Lucene search
GoogleOSV:DSA-784-1HistoryAug 25, 2005 - 12:00 a.m.
courier - programming error
2005-08-2500:00:00
Google
osv.dev
5
0.001 Low
EPSS
Percentile
49.5%
A problem has been discovered in the Courier Mail Server. DNS
failures were not handled properly when looking up Sender Policy
Framework (SPF) records, which could allow attackers to cause memory
corruption. The default configuration on Debian has SPF checking
disabled, so most machines are not vulnerable. This is explained in
the “courier” manpage, section SENDER POLICY FRAMEWORK KEYWORDS.
The old stable distribution (woody) is not affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
version 0.47-4sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 0.47-6.
We recommend that you upgrade your courier-mta package.
References
Related
ubuntucve
ubuntucve
CVE-2005-2151
2005-07-06 00:00:00
ubuntu
ubuntu
courier vulnerability
2005-08-26 00:00:00
nessus
nessus
Ubuntu 5.04 : courier vulnerability (USN-174-1)
2006-01-15 00:00:00
Debian DSA-784-1 : courier - programming error
2005-08-30 00:00:00
nvd
nvd
CVE-2005-2151
2005-07-06 04:00:00
debiancve
debiancve
CVE-2005-2151
2005-07-06 04:00:00
cve
cve
CVE-2005-2151
2005-07-06 04:00:00
debian
debian
[SECURITY] [DSA 784-1] New courier packages fix denial of service
2005-08-25 12:56:43
[SECURITY] [DSA 784-1] New courier packages fix denial of service
2005-08-25 12:56:43
openvas
openvas
Ubuntu: Security Advisory (USN-174-1)
2022-08-26 00:00:00
Debian: Security Advisory (DSA-784-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 784-1 (courier)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2005-2151
2005-07-06 04:00:00