CVE-2008-7258

2010-08-2018:00:02

Debian Security Bug Tracker

security-tracker.debian.org

cve-2008-7258

anibal monsalve salazar

ssmtp

local users

denial of service

email message

long line

usability problem

unix

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

High

EPSS

Percentile

10.3%

JSON

The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact

OSVersionArchitecturePackageVersionFilename
Debian12allssmtp<= 2.64-11ssmtp_2.64-11_all.deb
Debian11allssmtp<= 2.64-10ssmtp_2.64-10_all.deb
Debian999allssmtp<= 2.64-11ssmtp_2.64-11_all.deb