CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
91.5%
dkim-milter 2.6.0 through 2.8.0 allows remote attackers to cause a denial of service (crash) by signing a message with a key that has been revoked in DNS, which triggers an assertion error.
Vendor | Product | Version | CPE |
---|---|---|---|
dkim | dkim-milter | 2.6.0 | cpe:2.3:a:dkim:dkim-milter:2.6.0:*:*:*:*:*:*:* |
dkim | dkim-milter | 2.7.0 | cpe:2.3:a:dkim:dkim-milter:2.7.0:*:*:*:*:*:*:* |
dkim | dkim-milter | 2.7.1 | cpe:2.3:a:dkim:dkim-milter:2.7.1:*:*:*:*:*:*:* |
dkim | dkim-milter | 2.7.2 | cpe:2.3:a:dkim:dkim-milter:2.7.2:*:*:*:*:*:*:* |
dkim | dkim-milter | 2.8.0 | cpe:2.3:a:dkim:dkim-milter:2.8.0:*:*:*:*:*:*:* |
secunia.com/advisories/33581
secunia.com/advisories/34053
sourceforge.net/project/shownotes.php?release_id=654247
sourceforge.net/tracker/index.php?func=detail&aid=2508602&group_id=139420&atid=744358
www.debian.org/security/2009/dsa-1728
www.openwall.com/lists/oss-security/2009/03/01/1
www.securityfocus.com/bid/33337
exchange.xforce.ibmcloud.com/vulnerabilities/48085