Dan Bernstein : Security Vulnerabilities, CVEs, (Code Execution)
Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of SMTP RCPT TO commands.
Max CVSS
5.0
EPSS Score
4.29%
Published
2005-05-11
Updated
2020-10-05
commands.c in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SMTP command without a space character, which causes an array to be referenced with a negative index.
Max CVSS
5.0
EPSS Score
6.40%
Published
2005-05-11
Updated
2020-10-05
2 vulnerabilities found