Lucene search

K

[email protected]CVE-2005-1266

HistoryJun 22, 2005 - 4:00 a.m.

CVE-2005-1266

2005-06-2204:00:00

[email protected]

web.nvd.nist.gov

37

apache

spamassassin

denial of service

dos

cpu consumption

nvd

cve-2005-1266

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.9 High

AI Score

Confidence

High

0.214 Low

EPSS

Percentile

96.5%

Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.

Affected configurations

NVD

Node

apachespamassassinMatch3.0.1

OR

apachespamassassinMatch3.0.2

OR

apachespamassassinMatch3.0.3

CPENameOperatorVersion
apache:spamassassinapache spamassassineq3.0.1
apache:spamassassinapache spamassassineq3.0.2
apache:spamassassinapache spamassassineq3.0.3

References

bugs.gentoo.org/show_bug.cgi?id=94722

mail-archives.apache.org/mod_mbox/spamassassin-announce/200506.mbox/%3c17072.35054.586017.822288%40proton.pathname.com%3e

security.gentoo.org/glsa/glsa-200506-17.xml

www.debian.org/security/2005/dsa-736

www.mandriva.com/security/advisories?name=MDKSA-2005:106

www.redhat.com/support/errata/RHSA-2005-498.html

www.securityfocus.com/bid/13978

www.vuxml.org/freebsd/cc4ce06b-e01c-11d9-a8bd-000cf18bbe54.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10901

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

8.9 High

AI Score

Confidence

High

0.214 Low

EPSS

Percentile

96.5%

Related for CVE-2005-1266

openvas6 securityvulns1 suse1 debian4 redhat1 nessus8 ubuntucve1 nvd1 debiancve1 cvelist1 freebsd1 checkpoint_advisories1 centos1 gentoo1