Launchpad CVE tracker

CVE 2008-1648

Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message with a malformed value of the Content-Type header and unspecified other headers. NOTE: some of these details are obtained from third party information.

Related bugs and status

CVE-2008-1648 (Candidate) is related to these bugs:

Bug #216591: [CVE-2008-1648] denial of service via crafted Content-Type header

		In	Importance	Status
216591	[CVE-2008-1648] denial of service via crafted Content-Type header	sympa (Ubuntu)	High	Fix Released
216591	[CVE-2008-1648] denial of service via crafted Content-Type header	sympa (Debian)	Unknown	Fix Released
216591	[CVE-2008-1648] denial of service via crafted Content-Type header	sympa (Ubuntu Dapper)	Undecided	Won't Fix
216591	[CVE-2008-1648] denial of service via crafted Content-Type header	sympa (Ubuntu Edgy)	Undecided	Won't Fix
216591	[CVE-2008-1648] denial of service via crafted Content-Type header	sympa (Ubuntu Feisty)	Undecided	Won't Fix
216591	[CVE-2008-1648] denial of service via crafted Content-Type header	sympa (Ubuntu Hardy)	High	Fix Released
216591	[CVE-2008-1648] denial of service via crafted Content-Type header	sympa (Ubuntu Gutsy)	Medium	Fix Released

Bug #227260: Please sync sympa 5.3.4-5 (universe) from Debian unstable (main).

Summary				In	Importance	Status
	227260	Please sync sympa 5.3.4-5 (universe) from Debian unstable (main).		sympa (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-1648

References