Описание
** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact.
** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-7258
- https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424
- https://bugzilla.redhat.com/show_bug.cgi?id=582236
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-7258
- http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045407.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045422.html
- http://marc.info/?l=oss-security&m=128013391907262&w=2
- http://marc.info/?l=oss-security&m=128017258305041&w=2
- http://marc.info/?l=oss-security&m=128077707318085&w=2
- http://patch-tracker.debian.org/patch/series/view/ssmtp/2.62-3/345780-standardise-bufsize
- http://secunia.com/advisories/41009
- http://www.openwall.com/lists/oss-security/2010/08/19/6
- http://www.securityfocus.com/bid/41965
Связанные уязвимости
The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact
The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact
The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.6 ...