Vulnerabilities > CVE-2021-35525 - Unspecified vulnerability in Postsrsd Project Postsrsd

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

postsrsd-project

NVD

Published: 2021-06-28

Updated: 2021-09-20

Summary

PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."

Vulnerable Configurations

Part	Description	Count
Application	Postsrsd_Project Postsrsd Project Postsrsd 1.0 Postsrsd Project Postsrsd 1.1 Postsrsd Project Postsrsd 1.2 Postsrsd Project Postsrsd 1.3 Postsrsd Project Postsrsd 1.4 Postsrsd Project Postsrsd 1.5 Postsrsd Project Postsrsd 1.6 Postsrsd Project Postsrsd 1.7 Postsrsd Project Postsrsd 1.8 Postsrsd Project Postsrsd 1.9 Postsrsd Project Postsrsd 1.10	11

Summary

Vulnerable Configurations

References