Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4592

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4592
Last Modified 07 Mar 2011 09:28:36
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4592

Summary

Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via words that are longer than the input buffer used by flex.

Vulnerable Systems

Operating System

  • Bogofilter Email Filter 0.93.5

  • Bogofilter Email Filter 0.94.12

  • Bogofilter Email Filter 0.94.14

  • Bogofilter Email Filter 0.95.2

  • Bogofilter Email Filter 0.96.2


References

BID - 16171

SECUNIA - 18352

CONFIRM - http://bogofilter.sourceforge.net/security/bogofilter-SA-2005-02

VUPEN - ADV-2006-0100

XF - bogofilter-long-word-bo(24119)

SECUNIA - 18717

SUSE - SUSE-SR:2006:003


Last Updated: 27 May 2016 10:41:22