| Vulnerability Name: | CVE-2005-3351 (CCN-23048) | ||||||||||||||||
| Assigned: | 2005-09-05 | ||||||||||||||||
| Published: | 2005-09-05 | ||||||||||||||||
| Updated: | 2017-10-11 | ||||||||||||||||
| Summary: | SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl. | ||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2005-3351 Source: CCN Type: SpamAssassin - Original Advisory Bugzilla Bug 4570 Mail with lots of To addresses in header triggers Bus error in Perl Source: MISC Type: UNKNOWN http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570 Source: FEDORA Type: Patch, Vendor Advisory FEDORA-2005-1065 Source: OSVDB Type: UNKNOWN 11581 Source: CCN Type: RHSA-2006-0129 spamassassin security update Source: CCN Type: SA17386 SpamAssassin Long Message Header Denial of Service Source: SECUNIA Type: UNKNOWN 17386 Source: SECUNIA Type: UNKNOWN 17518 Source: SECUNIA Type: UNKNOWN 17626 Source: SECUNIA Type: UNKNOWN 17666 Source: SECUNIA Type: UNKNOWN 17877 Source: SECUNIA Type: UNKNOWN 19158 Source: CCN Type: SpamAssassin: Downloads The Apache SpamAssassin Project Source: CCN Type: SpamAssassin - Welcome to SpamAssassin The Apache SpamAssassin Project Source: CCN Type: ASA-2006-068 spamassassin security update (RHSA-2006-0129) Source: MLIST Type: Patch, Vendor Advisory [spamassassin-devel] 20051101 [Bug 4570] Mail with lots of To addresses in header triggers Bus error in Perl [CVE-2005-3351] Source: MANDRAKE Type: UNKNOWN MDKSA-2005:221 Source: SUSE Type: UNKNOWN SUSE-SR:2005:027 Source: CCN Type: OSVDB ID: 11581 SpamAssassin Email Domain Address Saturation DoS Source: CCN Type: OReilly Media, Inc. Perl.com The Source for Perl Source: REDHAT Type: UNKNOWN RHSA-2006:0129 Source: BID Type: UNKNOWN 15373 Source: CCN Type: BID-15373 SpamAssassin Bus Error Spam Detection Bypass Vulnerability Source: VUPEN Type: UNKNOWN ADV-2005-2364 Source: XF Type: UNKNOWN spamassassin-message-recipients-dos(23048) Source: XF Type: UNKNOWN spamassassin-message-recipients-dos(23048) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11125 Source: SUSE Type: SUSE-SR:2005:027 SUSE Security Summary Report | ||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||