7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.086 Low
EPSS
Percentile
94.4%
Courier MTA is an integrated mail and groupware server based on open protocols.
Courier MTA has fixed a security issue relating to usernames containing the “=” character, causing high CPU utilization.
An attacker could exploit this vulnerability by sending a specially crafted email to a mail gateway running a vulnerable version of Courier MTA.
There is no known workaround at this time.
All Courier MTA users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/courier-0.53.2"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | mail-mta/courier | < 0.53.2 | UNKNOWN |