Published: 29/06/2005 Updated: 05/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The ClamAV Mail fILTER (clamav-milter) 0.84 up to and including 0.85d, when used in Sendmail using long timeouts, allows remote malicious users to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sendmail sendmail 8.12.1
sendmail sendmail 8.12.10
sendmail sendmail 8.12.11
sendmail sendmail 8.12.2
sendmail sendmail 8.12.3
sendmail sendmail 8.9.0
sendmail sendmail 8.9.1
sendmail sendmail 8.9.2
sendmail sendmail 8.9.3
sendmail sendmail 8.11.1
sendmail sendmail 8.11.2
sendmail sendmail 8.11.3
sendmail sendmail 8.11.4
sendmail sendmail 8.12.8
sendmail sendmail 8.12.9
sendmail sendmail 8.12
sendmail sendmail 8.10.1
sendmail sendmail 8.11.0
sendmail sendmail 8.11.5
sendmail sendmail 8.11.7
sendmail sendmail 8.12.4
sendmail sendmail 8.12.6
sendmail sendmail 8.8.8
sendmail sendmail 8.10
sendmail sendmail 8.10.2
sendmail sendmail 8.11.6
sendmail sendmail 8.12.0
sendmail sendmail 8.12.5
sendmail sendmail 8.12.7

A number of potential remote denial of service vulnerabilities have been identified in ClamAV In addition to the four issues identified by CVE ID above, there are fixes for issues in libclamav/cvdc and libclamav/messagec Together, these issues could allow a carefully crafted message to crash a ClamAV scanner or exhaust various resources on the ...

NVD-CWE-Other http://seclists.org/lists/bugtraq/2005/Jun/0197.html http://www.securityfocus.com/bid/14047 http://www.debian.org/security/2005/dsa-737 http://www.novell.com/linux/security/advisories/2005_38_clamav.html https://nvd.nist.gov https://www.debian.org/security/./dsa-737

CVE-2005-2070

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect