[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-1515Date: (C)2005-05-11   (M)2024-02-16


Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of SMTP RCPT TO commands.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1013911
http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0101.html
http://seclists.org/fulldisclosure/2020/May/42
DSA-4692
GLSA-202007-01
USN-4556-1
https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html
http://www.openwall.com/lists/oss-security/2020/05/19/8
http://www.openwall.com/lists/oss-security/2020/05/20/2
http://packetstormsecurity.com/files/157805/Qualys-Security-Advisory-Qmail-Remote-Code-Execution.html
http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html

OVAL    6
oval:org.secpod.oval:def:604866
oval:org.secpod.oval:def:69815
oval:org.secpod.oval:def:705672
oval:org.secpod.oval:def:67150
...

© SecPod Technologies