Vulnerability Description
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this issue crosses privilege boundaries, so this might not be a vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kolab | Kolab Groupware Server | 2.0.0 |
References
- http://kolab.org/security/kolab-vendor-notice-07.txtExploit
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:013
- http://www.osvdb.org/22538
- http://kolab.org/security/kolab-vendor-notice-07.txtExploit
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:013
- http://www.osvdb.org/22538
FAQ
What is CVE-2005-4828?
CVE-2005-4828 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and...
How severe is CVE-2005-4828?
CVE-2005-4828 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4828?
Check the references section above for vendor advisories and patch information. Affected products include: Kolab Kolab Groupware Server.