ID OSVDB:8731 Type osvdb Reporter OSVDB Modified 2004-04-05T00:00:00
Description
Vulnerability Description
ripMIME contains a flaw related to the MIMEH_read_headers() function that may allow an attacker to cause an underrun by using specially crafted headers containing \r and \n characters. No further details have been provided.
Solution Description
Upgrade to version 1.3.1.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Short Description
ripMIME contains a flaw related to the MIMEH_read_headers() function that may allow an attacker to cause an underrun by using specially crafted headers containing \r and \n characters. No further details have been provided.
References:
Vendor URL: http://www.pldaniels.com/ripmime/
Other Advisory URL: http://www.pldaniels.com/ripmime/CHANGELOG
CVE-2004-2620
{"type": "osvdb", "published": "2004-04-05T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:8731", "hashmap": [{"key": "affectedSoftware", "hash": "f2cf606b9fa2b65bc27c032859317c94"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "9a9959240ac3954310df4fc6ff426e07"}, {"key": "cvss", "hash": "26769fd423968d45be7383413e2552f1"}, {"key": "description", "hash": "69853ef2f7bb1b1ba0286a3de71b3023"}, {"key": "href", "hash": "9eeecf72eb52940dfcce1090401f4614"}, {"key": "modified", "hash": "c0784c46b7aebcc61e5fa6cbc5d82c3d"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "c0784c46b7aebcc61e5fa6cbc5d82c3d"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "171b9aab0604f992d7bade2c8545b191"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 5.0}, "viewCount": 0, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "OSVDB", "title": "ripMIME MIMEH_read_headers() underrun", "affectedSoftware": [{"operator": "eq", "version": "1.3.1.0", "name": "ripMIME"}], "enchantments": {"vulnersScore": 5.0}, "references": [], "id": "OSVDB:8731", "hash": "130afa6c8f03642cc4d919aa021d20fc8a36e50c7063164a069f2fb97de81fd3", "lastseen": "2017-04-28T13:20:03", "cvelist": ["CVE-2004-2620"], "modified": "2004-04-05T00:00:00", "description": "## Vulnerability Description\nripMIME contains a flaw related to the MIMEH_read_headers() function that may allow an attacker to cause an underrun by using specially crafted headers containing \\r and \\n characters. No further details have been provided.\n## Solution Description\nUpgrade to version 1.3.1.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nripMIME contains a flaw related to the MIMEH_read_headers() function that may allow an attacker to cause an underrun by using specially crafted headers containing \\r and \\n characters. No further details have been provided.\n## References:\nVendor URL: http://www.pldaniels.com/ripmime/\nOther Advisory URL: http://www.pldaniels.com/ripmime/CHANGELOG\n[CVE-2004-2620](https://vulners.com/cve/CVE-2004-2620)\n"}
{"result": {"cve": [{"id": "CVE-2004-2620", "type": "cve", "title": "CVE-2004-2620", "description": "The MIMEH_read_headers function in ripMIME 1.3.1.0 does not properly handle trailing \"\\r\" and \"\\n\" characters in headers, which leads to a buffer underflow.", "published": "2004-12-31T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2620", "cvelist": ["CVE-2004-2620"], "lastseen": "2016-09-03T04:54:55"}]}}
