[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-7258Date: (C)2010-08-20   (M)2024-04-19


The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECUNIA-41009
BID-41965
FEDORA-2010-11811
FEDORA-2010-11836
http://marc.info/?l=oss-security&m=128013391907262&w=2
http://marc.info/?l=oss-security&m=128017258305041&w=2
http://marc.info/?l=oss-security&m=128077707318085&w=2
http://www.openwall.com/lists/oss-security/2010/08/19/6
http://patch-tracker.debian.org/patch/series/view/ssmtp/2.62-3/345780-standardise-bufsize
https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424
https://bugzilla.redhat.com/show_bug.cgi?id=582236
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-7258

CWE    1
CWE-20

© SecPod Technologies