tag 591515 - security severity 591515 normal kthxbye On Tue, Aug 3, 2010 at 13:47:15 -0400, Michael Gilbert wrote:
> package: ssmtp > version: 2.64-4 > severity: serious > tags: security > > a buffer overflow in ssmtp: > https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424 > > note that current code is slightly different than ubuntu, so its not > entirely clear whether debian is affected. please check. > Quoting the CVE description: ** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact. Downgrading. Cheers, Julien
signature.asc
Description: Digital signature
