Описание
PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
Ссылки
- Issue TrackingPatchRelease NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
- Issue TrackingPatchRelease NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
PostSRSd before 1.11 allows a denial of service (subprocess hang) if P ...
PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
Уязвимость демона схемы перезаписи отправителя Postfix PostSRSd, связанная с некорректная зачисткой или освобождением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2