Package spampd Tags 332259 +security Severity 332259 critical Thanks Richard Wohlstadter wrote on 05/10/2005 16:56:
I will look into this issue as soon as possible, but due to some technical difficulties, I might not get a chance to actually do so until Tue, Oct. 18th 05. I see this issue as a security issue (Denial of service), but if I don't get to dig into the issue tomorrow, it is likely that I'm cut off from the net until Tuesday after next. Regards, Sven CC'ed the security and testing-security teams on this. Will try to give feedback on wether or not I will be able to fix this in time tomorrow. > Package: spampd > Version: 2.20-9 > > When processing an email with the following message id: > > Message-ID: <[EMAIL PROTECTED]> > > spampd would fail to process throwing the following error: > > Oct 4 16:38:29 linuscs32 spampd[30364]: WARNING!! Error in > process_request eval block: Modification of a read-only value attempted > at /usr/lib/perl/5.8/Sys/Syslog.pm line 312, <_GEN_18> line 67 > > I removed the %(percent) sign from the message id and it worked so I > assume having a % in the message id is causing the problem. Possibly an > issue with syslog.pm using printf and misinterpreting the %?? > > I am on Debian Sarge, vanilla kernel 2.6.10 and libc6 2.3.2.ds1-22 > > Rich Wohlstadter > GSC, Washington U. of St. Louis > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
