|Number of vulnerabilities||1|
|CVE ID|| CVE-2018-18956
|Public exploit||This vulnerability is being exploited in the wild.|
|Vulnerable software versions||
|Vendor URL||Open Information Security Foundation|
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to segmentation fault in the ProcessMimeEntity function in util-decode-mime.c when handling malicious input. A remote attacker can supply specially crafted input to the SMTP parser, trigger segfault and cause daemon crash.
Note: according to MITRE statement, the vulnerability has been exploited in the wild in November 2018.
Update to version 4.1.External links