Affected Versions:
Bogofilter <= 1.2.1
Vulnerability description:
Bugtraq id: 41339Bogofilter is a package used to filter spam. When bogofilter processes Base64 encoded strings starting with equal signs (=), there is a single-byte overflow that can eventually cause heap memory corruption.
Vulnerabilities,
Attackers can send malicious email messages, causing the vulnerability to crash the bogofilter application.
<* Reference
Matthias Andree (
Matthias.andree@gmx.de)
Http://secunia.com/advisories/40427/
Http://bogofilter.svn.sourceforge.net/viewvc/bogofilter/trunk/bogofilter/doc/bogofilter-SA-2010-01? Revision = 6909 & pathrev = 6909
*>Security suggestions:
Vendor patch: Bogofilter ---------- the current manufacturer has released the upgrade patch to fix this security problem, please download to the vendor's home page: https://sourceforge.net/project/showfiles.php? Group_id = 62265