Timo Röhling

2 exploits Active since Dec 2020
CVE-2020-35573 WRITEUP HIGH WRITEUP
PostSRSd < 1.10 - Denial of Service via Long Timestamp Tag in SRS Address
srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address.
CVSS 7.5
CVE-2021-35525 WRITEUP MEDIUM WRITEUP
postsrsd < 1.11 - Denial of Service via Long Data Fields
PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges "theoretically, this error should never occur ... I'm not sure if there's a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless."
CVSS 5.3