Executive Summary
Summary | |
---|---|
Title | New spamassassin packages fix remote command execution |
Informations | |||
---|---|---|---|
Name | DSA-1090 | First vendor Publication | 2006-06-06 |
Vendor | Debian | Last vendor Modification | 2006-06-06 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.1 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability has been discoverd in SpamAssassin, a Perl-based spam filter using text analysis, that can allow remote attackers to execute arbitrary commands. This problem only affects systems where spamd is reachable via the internet and used with vpopmail virtual users, via the "-v" / "--vpopmail" switch, and with the "-P" / "--paranoid" switch which is not the default setting on Debian. The old stable distribution (woody) is not affected by this problem. For the stable distribution (sarge) this problem has been fixed in version 3.0.3-2sarge1. For the volatile archive for the stable distribution (sarge) this problem has been fixed in version 3.1.0a-0volatile3. For the unstable distribution (sid) this problem has been fixed in version 3.1.3-1. We recommend that you upgrade your spamd package. |
Original Source
Url : http://www.debian.org/security/2006/dsa-1090 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9184 | |||
Oval ID: | oval:org.mitre.oval:def:9184 | ||
Title: | SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username. | ||
Description: | SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-2447 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
SAINT Exploits
Description | Link |
---|---|
SpamAssassin spamd vpopmail user vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2010-04-30 | SpamAssassin spamd Remote Command Execution |
2006-06-06 | SpamAssassin spamd <= 3.1.3 Command Injection |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for SpamAssassin File : nvt/sles9p5012105.nasl |
2009-02-27 | Name : Fedora Update for spamassassin FEDORA-2007-242 File : nvt/gb_fedora_2007_242_spamassassin_fc5.nasl |
2009-02-27 | Name : Fedora Update for spamassassin FEDORA-2007-584 File : nvt/gb_fedora_2007_584_spamassassin_fc5.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200606-09 (Spamassassin) File : nvt/glsa_200606_09.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1090-1 (spamassassin) File : nvt/deb_1090_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
26177 | SpamAssassin spamd vpopmail Username Command Injection SpamAssassin contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when sending shell commands in the User filed, resulting in a loss of confidentiality and integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | SpamAssassin spamd vpopmail and paranoid options code execution attempt RuleID : 16040 - Revision : 6 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_spamassassin-1904.nasl - Type : ACT_GATHER_INFO |
2007-06-14 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-584.nasl - Type : ACT_GATHER_INFO |
2007-02-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-242.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-598.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-658.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1090.nasl - Type : ACT_GATHER_INFO |
2006-07-05 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0543.nasl - Type : ACT_GATHER_INFO |
2006-06-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200606-09.nasl - Type : ACT_GATHER_INFO |
2006-06-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-103.nasl - Type : ACT_GATHER_INFO |
2006-06-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0543.nasl - Type : ACT_GATHER_INFO |
2006-06-08 | Name : The remote server allows execution of arbitrary commands. File : spamd_vpopmail_cmd_exec.nasl - Type : ACT_ATTACK |
Alert History
Date | Informations |
---|---|
2014-02-17 11:25:53 |
|