PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-06-28T17:38:24

Updated: 2024-08-04T00:40:46.380Z

Reserved: 2021-06-28T00:00:00

Link: CVE-2021-35525

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-06-28T18:15:08.030

Modified: 2024-11-21T06:12:26.560

Link: CVE-2021-35525

cve-icon Redhat

No data.