Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allows remote attackers to cause a denial of service (application freeze) by sending invalid posts.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Brightmail_antispam | Symantec | 4.0 (including) | 4.0 (including) |
| Brightmail_antispam | Symantec | 5.5 (including) | 5.5 (including) |
| Brightmail_antispam | Symantec | 6.0 (including) | 6.0 (including) |
| Brightmail_antispam | Symantec | 6.0.1 (including) | 6.0.1 (including) |
References
- http://secunia.com/advisories/21223
- http://securityresponse.symantec.com/avcenter/security/Content/2006.07.27.html
- http://securitytracker.com/id?1016600
- http://www.securityfocus.com/bid/19182
- http://www.vupen.com/english/advisories/2006/3018
- http://secunia.com/advisories/21223
- http://securityresponse.symantec.com/avcenter/security/Content/2006.07.27.html
- http://securitytracker.com/id?1016600
- http://www.securityfocus.com/bid/19182
- http://www.vupen.com/english/advisories/2006/3018