CVE-2005-3573

Related Files

Ubuntu Security Notice 242-1

Posted Jan 21, 2006

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-242-1 - Aliet Santiesteban Sifontes discovered a remote denial of service vulnerability in the attachment handler of mailman. An email with an attachment whose filename contained invalid UTF-8 characters caused mailman to crash. Mailman did not sufficiently verify the validity of email dates. Very large numbers in dates caused mailman to crash.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2005-3573, CVE-2005-4153

SHA-256 | d4b482330864088fe99c59474e161f30aad2cfee1cef487ded2cd1ad374aa43b

Download | Favorite | View

Mandriva Linux Security Advisory 2005.222

Posted Dec 3, 2005

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Scrubber.py in Mailman 2.1.4 through 2.1.6 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service. In addition, these versions of mailman have an issue where the server will fail with an overflow on bad date data in a processed message.

tags | advisory, remote, denial of service, overflow

systems | linux, mandriva

advisories | CVE-2005-3573

SHA-256 | f425e7c90ac8f9e309cae39b0cabc54364500222c5a30f89b8265ff017246c54

Download | Favorite | View