Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2006-2659

Published: 30/05/2006 Updated: 03/10/2018
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 820
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Double Precision Incorporated

Vulnerability Summary

libs/comverp.c in Courier MTA prior to 0.53.2 allows malicious users to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding.

Vulnerable Product Search on Vulmon Subscribe to Product

double precision incorporated courier mta 0.43.2

double precision incorporated courier mta 0.44

double precision incorporated courier mta 0.43

double precision incorporated courier mta 0.43.1

double precision incorporated courier mta 0.37.3

double precision incorporated courier mta

double precision incorporated courier mta 0.38.1

double precision incorporated courier mta 0.40

Vendor Advisories

Debian CVElist Bug Report Logs: Spinning processes
Debian Bug report logs - #368834 Spinning processes Package: courier-mta; Maintainer for courier-mta is Markus Wanner <markus@bluegapch>; Source for courier-mta is src:courier (PTS, buildd, popcon) Reported by: Stefan Hornburg <racke@linuxiade> Date: Thu, 25 May 2006 09:18:02 UTC Severity: normal Tags: fixed-upstr ...
Ubuntu Security Notice: courier vulnerability
A Denial of Service vulnerability has been found in the function for encoding email addresses Addresses containing a ‘=’ before the ‘@’ character caused the Courier to hang in an endless loop, rendering the service unusable ...
Debian Security Advisories: DSA-1101-1 courier -- programming error
A bug has been discovered in the Courier Mail Server that can result in a number of processes to consume arbitrary amounts of CPU power For the old stable distribution (woody) this problem has been fixed in version 0373-29 For the stable distribution (sarge) this problem has been fixed in version 047-4sarge5 For the unstable distribution (si ...

References

NVD-CWE-Otherhttp://www.courier-mta.org/beta/patches/verp-fix/README.txthttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368834http://secunia.com/advisories/20519http://www.securityfocus.com/bid/18345http://securitytracker.com/id?1016248http://secunia.com/advisories/20548http://www.debian.org/security/2006/dsa-1101http://secunia.com/advisories/20792http://security.gentoo.org/glsa/glsa-200608-06.xmlhttp://secunia.com/advisories/21350http://www.vupen.com/english/advisories/2006/2214https://exchange.xforce.ibmcloud.com/vulnerabilities/26998https://usn.ubuntu.com/294-1/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368834https://usn.ubuntu.com/294-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook