Описание
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qmail | fixed | 1.03-38 | package | |
| netqmail | fixed | 1.06-6.2 | package |
Примечания
https://www.openwall.com/lists/oss-security/2020/05/19/8
https://www.openwall.com/lists/oss-security/2020/06/16/2
EPSS
Связанные уязвимости
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
Уязвимость функции stralloc_readyplus почтового клиента netqmail, позволяющая нарушителю вызвать отказ в обслуживании
EPSS