Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1266

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1266
Last Modified 21 Aug 2010 12:28:22
Published 15 Jun 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1266

Summary

Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.

Vulnerable Systems

Application

  • Apache Spamassassin 3.0.1

  • Apache Spamassassin 3.0.2

  • Apache Spamassassin 3.0.3


References

CONFIRM - http://www.vuxml.org/freebsd/cc4ce06b-e01c-11d9-a8bd-000cf18bbe54.html

GENTOO - GLSA-200506-17

MISC - http://bugs.gentoo.org/show_bug.cgi?id=94722

MANDRAKE - MDKSA-2005:106

DEBIAN - DSA-736

MLIST - [spamassassin-announce] 20050615 Denial of Service Vulnerability in Apache SpamAssassin 3.0.1-3.0.3

BID - 13978

REDHAT - RHSA-2005:498


Last Updated: 27 May 2016 10:40:06