[CVE-2008-1648] denial of service via crafted Content-Type header
Bug #216591 reported by
William Grant
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sympa (Debian) |
Fix Released
|
Unknown
|
|||
sympa (Ubuntu) |
Fix Released
|
High
|
Emanuele Gentili | ||
Dapper |
Won't Fix
|
Undecided
|
Unassigned | ||
Edgy |
Won't Fix
|
Undecided
|
Unassigned | ||
Feisty |
Won't Fix
|
Undecided
|
Unassigned | ||
Gutsy |
Fix Released
|
Medium
|
Emanuele Gentili | ||
Hardy |
Fix Released
|
High
|
Emanuele Gentili |
Bug Description
Binary package hint: sympa
It's likely that all releases are affected.
CVE-2008-1648:
"Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message with a malformed value of the Content-Type header and unspecified other headers. NOTE: some of these details are obtained from third party information."
CVE References
Changed in sympa: | |
importance: | Undecided → High |
status: | New → Confirmed |
status: | New → Confirmed |
Changed in sympa: | |
status: | New → Confirmed |
Changed in sympa: | |
status: | Unknown → Fix Released |
Changed in sympa: | |
status: | In Progress → Fix Released |
Changed in sympa: | |
status: | Confirmed → Won't Fix |
To post a comment you must log in.
ubuntu- universe- sponsor subscribed for hardy upload.