Download
| Alert*
oval:org.secpod.oval:def:704380
spamassassin is installed oval:org.secpod.oval:def:115127 spamassassin is installed oval:org.secpod.oval:def:1801658 spamassassin is installed oval:org.secpod.oval:def:67981 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: crafted configuration files can run system commands without any output or errors * spamassassin: crafted email message can lead to DoS * spamassassin: command injection v ... oval:org.secpod.oval:def:204891 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service * spamassassin: Local user code injection in the meta rule syntax For more ... oval:org.secpod.oval:def:504730 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: crafted configuration files can run system commands without any output or errors * spamassassin: crafted email message can lead to DoS * spamassassin: command injection v ... oval:org.secpod.oval:def:71249 spamassassin: Perl-based spam filter using text analysis SpamAssassin could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:71225 Damian Lukowski discovered a flaw in spamassassin, a Perl-based spam filter using text analysis. Malicious rule configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. oval:org.secpod.oval:def:89003228 This update for spamassassin to version 3.4.2 fixes the following issues: Security issues fixed: - CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails . - CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users . - CVE-2018-11780: Fixed a potential remot ... oval:org.secpod.oval:def:89050322 This update for spamassassin fixes the following issues: Security issues fixed: - CVE-2018-11805: Fixed an issue with delimiter handling in rule files related to is_regexp_valid . - CVE-2020-1930: Fixed an issue with rule configuration files which can be configured to run system commands . - CVE-20 ... oval:org.secpod.oval:def:1600937 A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed.A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin ... oval:org.secpod.oval:def:1700090 A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing th ... oval:org.secpod.oval:def:51160 spamassassin: Perl-based spam filter using text analysis Several security issues were fixed in SpamAssassin. oval:org.secpod.oval:def:502372 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service * spamassassin: Local user code injection in the meta rule syntax For more ... oval:org.secpod.oval:def:115157 SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system t ... oval:org.secpod.oval:def:704376 spamassassin: Perl-based spam filter using text analysis Several security issues were fixed in SpamAssassin. oval:org.secpod.oval:def:115126 SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system t ... oval:org.secpod.oval:def:69945 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. oval:org.secpod.oval:def:69926 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805 Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. CVE-2019-12420 Specially crafted mulitpart m ... oval:org.secpod.oval:def:2500125 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. oval:org.secpod.oval:def:205659 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: crafted email message can lead to DoS For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:4501285 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Security Fix: * spamassassin: Malicious rule configuration files can be configured to run system commands For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:89047103 This update for spamassassin fixes the following issues: - CVE-2019-12420: memory leak via crafted messages - CVE-2020-1946: security update oval:org.secpod.oval:def:1505238 [3.4.4-4.el4] - Fix header parsing oval:org.secpod.oval:def:605474 Damian Lukowski discovered a flaw in spamassassin, a Perl-based spam filter using text analysis. Malicious rule configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. oval:org.secpod.oval:def:2500365 The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. |