SMTP: Text Line Overflow
This protocol anomaly triggers when it detects a text line (in the data section) in an SMTP connection that is too long. This can indicate a buffer overflow attempt.
Extended Description
SpamAssassin is reported prone to a remote denial of service vulnerability. Full details regarding this vulnerability are not known. A remote attacker may potentially exploit this vulnerability to deny service to a target SpamAssassin service. SpamAssassin versions prior to 2.64 are reported vulnerable to this issue. This BID will be updated as further details regarding this vulnerability are announced.
Affected Products
Spamassassin spamassassin
Short Name
SMTP:OVERFLOW:TEXT-LINE-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2007-5094 CVE-2010-3407 CVE-2015-1903 LINE OVERFLOW SMTP TEXT bid:10957
Release Date
08/27/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3689
False Positive
Frequently
Vendors
Red_hat
Spamassassin
CVSS Score
7.5