VYPR
Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026

CVE-2005-1127

CVE-2005-1127

Description

Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Postgrey/Postgrey4 versions
    cpe:2.3:a:postgrey:postgrey:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:postgrey:postgrey:*:*:*:*:*:*:*:*range: <=1.16
    • cpe:2.3:a:postgrey:postgrey:1.17:*:*:*:*:*:*:*
    • cpe:2.3:a:postgrey:postgrey:1.18:*:*:*:*:*:*:*
    • (no CPE)range: <=1.18
  • Range: <=0.87

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.