libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the = (equals) character, which is not properly handled during encoding.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Courier_mta | Double_precision_incorporated | * | 0.44.2 (including) |
| Courier_mta | Double_precision_incorporated | 0.37.3 (including) | 0.37.3 (including) |
| Courier_mta | Double_precision_incorporated | 0.38.1 (including) | 0.38.1 (including) |
| Courier_mta | Double_precision_incorporated | 0.40 (including) | 0.40 (including) |
| Courier_mta | Double_precision_incorporated | 0.43 (including) | 0.43 (including) |
| Courier_mta | Double_precision_incorporated | 0.43.1 (including) | 0.43.1 (including) |
| Courier_mta | Double_precision_incorporated | 0.43.2 (including) | 0.43.2 (including) |
| Courier_mta | Double_precision_incorporated | 0.44 (including) | 0.44 (including) |
| Courier | Ubuntu | dapper | * |
| Courier | Ubuntu | devel | * |
| Courier | Ubuntu | edgy | * |
| Courier | Ubuntu | feisty | * |