Vulnerability Name:

CVE-2004-1007 (CCN-17916)

Assigned:2004-11-01
Published:2004-11-01
Updated:2017-07-11
Summary:The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CONFIRM
Type: UNKNOWN
http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01

Source: MITRE
Type: CNA
CVE-2004-1007

Source: CCN
Type: SourceForge.net
Project: bogofilter -- Fast Bayesian Spam Filter: File List

Source: CCN
Type: bogofilter Web page
Project: bogofilter -- Fast Bayesian Spam Filter: Summary

Source: CCN
Type: OSVDB ID: 11296
bogofilter quoted-printable Decoder LF DoS

Source: CCN
Type: BID-11568
Bogofilter EMail Filter Remote Quoted Printable Decoder Denial Of Service Vulnerability

Source: CCN
Type: USN-26-1
bogofilter vulnerability

Source: XF
Type: UNKNOWN
bogofilter-dos(17916)

Source: XF
Type: UNKNOWN
bogofilter-dos(17916)

Source: SUSE
Type: SUSE-SA:2004:040
samba: remote denial of service

Vulnerable Configuration:Configuration 1:
  • cpe:/o:bogofilter:email_filter:0.9.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:bogofilter:email_filter:0.9.0.4:*:*:*:*:*:*:*
  • OR cpe:/o:bogofilter:email_filter:0.9.0.5:*:*:*:*:*:*:*
  • OR cpe:/o:bogofilter:email_filter:0.92:*:*:*:*:*:*:*
  • OR cpe:/o:bogofilter:email_filter:0.92.4:*:*:*:*:*:*:*
  • OR cpe:/o:bogofilter:email_filter:0.92.6:*:*:*:*:*:*:*
  • OR cpe:/o:bogofilter:email_filter:0.92.7:*:*:*:*:*:*:*
  • OR cpe:/o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*
  • OR cpe:/o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    bogofilter email filter 0.9.0.3
    bogofilter email filter 0.9.0.4
    bogofilter email filter 0.9.0.5
    bogofilter email filter 0.92
    bogofilter email filter 0.92.4
    bogofilter email filter 0.92.6
    bogofilter email filter 0.92.7
    ubuntu ubuntu linux 4.1
    ubuntu ubuntu linux 4.1