Lucene search

K

PRIOn knowledge basePRION:CVE-2006-2659

HistoryMay 30, 2006 - 7:02 p.m.

Design/Logic Flaw

2006-05-3019:02:00

PRIOn knowledge base

www.prio-n.com

2

6.4 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.086 Low

EPSS

Percentile

94.3%

libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the “=” (equals) character, which is not properly handled during encoding.

CPENameOperatorVersion
courier_mtaeq0.37.3
courier_mtaeq0.38.1
courier_mtale0.44.2
courier_mtaeq0.43.2
courier_mtaeq0.43
courier_mtaeq0.43.1
courier_mtaeq0.40
courier_mtaeq0.44

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=368834

secunia.com/advisories/20519

secunia.com/advisories/20548

secunia.com/advisories/20792

secunia.com/advisories/21350

security.gentoo.org/glsa/glsa-200608-06.xml

securitytracker.com/id?1016248

www.courier-mta.org/beta/patches/verp-fix/README.txt

www.debian.org/security/2006/dsa-1101

www.securityfocus.com/bid/18345

www.vupen.com/english/advisories/2006/2214

exchange.xforce.ibmcloud.com/vulnerabilities/26998

usn.ubuntu.com/294-1/

6.4 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.086 Low

EPSS

Percentile

94.3%

Related for PRION:CVE-2006-2659

openvas5 debian1 nessus3 debiancve1 cve1 gentoo1 ubuntucve1 ubuntu1