Executive Summary

Summary
Title spamassassin security update
Informations
Name RHSA-2005:498 First vendor Publication 2005-06-23
Vendor RedHat Last vendor Modification 2005-06-23
Severity (Vendor) Moderate Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An updated spamassassin package that fixes a denial of service bug when parsing malformed messages is now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

SpamAssassin provides a way to reduce unsolicited commercial email (SPAM) from incoming email.

A denial of service bug has been found in SpamAssassin. An attacker could construct a message in such a way that would cause SpamAssassin to consume CPU resources. If a number of these messages were sent it could lead to a denial of service, potentially preventing the delivery or filtering of email. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1266 to this issue.

SpamAssassin version 3.0.4 additionally solves a number of bugs including: - - #156390 Spamassassin consumes too much memory during learning - - #155423 URI blacklist spam bypass - - #147464 Users may now disable subject rewriting - - Smarter default Bayes scores - - Numerous other bug fixes that improve spam filter accuracy and safety

For full details, please refer to the change details of 3.0.2, 3.0.3, and 3.0.4 in SpamAssassin's online documentation at the following address: http://wiki.apache.org/spamassassin/NextRelease

Users of SpamAssassin should update to this updated package, containing version 3.0.4 which is not vulnerable to this issue and resolves these bugs.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

147464 - spamassassin no longer allows disabling subject rewriting 151433 - spamd generate child processes which occupies all memory 159198 - CAN-2005-1266 spamassassin DoS

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2005-498.html

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10901
 
Oval ID: oval:org.mitre.oval:def:10901
Title: Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
Description: Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
Family: unix Class: vulnerability
Reference(s): CVE-2005-1266
 Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

OpenVAS Exploits

Date Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200506-17 (SpamAssassin, Vipul's Razor)
File : nvt/glsa_200506_17.nasl
2008-09-04 Name : FreeBSD Ports: p5-Mail-SpamAssassin
File : nvt/freebsd_p5-Mail-SpamAssassin0.nasl
2008-01-17 Name : Debian Security Advisory DSA 736-1 (spamassassin)
File : nvt/deb_736_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
17346 SpamAssassin Message Header Processing Overflow DoS

Snort® IPS/IDS

Date Description
2014-01-10 SpamAssassin malformed email header DoS attempt
RuleID : 15954 - Revision : 11 - Type : SERVER-MAIL

Nessus® Vulnerability Scanner

Date Description
2012-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-773.nasl - Type : ACT_GATHER_INFO
2006-07-05 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2005-498.nasl - Type : ACT_GATHER_INFO
2005-07-20 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2005_033.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_cc4ce06be01c11d9a8bd000cf18bbe54.nasl - Type : ACT_GATHER_INFO
2005-07-01 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-736.nasl - Type : ACT_GATHER_INFO
2005-06-28 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-106.nasl - Type : ACT_GATHER_INFO
2005-06-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-498.nasl - Type : ACT_GATHER_INFO
2005-06-21 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200506-17.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:49:25
  • Multiple Updates