ID |
CVE-2006-2659
|
Summary |
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding. This vulnerability is addressed in the following product release:
Double Precision Incorporated, Courier MTA, 0.53.2 |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.37.3:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:0.37.3:*:*:*:*:*:*:*
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.38.1:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:0.38.1:*:*:*:*:*:*:*
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.40:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:0.40:*:*:*:*:*:*:*
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.43:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:0.43:*:*:*:*:*:*:*
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.43.1:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:0.43.1:*:*:*:*:*:*:*
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.43.2:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:0.43.2:*:*:*:*:*:*:*
-
cpe:2.3:a:double_precision_incorporated:courier_mta:0.44:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:0.44:*:*:*:*:*:*:*
-
cpe:2.3:a:double_precision_incorporated:courier_mta:*:*:*:*:*:*:*:*
cpe:2.3:a:double_precision_incorporated:courier_mta:*:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.8 (as of 03-10-2018 - 21:41) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
refmap
via4
|
bid | 18345 | confirm | | debian | DSA-1101 | gentoo | GLSA-200608-06 | sectrack | 1016248 | secunia | | ubuntu | USN-294-1 | vupen | ADV-2006-2214 | xf | courier-usernames-dos(26998) |
|
Last major update |
03-10-2018 - 21:41 |
Published |
30-05-2006 - 19:02 |
Last modified |
03-10-2018 - 21:41 |