Signature Detail
Short Name |
SMTP:DOS:GNU-SCRUBBER-UTF8-DOS |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
SMTP |
Keywords |
GNU Mailman Attachment Scrubber UTF8 Filename Denial of Service |
Release Date |
2013/03/12 |
Update Number |
2243 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: GNU Mailman Attachment Scrubber UTF8 Filename Denial of Service
This signature detects attempts to exploit a known vulnerability against GNU Mailman. A successful attack can result in a denial-of-service condition.
Extended Description
GNU Mailman is prone to denial-of-service attacks. This issue affects the attachment-scrubber utility. The vulnerability could be triggered by mailing-list posts and will impact the availability of mailing lists hosted by the application.
Affected Products
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- GNU Mailman 2.0.0
- GNU Mailman 2.0.0 .1
- GNU Mailman 2.0.0 .2
- GNU Mailman 2.0.0 .3
- GNU Mailman 2.0.0 .5
- GNU Mailman 2.0.0 .6
- GNU Mailman 2.0.0 .7
- GNU Mailman 2.0.0 .8
- GNU Mailman 2.0.0 Beta3
- GNU Mailman 2.0.0 Beta4
- GNU Mailman 2.0.0 Beta5
- GNU Mailman 2.0.1
- GNU Mailman 2.0.10
- GNU Mailman 2.0.11
- GNU Mailman 2.0.12
- GNU Mailman 2.0.13
- GNU Mailman 2.0.14
- GNU Mailman 2.0.2
- GNU Mailman 2.0.3
- GNU Mailman 2.0.4
- GNU Mailman 2.0.5
- GNU Mailman 2.0.6
- GNU Mailman 2.0.7
- GNU Mailman 2.0.8
- GNU Mailman 2.0.9
- GNU Mailman 2.1.0
- GNU Mailman 2.1.1
- GNU Mailman 2.1.10 B1
- GNU Mailman 2.1.2
- GNU Mailman 2.1.3
- GNU Mailman 2.1.4
- GNU Mailman 2.1.5
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Linux Mandrake 10.1.0
- Mandriva Linux Mandrake 10.1.0 X86 64
- Mandriva Linux Mandrake 10.2.0
- Mandriva Linux Mandrake 10.2.0 X86 64
- Mandriva Linux Mandrake 2006.0.0
- Mandriva Linux Mandrake 2006.0.0 X86 64
- SGI ProPack 3.0.0 SP6
- SuSE Linux Desktop 1.0.0
- SuSE Linux Personal 10.0.0 OSS
- SuSE Linux Personal 9.0.0
- SuSE Linux Personal 9.0.0 X86 64
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.1.0 X86 64
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 10.0.0
- SuSE Linux Professional 10.0.0 OSS
- SuSE Linux Professional 9.0.0
- SuSE Linux Professional 9.0.0 X86 64
- SuSE Linux Professional 9.1.0
- SuSE Linux Professional 9.1.0 X86 64
- SuSE Linux Professional 9.2.0
- SuSE Linux Professional 9.2.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- SuSE Novell Linux Desktop 9.0.0
- SuSE Open-Enterprise-Server 9.0.0
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- SuSE SuSE Linux Openexchange Server 4.0.0
- SuSE SUSE LINUX Retail Solution 8.0.0
- SuSE SuSE Linux School Server for i386
- SuSE SuSE Linux Standard Server 8.0.0
- Trustix Secure Linux 2.2.0
- Trustix Secure Linux 3.0.0
- Ubuntu Ubuntu Linux 4.1.0 Ia32
- Ubuntu Ubuntu Linux 4.1.0 Ia64
- Ubuntu Ubuntu Linux 4.1.0 Ppc
- Ubuntu Ubuntu Linux 5.0.0 4 Amd64
- Ubuntu Ubuntu Linux 5.0.0 4 I386
- Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
- Ubuntu Ubuntu Linux 5.10.0 Amd64
- Ubuntu Ubuntu Linux 5.10.0 I386
- Ubuntu Ubuntu Linux 5.10.0 Powerpc
References
- BugTraq: 15408
- CVE: CVE-2005-3573
- URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732