae8a21f37b046d7f1d7c8c8776d
http://security.ubuntu.com/ubuntu/poo...nspector_1.0.6-0ubuntu04.10_amd64.deb
Size/MD5: 143406 49e86c62f34f5b46b844b1af6f76808e
http://security.ubuntu.com/ubuntu/poo...-offline_1.0.6-0ubuntu04.10_amd64.deb
Size/MD5: 25942 451b04d908aec8843b4b37832c197e12
http://security.ubuntu.com/ubuntu/poo...headfind_1.0.6-0ubuntu04.10_amd64.deb
Size/MD5: 81002 1f9589f00acb7223f6f1d320caa077ac
http://security.ubuntu.com/ubuntu/poo...nderbird_1.0.6-0ubuntu04.10_amd64.deb
Size/MD5: 12259022 1e3eb1a83028b876b942ffa2a4ec8595
http://security.ubuntu.com/ubuntu/poo...nigmail_0.92-1ubuntu04.10.1_amd64.deb
Size/MD5: 326848 895984b48aaf852379c2577769aabad8
http://security.ubuntu.com/ubuntu/poo...nigmail_0.92-1ubuntu04.10.1_amd64.deb
Size/MD5: 332826 8c86b418d3e537691020d33c980e47a1

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/poo...rbird-dev_1.0.6-0ubuntu04.10_i386.deb
Size/MD5: 3337680 42e0747a2281c452f9b89bc0f45da1f5
http://security.ubuntu.com/ubuntu/poo...inspector_1.0.6-0ubuntu04.10_i386.deb
Size/MD5: 138492 b2e5a5ac934afe676fcf7e8ab9890107
http://security.ubuntu.com/ubuntu/poo...d-offline_1.0.6-0ubuntu04.10_i386.deb
Size/MD5: 25940 94f40b33202345a7977168122a9f2aec
http://security.ubuntu.com/ubuntu/poo...aheadfind_1.0.6-0ubuntu04.10_i386.deb
Size/MD5: 78654 83cc69b58e9fcce92223df5e3f717928
http://security.ubuntu.com/ubuntu/poo...underbird_1.0.6-0ubuntu04.10_i386.deb
Size/MD5: 11341380 e57d9774c4d491dcf15f09f7889a6868
http://security.ubuntu.com/ubuntu/poo...enigmail_0.92-1ubuntu04.10.1_i386.deb
Size/MD5: 310580 9bfaa26ecccab860101d942d8ae1b8c0
http://security.ubuntu.com/ubuntu/poo...enigmail_0.92-1ubuntu04.10.1_i386.deb
Size/MD5: 318188 4f34a4ab40345c2cc0c46f5479bc8fa3

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/poo...rd-dev_1.0.6-0ubuntu04.10_powerpc.deb
Size/MD5: 3333202 62649be791c6c27e1245edc1abdc344f
http://security.ubuntu.com/ubuntu/poo...pector_1.0.6-0ubuntu04.10_powerpc.deb
Size/MD5: 137268 17d462bac0e43a5094ed2656ca67258f
http://security.ubuntu.com/ubuntu/poo...ffline_1.0.6-0ubuntu04.10_powerpc.deb
Size/MD5: 25950 aabf2e2ec761f74d8b6758fa98c1eae5
http://security.ubuntu.com/ubuntu/poo...adfind_1.0.6-0ubuntu04.10_powerpc.deb
Size/MD5: 72786 f5504ecf5cd74fb8b926192cbf0491a1
http://security.ubuntu.com/ubuntu/poo...erbird_1.0.6-0ubuntu04.10_powerpc.deb
Size/MD5: 10895290 69091f41e3b7cf59717a267b6dea4148
http://security.ubuntu.com/ubuntu/poo...gmail_0.92-1ubuntu04.10.1_powerpc.deb
Size/MD5: 312792 c912f2481d83e6d632ef5eb76752c03f
http://security.ubuntu.com/ubuntu/poo...gmail_0.92-1ubuntu04.10.1_powerpc.deb
Size/MD5: 320014 e6996e470b3cd440406dbca8ad35ce0b

-- Ubuntu 5.04 (Hoary Hedgehog) --

Source archives:

http://security.ubuntu.com/ubuntu/poo...hunderbird_1.0.6-0ubuntu05.04.diff.gz
Size/MD5: 73461 0610e558ba5530b59a0575738270f399
http://security.ubuntu.com/ubuntu/poo...la-thunderbird_1.0.6-0ubuntu05.04.dsc
Size/MD5: 942 4c1ccd87b48a5e989791954098936cac
http://security.ubuntu.com/ubuntu/poo...mozilla-thunderbird_1.0.6.orig.tar.gz
Size/MD5: 32933620 c28fc1fd78785b5264e9830b7be6f8ea
http://security.ubuntu.com/ubuntu/poo.../enigmail_0.92-1ubuntu05.04.1.diff.gz
Size/MD5: 16763 a7d37dbf6abe3da411d00a41cf7c8be8
http://security.ubuntu.com/ubuntu/poo...mail/enigmail_0.92-1ubuntu05.04.1.dsc
Size/MD5: 892 04380200e70d9eeadab664cee6b1aa54
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92.orig.tar.gz
Size/MD5: 2038607 c79925633b9e01fa6737d75c2e7acb89

