CVE-2006-2659
6.2 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.086 Low
EPSS
Percentile
94.4%
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the “=” (equals) character, which is not properly handled during encoding.
References
bugs.debian.org/cgi-bin/bugreport.cgi?bug=368834
secunia.com/advisories/20519
secunia.com/advisories/20548
secunia.com/advisories/20792
secunia.com/advisories/21350
security.gentoo.org/glsa/glsa-200608-06.xml
securitytracker.com/id?1016248
www.courier-mta.org/beta/patches/verp-fix/README.txt
www.debian.org/security/2006/dsa-1101
www.securityfocus.com/bid/18345
www.vupen.com/english/advisories/2006/2214
exchange.xforce.ibmcloud.com/vulnerabilities/26998
usn.ubuntu.com/294-1/
Related
6.2 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.086 Low
EPSS
Percentile
94.4%