CVE-2008-7258

The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character.  NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
anibal_monsalve_salazssmtp
2.61
anibal_monsalve_salazssmtp
2.62
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ssmtp
bullseye
unimportant
bookworm
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ssmtp
lucid
ignored
karmic
ignored
jaunty
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045407.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045422.html
http://marc.info/?l=oss-security&m=128013391907262&w=2
http://marc.info/?l=oss-security&m=128017258305041&w=2
http://marc.info/?l=oss-security&m=128077707318085&w=2
http://patch-tracker.debian.org/patch/series/view/ssmtp/2.62-3/345780-standardise-bufsize
http://secunia.com/advisories/41009
http://www.openwall.com/lists/oss-security/2010/08/19/6
http://www.securityfocus.com/bid/41965
https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424
https://bugzilla.redhat.com/show_bug.cgi?id=582236
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-7258
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045407.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045422.html
http://marc.info/?l=oss-security&m=128013391907262&w=2
http://marc.info/?l=oss-security&m=128017258305041&w=2
http://marc.info/?l=oss-security&m=128077707318085&w=2
http://patch-tracker.debian.org/patch/series/view/ssmtp/2.62-3/345780-standardise-bufsize
http://secunia.com/advisories/41009
http://www.openwall.com/lists/oss-security/2010/08/19/6
http://www.securityfocus.com/bid/41965
https://bugs.launchpad.net/ubuntu/+source/ssmtp/+bug/282424
https://bugzilla.redhat.com/show_bug.cgi?id=582236
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-7258