CVE Vulnerabilities

CVE-2020-35573

Excessive Iteration

Published: Dec 20, 2020 | Modified: Apr 26, 2022
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address.

Weakness

The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

Affected Software

Name Vendor Start Version End Version
Postsrsd Postsrsd_project * 1.10 (excluding)
Postsrsd Ubuntu bionic *
Postsrsd Ubuntu groovy *
Postsrsd Ubuntu hirsute *
Postsrsd Ubuntu impish *
Postsrsd Ubuntu kinetic *
Postsrsd Ubuntu trusty *
Postsrsd Ubuntu upstream *
Postsrsd Ubuntu xenial *

References