CVE-2006-0052

Mailman <= 2.1.5 - Denial of Service via Malformed Multipart MIME Message

Title source: llm
STIX 2.1

Description

The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.

References (16)

Core 16
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19522
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20782
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9475
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17311
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20624
Vendor Advisory vendor-advisory x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1027
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0486.html
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_08_sr.html
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:061
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015851
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19545
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19571
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/267-1/
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24367

Scores

EPSS 0.0641
EPSS Percentile 91.1%

Details

Status published
Products (24)
gnu/mailman 1.0
gnu/mailman 1.1
gnu/mailman 2.0 (4 CPE variants)
gnu/mailman 2.0.1
gnu/mailman 2.0.2
gnu/mailman 2.0.3
gnu/mailman 2.0.4
gnu/mailman 2.0.5
gnu/mailman 2.0.6
gnu/mailman 2.0.7
... and 14 more
Published Mar 31, 2006
Tracked Since Feb 18, 2026