Denial of Service in SpamAssassin by Perl via Excessive Email Recipients
CVE-2005-3351

Currently unrated

Key Information:

Vendor

Apache
Status
Spamassassin
Vendor
CVE Published:
20 November 2005

What is CVE-2005-3351?

An identified flaw in SpamAssassin 3.0.4 enables attackers to circumvent spam detection mechanisms. By sending an email containing a large number of recipients in the 'To' field, it triggers a bus error in the Perl interpreter. This failure may result in a Denial of Service, effectively disrupting the email processing capabilities of the affected system. Users of this version are advised to apply updates or patches to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/23048
vdb-entryx_refsource_XF
http://secunia.com/advisories/17518/
third-party-advisoryx_refsource_SECUNIA
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
x_refsource_MISC

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.