CVE-2005-1514

Name of the Vulnerable Software and Affected Versions netqmail (affected versions not specified) qmail (affected versions not specified)

Description The issue is related to a buffer overflow in the stralloc readyplus function in commands.c, which can cause a denial of service. It may also allow remote attackers to execute arbitrary code via a long SMTP command without a space character, causing an array to be referenced with a negative index.

Recommendations For netqmail, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For qmail, consider restricting access to the stralloc readyplus function in commands.c to minimize the risk of exploitation until a patch is available.