Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3573

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3573
Last Modified 07 Mar 2011 09:26:47
Published 16 Nov 2005 02:42:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3573

Summary

Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).

Vulnerable Systems

Application

  • Gnu Mailman 2.0

  • Gnu Mailman 2.0.1

  • Gnu Mailman 2.0.10

  • Gnu Mailman 2.0.11

  • Gnu Mailman 2.0.12

  • Gnu Mailman 2.0.13

  • Gnu Mailman 2.0.14

  • Gnu Mailman 2.0.2

  • Gnu Mailman 2.0.3

  • Gnu Mailman 2.0.4

  • Gnu Mailman 2.0.5

  • Gnu Mailman 2.0.6

  • Gnu Mailman 2.0.7

  • Gnu Mailman 2.0.8

  • Gnu Mailman 2.0.9

  • Gnu Mailman 2.1

  • Gnu Mailman 2.1.1

  • Gnu Mailman 2.1.2

  • Gnu Mailman 2.1.3

  • Gnu Mailman 2.1.4

  • Gnu Mailman 2.1.5

  • Gnu Mailman 2.1.5.8


References

MANDRIVA - MDKSA-2005:222

VUPEN - ADV-2005-2404

BID - 15408

SECUNIA - 17874

SECUNIA - 17511

MLIST - [Mailman-Users] 20050912 Uncaught runner exception: 'utf8' codeccan'tdecode bytes in position 1-4: invalid data

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732

XF - mailman-utf8-scrubber-dos(23139)

UBUNTU - USN-242-1

TRUSTIX - 2006-0012

REDHAT - RHSA-2006:0204

OSVDB - 20819

DEBIAN - DSA-955

SECTRACK - 1015735

SECUNIA - 19532

SECUNIA - 19196

SECUNIA - 19167

SECUNIA - 18612

SECUNIA - 18503

SECUNIA - 18456

SUSE - SUSE-SR:2006:001

SGI - 20060401-01-U


Last Updated: 27 May 2016 10:40:58