cbcvebase.
CVE-2005-2151
published 2005-07-06

CVE-2005-2151: spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause…

PriorityP416medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
0.92%
55.8th percentile
spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption.

Affected

12 ranges
VendorProductVersion rangeFixed in
debiancourier< courier 0.47-6 (bookworm)courier 0.47-6 (bookworm)
double_precision_incorporatedcourier_mail_server
double_precision_incorporatedcourier_mail_server
double_precision_incorporatedcourier_mail_server
double_precision_incorporatedcourier_mail_server
double_precision_incorporatedcourier_mail_server
double_precision_incorporatedcourier_mail_server
double_precision_incorporatedcourier_mail_server
double_precision_incorporatedcourier_mail_server>= 0 < 0.47-60.47-6
double_precision_incorporatedcourier_mail_server>= 0 < 0.47-60.47-6
double_precision_incorporatedcourier_mail_server>= 0 < 0.47-60.47-6
double_precision_incorporatedcourier_mail_server>= 0 < 0.47-60.47-6

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.