Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7258

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2008-7258
Last Modified 24 Aug 2010 01:33:44
Published 20 Aug 2010 02:00:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-7258

Summary

** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact.

Vulnerable Systems

Application

  • Anibal Monsalve Salaz Ssmtp 2.61

  • Anibal Monsalve Salaz Ssmtp 2.62


References

CONFIRM - http://patch-tracker.debian.org/patch/series/view/ssmtp/2.62-3/345780-standardise-bufsize

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-7258

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=582236

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424

BID - 41965

MLIST - [oss-security] 20100819 Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow

SECUNIA - 41009

MLIST - [oss-security] 20100802 Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow

MLIST - [oss-security] 20100726 Re: CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow

MLIST - [oss-security] 20100726 CVE-2008-id Request -- ssmtp -- standardise() -- Buffer overflow

FEDORA - FEDORA-2010-11811

FEDORA - FEDORA-2010-11836


Last Updated: 27 May 2016 10:49:31