Vulnerabilities > Amavis

DATE CVE VULNERABILITY TITLE RISK
2007-05-09 CVE-2007-1673 Resource Management Errors vulnerability in multiple products
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
7.8
2007-05-09 CVE-2007-1669 Remote Denial of Service vulnerability in Multiple Vendors Zoo Compression Algorithm
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
network
low complexity
barracuda-networks amavis
7.8
2007-04-13 CVE-2007-2026 Denial of Service vulnerability in File
The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported for AMaViS.
network
low complexity
amavis gentoo
7.8
2002-10-04 CVE-2002-1109 Denial-Of-Service vulnerability in Virus Scanner
securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.
local
low complexity
amavis
2.1
1999-12-31 CVE-1999-1512 Unspecified vulnerability in Amavis Virus Scanner
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
network
low complexity
amavis
critical
10.0