thr3ads.net - Secure testing commits - [Secure-testing-commits] r3226

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2006-Jan-04 13:30 UTC

[Secure-testing-commits] r3226 - data/CVE

Author: jmm-guest
Date: 2006-01-04 13:30:23 +0000 (Wed, 04 Jan 2006)
New Revision: 3226

Modified:
   data/CVE/list
Log:
adjust severity for spamassassin dos


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-01-04 13:13:38 UTC (rev 3225)
+++ data/CVE/list	2006-01-04 13:30:23 UTC (rev 3226)
@@ -3393,7 +3393,9 @@
 	NOTE: Version(s): prior to 1.3.35-dev, 2.0.56-dev are affected
 	NOTE: Means oldstable and stable are affected
 CVE-2005-3351 (SpamAssassin 3.0.4 allows attackers to bypass spam detection via
an ...)
-	- spamassassin 3.1.0a-1 (bug #339526; medium)
+	- spamassassin 3.1.0a-1 (bug #339526; low)
+	NOTE: The DoS is only effective for the single message containing the crafted
+	NOTE: To: line, not for the whole process
 CVE-2005-3350 (libungif library before 4.1.0 allows attackers to corrupt memory
and ...)
 	{DSA-890-1}
 	- libungif4 4.1.3-4 (bug #337972; high)

Secure testing commits - Jan 2006 - r3226 - data/CVE

[Secure-testing-commits] r3226 - data/CVE