Dan Bernstein: Security Vulnerabilities
commands.c in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SMTP command without a space character, which causes an array to be referenced with a negative index.
CVSS Score
5.0
EPSS Score
0.05
Published
2005-05-11
Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of SMTP RCPT TO commands.
CVSS Score
5.0
EPSS Score
0.047
Published
2005-05-11
Denial of service in Qmail through long SMTP commands.
CVSS Score
10.0
EPSS Score
0.005
Published
1997-07-01