Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Gnu
  • Mailman
Redhat
  • Enterprise Linux
Sgi
  • Propack

Configuration 1 [-]

OR cpe:2.3:a:gnu:mailman:1.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0:beta4:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0:beta5:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1:*:*:*:*:*:*:*
cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2004:019 2004-02-09T00:00:00Z
Red Hat Enterprise Linux ES version 2.1
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2004:019 2004-02-09T00:00:00Z
Red Hat Linux Advanced Workstation 2.1
cpe:/o:redhat:enterprise_linux:2.1 RHSA-2004:019 2004-02-09T00:00:00Z
References
Link Providers
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc cve-icon cve-icon
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 cve-icon cve-icon
http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html cve-icon cve-icon
http://www.debian.org/security/2004/dsa-436 cve-icon cve-icon
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2004-019.html cve-icon cve-icon
http://www.securityfocus.com/bid/9620 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/15106 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2003-0991 cve-icon
https://www.cve.org/CVERecord?id=CVE-2003-0991 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2024-08-08T02:12:35.459Z

Reserved: 2003-12-16T00:00:00

Link: CVE-2003-0991

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-03-03T05:00:00.000

Modified: 2017-10-10T01:30:15.437

Link: CVE-2003-0991

cve-icon Redhat

Severity : Important

Publid Date: 2004-02-09T00:00:00Z

Links: CVE-2003-0991 - Bugzilla