Описание
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:eric_allman:sendmail:5.58:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:5.59:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.6.x:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.7.1:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.7.2:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.7.3:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.7.4:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.7.5:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.7.6:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.7.x:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.8:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.8.1:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.8.2:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.8.3:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.8.4:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.8.5:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.8.x:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.9.1:*:*:*:*:*:*:*
cpe:2.3:a:eric_allman:sendmail:8.9.3:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00655
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
EPSS
Процентиль: 70%
0.00655
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other