Vulnerabilities > CVE-2009-0770 - Remote Denial of Service vulnerability in dkim-milter 'p' flag
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
dkim-milter 2.6.0 through 2.8.0 allows remote attackers to cause a denial of service (crash) by signing a message with a key that has been revoked in DNS, which triggers an assertion error.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-1728.NASL |
description | It was discovered that dkim-milter, an implementation of the DomainKeys Identified Mail protocol, may crash during DKIM verification if it encounters a specially crafted or revoked public key record in DNS. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 35752 |
published | 2009-03-02 |
reporter | This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/35752 |
title | Debian DSA-1728-1 : dkim-milter - improper assertion |
References
- http://secunia.com/advisories/33581
- http://secunia.com/advisories/34053
- http://sourceforge.net/project/shownotes.php?release_id=654247
- http://sourceforge.net/tracker/index.php?func=detail&aid=2508602&group_id=139420&atid=744358
- http://www.debian.org/security/2009/dsa-1728
- http://www.openwall.com/lists/oss-security/2009/03/01/1
- http://www.securityfocus.com/bid/33337
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48085