PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-28T17:38:24
Updated: 2024-08-04T00:40:46.380Z
Reserved: 2021-06-28T00:00:00
Link: CVE-2021-35525
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-06-28T18:15:08.030
Modified: 2024-11-21T06:12:26.560
Link: CVE-2021-35525
Redhat
No data.