Security
Security
A buffer overflow in spamdyke might allow remote attackers to execute arbitrary code.
| Package | mail-filter/spamdyke on all architectures |
|---|---|
| Affected versions | < 4.3.0 |
| Unaffected versions | >= 4.3.0 |
spamdyke is a drop-in connection-time spam filter for qmail.
Boundary errors related to the "snprintf()" and "vsnprintf()" functions in spamdyke could cause a buffer overflow.
A remote attacker could possibly execute arbitrary code or cause a Denial of Service.
There is no known workaround at this time.
All spamdyke users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-filter/spamdyke-4.3.0"
Release date
March 06, 2012
Latest revision
March 06, 2012: 1
Severity
high
Exploitable
remote
Bugzilla entries