Signature Detail

SMTP: SpamAssassin Content-Type Denial of Service

This signature detects a malformed e-mail that can trigger a denial-of-service condition within the SpamAssassin daemon. This attack could be used to disable the spam filtering system of a mail server.

Extended Description

SpamAssassin is prone to a remote denial-of-service vulnerability because the application fails to properly handle overly long email headers. Further details regarding this vulnerability are currently not available. This BID will be updated as more information is disclosed. An attacker may cause SpamAssassin to take inordinate amounts of time to check a specially crafted email message. By sending many malicious messages, the attacker may be able to cause extremely large delays in email delivery, denying service to legitimate users.

Affected Products

• Gentoo Linux
• Mandriva Linux Mandrake 10.1.0
• Mandriva Linux Mandrake 10.1.0 X86 64
• Mandriva Linux Mandrake 10.2.0
• Mandriva Linux Mandrake 10.2.0 X86 64
• Red Hat Desktop 4.0.0
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 4
• Red Hat Fedora Core1
• Red Hat Fedora Core3
• Red Hat Fedora Core4
• SpamAssassin 2.40.0
• SpamAssassin 2.41.0 0
• SpamAssassin 2.42.0 0
• SpamAssassin 2.43.0 0
• SpamAssassin 2.44.0
• SpamAssassin 2.50.0 0
• SpamAssassin 2.55.0
• SpamAssassin 2.60.0
• SpamAssassin 2.63.0
• SpamAssassin 3.0.1
• SpamAssassin 3.0.2
• SpamAssassin 3.0.3
• SuSE Linux Personal 9.2.0
• SuSE Linux Personal 9.2.0 X86 64
• SuSE Linux Personal 9.3.0
• SuSE Linux Personal 9.3.0 X86 64
• SuSE Linux Professional 9.2.0
• SuSE Linux Professional 9.2.0 X86 64
• SuSE Linux Professional 9.3.0
• SuSE Linux Professional 9.3.0 X86 64

References

• BugTraq: 13978
• CVE: CVE-2005-1266
• URL: http://www.mandriva.com/en/support/security/advisories/advisory/MDKSA-2005:106/?name=MDKSA-2005:106
• URL: http://www.vuxml.org/freebsd/cc4ce06b-e01c-11d9-a8bd-000cf18bbe54.html