[Bug 1180251] New: VUL-0: CVE-2020-35573: postsrsd: DoS via a long timestamp tag in an SRS address
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251 Bug ID: 1180251 Summary: VUL-0: CVE-2020-35573: postsrsd: DoS via a long timestamp tag in an SRS address Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.2 Hardware: Other URL: https://smash.suse.de/issue/273807/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: abergmann@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2020-35573 srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35573 https://github.com/roehling/postsrsd/commit/4733fb11f6bec6524bb8518c5e1a6992... https://lists.debian.org/debian-lts-announce/2020/12/msg00031.html -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251
Alexander Bergmann
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251#c1
--- Comment #1 from OBSbugzilla Bot
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251#c2
--- Comment #2 from OBSbugzilla Bot
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251#c6
Andreas Stieger
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251#c7
Andreas Stieger
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251
http://bugzilla.opensuse.org/show_bug.cgi?id=1180251#c8
--- Comment #8 from OBSbugzilla Bot
participants (1)
-
bugzilla_noreply@suse.com