Denial of service in Qmail by specifying a large number of recipients with the RCPT command.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| qmail_project | qmail | - |
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| qmail_project | qmail | - |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| dan_bernstein | qmail | * |
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 20.04 |