Executive Summary
| Summary | |
|---|---|
| Title | New spamassassin packages fix remote command execution |
| Informations | |||
|---|---|---|---|
| Name | DSA-1090 | First vendor Publication | 2006-06-06 |
| Vendor | Debian | Last vendor Modification | 2006-06-06 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5.1 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability has been discoverd in SpamAssassin, a Perl-based spam filter using text analysis, that can allow remote attackers to execute arbitrary commands. This problem only affects systems where spamd is reachable via the internet and used with vpopmail virtual users, via the "-v" / "--vpopmail" switch, and with the "-P" / "--paranoid" switch which is not the default setting on Debian. The old stable distribution (woody) is not affected by this problem. For the stable distribution (sarge) this problem has been fixed in version 3.0.3-2sarge1. For the volatile archive for the stable distribution (sarge) this problem has been fixed in version 3.1.0a-0volatile3. For the unstable distribution (sid) this problem has been fixed in version 3.1.3-1. We recommend that you upgrade your spamd package. |
Original Source
| Url : http://www.debian.org/security/2006/dsa-1090 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:9184 | |||
| Oval ID: | oval:org.mitre.oval:def:9184 | ||
| Title: | SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username. | ||
| Description: | SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2006-2447 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 3 |
SAINT Exploits
| Description | Link |
|---|---|
| SpamAssassin spamd vpopmail user vulnerability | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2010-04-30 | SpamAssassin spamd Remote Command Execution |
| 2006-06-06 | SpamAssassin spamd <= 3.1.3 Command Injection |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-10-10 | Name : SLES9: Security update for SpamAssassin File : nvt/sles9p5012105.nasl |
| 2009-02-27 | Name : Fedora Update for spamassassin FEDORA-2007-242 File : nvt/gb_fedora_2007_242_spamassassin_fc5.nasl |
| 2009-02-27 | Name : Fedora Update for spamassassin FEDORA-2007-584 File : nvt/gb_fedora_2007_584_spamassassin_fc5.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200606-09 (Spamassassin) File : nvt/glsa_200606_09.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1090-1 (spamassassin) File : nvt/deb_1090_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 26177 | SpamAssassin spamd vpopmail Username Command Injection SpamAssassin contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when sending shell commands in the User filed, resulting in a loss of confidentiality and integrity. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | SpamAssassin spamd vpopmail and paranoid options code execution attempt RuleID : 16040 - Revision : 6 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_spamassassin-1904.nasl - Type : ACT_GATHER_INFO |
| 2007-06-14 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-584.nasl - Type : ACT_GATHER_INFO |
| 2007-02-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-242.nasl - Type : ACT_GATHER_INFO |
| 2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-598.nasl - Type : ACT_GATHER_INFO |
| 2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-658.nasl - Type : ACT_GATHER_INFO |
| 2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1090.nasl - Type : ACT_GATHER_INFO |
| 2006-07-05 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0543.nasl - Type : ACT_GATHER_INFO |
| 2006-06-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200606-09.nasl - Type : ACT_GATHER_INFO |
| 2006-06-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-103.nasl - Type : ACT_GATHER_INFO |
| 2006-06-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0543.nasl - Type : ACT_GATHER_INFO |
| 2006-06-08 | Name : The remote server allows execution of arbitrary commands. File : spamd_vpopmail_cmd_exec.nasl - Type : ACT_ATTACK |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:25:53 |
|
