PT-2020-5518 · Postsrsd+2 · Postsrsd+2

Roehling

Published

2020-12-12

Updated

2024-06-15

CVE-2020-35573

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions PostSRSd versions prior to 1.10

Description The issue in the srs2.c file of PostSRSd allows remote attackers to cause a denial of service by consuming CPU resources. This can be achieved via a long timestamp tag in an SRS address. The exploitation of this issue may lead to a denial of service due to uncontrolled resource consumption.

Recommendations For versions prior to 1.10, update to version 1.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the srs2.c file or disabling the functionality that handles SRS addresses with timestamp tags until a patch is available.

Fix

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-834CWE-400

Related Identifiers

BDU:2021-01030

CVE-2020-35573

DLA-2502-1

OPENSUSE-SU-2021:0646-1

OPENSUSE-SU-2021:0669-1

OPENSUSE-SU-2021:1642-1

OPENSUSE-SU-2021_0646-1

OPENSUSE-SU-2024:11188-1

USN-4730-1

Affected Products

Postsrsd

Suse

Ubuntu

PT-2020-5518 · Postsrsd+2 · Postsrsd+2

CVE-2020-35573

Weakness Enumeration

Related Identifiers

Affected Products

References · 29