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/poo...bird-dev_1.0.6-0ubuntu05.04_amd64.deb
Size/MD5: 3343822 a828df1aa118849e7e9d63c2118b83a8
http://security.ubuntu.com/ubuntu/poo...nspector_1.0.6-0ubuntu05.04_amd64.deb
Size/MD5: 143386 d78c19acd6f77728eb517704b0770964
http://security.ubuntu.com/ubuntu/poo...-offline_1.0.6-0ubuntu05.04_amd64.deb
Size/MD5: 25884 60e3dca0c27325ef255349c889d9844f
http://security.ubuntu.com/ubuntu/poo...headfind_1.0.6-0ubuntu05.04_amd64.deb
Size/MD5: 80856 f9d7cb1e18baf01c68fd8ba2a595870f
http://security.ubuntu.com/ubuntu/poo...nderbird_1.0.6-0ubuntu05.04_amd64.deb
Size/MD5: 11951990 f906f7738c3b5903b1a97658938fb9c0
http://security.ubuntu.com/ubuntu/poo...nigmail_0.92-1ubuntu05.04.1_amd64.deb
Size/MD5: 326858 a37b7fda2c560db461a58771c88bac50
http://security.ubuntu.com/ubuntu/poo...nigmail_0.92-1ubuntu05.04.1_amd64.deb
Size/MD5: 332886 4bfd8408209d22717d1a50bb5e87e889

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/poo...rbird-dev_1.0.6-0ubuntu05.04_i386.deb
Size/MD5: 3337242 fb47f26776929bb06b2b383f546117e6
http://security.ubuntu.com/ubuntu/poo...inspector_1.0.6-0ubuntu05.04_i386.deb
Size/MD5: 138448 4d99616e765e8e37282b02ace2441764
http://security.ubuntu.com/ubuntu/poo...d-offline_1.0.6-0ubuntu05.04_i386.deb
Size/MD5: 25880 1de7833deb71b5fc3cc08dd1798f31e8
http://security.ubuntu.com/ubuntu/poo...aheadfind_1.0.6-0ubuntu05.04_i386.deb
Size/MD5: 78606 108f78054cd910e1fe7c45440a2c7f79
http://security.ubuntu.com/ubuntu/poo...underbird_1.0.6-0ubuntu05.04_i386.deb
Size/MD5: 10900596 2ca9e53c1bccf81a0ded54d781f892fe
http://security.ubuntu.com/ubuntu/poo...enigmail_0.92-1ubuntu05.04.1_i386.deb
Size/MD5: 310612 afc30570ec061c922eca7a9146a12e1b
http://security.ubuntu.com/ubuntu/poo...enigmail_0.92-1ubuntu05.04.1_i386.deb
Size/MD5: 318236 5573e6d012fe8f02e82c8e05ee10f011

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/poo...rd-dev_1.0.6-0ubuntu05.04_powerpc.deb
Size/MD5: 3332996 50dafdc24c84117e7210a27537df7c00
http://security.ubuntu.com/ubuntu/poo...pector_1.0.6-0ubuntu05.04_powerpc.deb
Size/MD5: 137202 354b6bd41029419af278dbb632625716
http://security.ubuntu.com/ubuntu/poo...ffline_1.0.6-0ubuntu05.04_powerpc.deb
Size/MD5: 25886 633f6cff231f58e05fa0374dc649a44c
http://security.ubuntu.com/ubuntu/poo...adfind_1.0.6-0ubuntu05.04_powerpc.deb
Size/MD5: 72806 dfdea066f335c2b06b69603a4e5c7b8c
http://security.ubuntu.com/ubuntu/poo...erbird_1.0.6-0ubuntu05.04_powerpc.deb
Size/MD5: 10446774 8d2b97d79de43e1b90af04f37c39b44b
http://security.ubuntu.com/ubuntu/poo...gmail_0.92-1ubuntu05.04.1_powerpc.deb
Size/MD5: 312922 2e8d1c56e024dac9c5a532c6ddb43fd7
http://security.ubuntu.com/ubuntu/poo...gmail_0.92-1ubuntu05.04.1_powerpc.deb
Size/MD5: 320004 310cbc9849405f67c7d5d214afaf1dfd

Changelog:
2005-08-03: Vendor released updated mozilla-thunderbird-enigmail packages for Ubuntu 4.10. Added USN-157-2.

Original Advisory:
http://www.ubuntulinux.org/support/documentation/usn/usn-157-1
http://www.ubuntulinux.org/support/documentation/usn/usn-157-2

Other References:
SA16062:
http://secunia.com/advisories/16062/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Today
New advisories: 19
New vulnerabilities: 68
Updated advisories: 62

Moderately // 181 views
Debian update for php5
Moderately // 134 views
Atarone CMS Multiple Vulnerabilities
Less // 148 views
MetaGauge Directory Traversal Vulnerability
Less // 166 views
H-Sphere webshell4 Cross-Site Scripting and Request Forgery
Moderately // 162 views
CMME Information Disclosure Security Issues
Moderately // 172 views
Debian update for squid
Less // 184 views
SUSE update for mercurial
Moderately // 228 views
SUSE update for openssh
Moderately // 162 views
SUSE update for dovecot and graphicsmagic
Less // 173 views
Fedora update for mediawiki

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Debian update for php5 // 63 views
2. SUSE update for openssh // 56 views
3. H-Sphere webshell4 Cross-Site Scripting and Request Forgery // 41 views
4. Juniper Products Neighbor Discovery Protocol Neighbor Solicitation Vulnerability // 41 views
5. SUSE update for mercurial // 39 views
6. Atarone CMS Multiple Vulnerabilities // 34 views
7. WMNews Cross-Site Scripting Vulnerabilities // 33 views
8. MetaGauge Directory Traversal Vulnerability // 33 views
9. SUSE update for dovecot and graphicsmagic // 33 views
10. HP-UX NFS/ONCplus Denial of Service Vulnerability // 31 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008