Debian LTS 8: DLA-2234-1 Moderate: Netqmail Denial Of Service
debian lts
June 4, 2020
There were several CVE bugs reported against src:netqmail
Summary
CVE-2005-1513
Integer overflow in the stralloc_readyplus function in qmail,
when running on 64 bit platforms with a large amount of virtual
memory, allows remote attackers to cause a denial of service
and possibly execute arbitrary code via a large SMTP request.
CVE-2005-1514
commands.c in qmail, when running on 64 bit platforms with a
large amount of virtual memory, allows remote attackers to
cause a denial of service and possibly execute arbitrary code
via a long SMTP command without a space character, which causes
an array to be referenced with a negative index.
CVE-2005-1515
Integer signedness error in the qmail_put and substdio_put
functions in qmail, when running on 64 bit platforms with a
large amount of virtual memory, allows remote attackers to
cause a denial of service and possibly execute arbitrary code
via a large number of SMTP RCPT TO commands.
CVE-2020-3811
qmail-verify as used in netqmail 1.06 is prone to a
PREVIOUS 
NEXT Package: netqmail
Version: 1.06-6.2~deb8u1
CVE ID: CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811
Debian Bug: 961060
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!