Download
| Alert*
oval:org.secpod.oval:def:506521
The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: Malicious rule configuration files can be configured to run system commands For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:89044142 This update for spamassassin fixes the following issues: - spamassassin was updated to version 3.4.5 - CVE-2019-12420: memory leak via crafted messages - CVE-2020-1946: security update oval:org.secpod.oval:def:89044152 This update for spamassassin fixes the following issues: - CVE-2019-12420: memory leak via crafted messages - CVE-2020-1946: security update oval:org.secpod.oval:def:89044166 This update for spamassassin fixes the following issues: - CVE-2019-12420: memory leak via crafted messages - CVE-2020-1946: security update oval:org.secpod.oval:def:71249 spamassassin: Perl-based spam filter using text analysis SpamAssassin could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:71225 Damian Lukowski discovered a flaw in spamassassin, a Perl-based spam filter using text analysis. Malicious rule configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. oval:org.secpod.oval:def:119663 SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system t ... oval:org.secpod.oval:def:119662 SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system t ... oval:org.secpod.oval:def:1801961 In Apache SpamAssassin before 3.4.5, malicious rule configuration files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd par ... oval:org.secpod.oval:def:4501285 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: Malicious rule configuration files can be configured to run system commands For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:1700624 A flaw was found in spamassassin. Malicious rule configuration files can be configured to run system commands without any output or errors allowing exploits to be injected in a number of scenarios. The highest threat from this vulnerability is to data confidentiality and integrity as well as system ... oval:org.secpod.oval:def:89047103 This update for spamassassin fixes the following issues: - CVE-2019-12420: memory leak via crafted messages - CVE-2020-1946: security update oval:org.secpod.oval:def:1505238 [3.4.4-4.el4] - Fix header parsing oval:org.secpod.oval:def:705953 spamassassin: Perl-based spam filter using text analysis SpamAssassin could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:605474 Damian Lukowski discovered a flaw in spamassassin, a Perl-based spam filter using text analysis. Malicious rule configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. oval:org.secpod.oval:def:2500365 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. |