CVE-2008-1648Improper Input Validation in Sympa

CWE-20Improper Input Validation4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
2.2%
top 15.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SympaDebian Sympa
Timeline
PublishedApr 2
Latest updateMay 1

Description

Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message with a malformed value of the Content-Type header and unspecified other headers. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

debiandebian/sympa< sympa 5.3.4-4 (bookworm)
Debiansympa/sympa< 5.3.4-4+3
NVDsympa/sympa129 versions+128

🔴Vulnerability Details

2
GHSA
GHSA-2fgj-xr9x-3qq6: Sympa before 52022-05-01
OSV
CVE-2008-1648: Sympa before 52008-04-02

📋Vendor Advisories

1
Debian
CVE-2008-1648: sympa - Sympa before 5.4 allows remote attackers to cause a denial of service (daemon cr...2008
CVE-2008-1648 — Improper Input Validation in Sympa | cvebase