{"id": "DEBIAN:DSA-4615-1:6D8C8", "bulletinFamily": "unix", "title": "[SECURITY] [DSA 4615-1] spamassassin security update", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4615-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nFebruary 01, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : spamassassin\nCVE ID : CVE-2020-1930 CVE-2020-1931\nDebian Bug : 950258\n\nTwo vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 3.4.2-1~deb9u3.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 3.4.2-1+deb10u2.\n\nWe recommend that you upgrade your spamassassin packages.\n\nFor the detailed security status of spamassassin please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/spamassassin\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "published": "2020-02-01T19:42:26", "modified": "2020-02-01T19:42:26", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00018.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "type": "debian", "lastseen": "2021-01-11T01:18:15", "edition": 9, "viewCount": 91, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-1930", "CVE-2020-1931"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844325", "OPENVAS:1361412562310877460", "OPENVAS:1361412562310892107", "OPENVAS:1361412562310704615", "OPENVAS:1361412562310877461", "OPENVAS:1361412562310853096"]}, {"type": "ubuntu", "idList": ["USN-4265-1", "USN-4265-2"]}, {"type": "freebsd", "idList": ["E3404A6E-4364-11EA-B643-206A8A720317", "C86BFEE3-4441-11EA-8BE3-54E1AD3D6335"]}, {"type": "nessus", "idList": ["SUSE_SU-2020-0813-1.NASL", "FEDORA_2020-BD20036CDC.NASL", "SUSE_SU-2020-0811-1.NASL", "DEBIAN_DSA-4615.NASL", "UBUNTU_USN-4265-1.NASL", "DEBIAN_DLA-2107.NASL", "FREEBSD_PKG_C86BFEE3444111EA8BE354E1AD3D6335.NASL", "OPENSUSE-2020-446.NASL", "FEDORA_2020-24DAC7D890.NASL", "SUSE_SU-2020-0810-1.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2107-1:76EFB"]}, {"type": "fedora", "idList": ["FEDORA:42C8C608A4A8", "FEDORA:7897B602D540"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0446-1"]}, {"type": "redhat", "idList": ["RHSA-2020:4625"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-4625"]}], "modified": "2021-01-11T01:18:15", "rev": 2}, "score": {"value": 6.2, "vector": "NONE", "modified": "2021-01-11T01:18:15", "rev": 2}, "vulnersScore": 6.2}, "affectedPackage": [{"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "spamc_3.4.2-1~deb9u3_all.deb", "packageName": "spamc", "packageVersion": "3.4.2-1~deb9u3"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "sa-compile_3.4.2-1~deb9u3_all.deb", "packageName": "sa-compile", "packageVersion": "3.4.2-1~deb9u3"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "operator": "lt", "packageFilename": "spamc_3.4.2-1+deb10u2_all.deb", "packageName": "spamc", "packageVersion": "3.4.2-1+deb10u2"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "operator": "lt", "packageFilename": "sa-compile_3.4.2-1+deb10u2_all.deb", "packageName": "sa-compile", "packageVersion": "3.4.2-1+deb10u2"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "operator": "lt", "packageFilename": "spamassassin_3.4.2-1+deb10u2_all.deb", "packageName": "spamassassin", "packageVersion": "3.4.2-1+deb10u2"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "spamassassin_3.4.2-1~deb9u3_all.deb", "packageName": "spamassassin", "packageVersion": "3.4.2-1~deb9u3"}], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T22:03:10", "description": "A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same privileges as spamd is run which may be elevated though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. If you cannot upgrade, do not use 3rd party rulesets, do not use sa-compile and do not run spamd as an account with elevated privileges.", "edition": 13, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-30T18:15:00", "title": "CVE-2020-1930", "type": "cve", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1930"], "modified": "2020-02-02T04:15:00", "cpe": [], "id": "CVE-2020-1930", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1930", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2020-12-09T22:03:10", "description": "A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian Lukowski at credativ for reporting the issue ethically. With this bug unpatched, exploits can be injected in a number of scenarios though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places.", "edition": 13, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-01-30T18:15:00", "title": "CVE-2020-1931", "type": "cve", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1931"], "modified": "2020-02-02T04:15:00", "cpe": [], "id": "CVE-2020-1931", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1931", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}], "openvas": [{"lastseen": "2020-02-06T16:44:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "The remote host is missing an update for the ", "modified": "2020-02-06T00:00:00", "published": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562310844325", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844325", "type": "openvas", "title": "Ubuntu: Security Advisory for spamassassin (USN-4265-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844325\");\n script_version(\"2020-02-06T07:28:53+0000\");\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-06 07:28:53 +0000 (Thu, 06 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-05 04:00:33 +0000 (Wed, 05 Feb 2020)\");\n script_name(\"Ubuntu: Security Advisory for spamassassin (USN-4265-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4265-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-February/005311.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'spamassassin'\n package(s) announced via the USN-4265-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that SpamAssassin incorrectly handled certain CF files.\nIf a user or automated system were tricked into using a specially-crafted\nCF file, a remote attacker could possibly run arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"'spamassassin' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"spamassassin\", ver:\"3.4.2-1ubuntu0.19.10.2\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"spamassassin\", ver:\"3.4.2-0ubuntu0.18.04.3\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"spamassassin\", ver:\"3.4.2-0ubuntu0.16.04.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-20T18:52:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "The remote host is missing an update for the ", "modified": "2020-02-19T00:00:00", "published": "2020-02-19T00:00:00", "id": "OPENVAS:1361412562310892107", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892107", "type": "openvas", "title": "Debian LTS: Security Advisory for spamassassin (DLA-2107-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892107\");\n script_version(\"2020-02-19T04:00:07+0000\");\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-19 04:00:07 +0000 (Wed, 19 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-19 04:00:07 +0000 (Wed, 19 Feb 2020)\");\n script_name(\"Debian LTS: Security Advisory for spamassassin (DLA-2107-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00015.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2107-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/950258\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'spamassassin'\n package(s) announced via the DLA-2107-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Two vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.\");\n\n script_tag(name:\"affected\", value:\"'spamassassin' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.4.2-0+deb8u3.\n\nWe recommend that you upgrade your spamassassin packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"sa-compile\", ver:\"3.4.2-0+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"spamassassin\", ver:\"3.4.2-0+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"spamc\", ver:\"3.4.2-0+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-14T14:40:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "The remote host is missing an update for the ", "modified": "2020-02-14T00:00:00", "published": "2020-02-12T00:00:00", "id": "OPENVAS:1361412562310877460", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877460", "type": "openvas", "title": "Fedora: Security Advisory for spamassassin (FEDORA-2020-bd20036cdc)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877460\");\n script_version(\"2020-02-14T06:25:11+0000\");\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-14 06:25:11 +0000 (Fri, 14 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-12 04:06:18 +0000 (Wed, 12 Feb 2020)\");\n script_name(\"Fedora: Security Advisory for spamassassin (FEDORA-2020-bd20036cdc)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-bd20036cdc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOVVKFP2G2AF5GHAB4WMHOEX76A3H6CE\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'spamassassin'\n package(s) announced via the FEDORA-2020-bd20036cdc advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"SpamAssassin provides you with a way to reduce if not completely eliminate\nUnsolicited Commercial Email (SPAM) from your incoming email. It can\nbe invoked by a MDA such as sendmail or postfix, or can be called from\na procmail script, .forward file, etc. It uses a genetic-algorithm\nevolved scoring system to identify messages which look spammy, then\nadds headers to the message so they can be filtered by the user&#39, s mail\nreading software. This distribution includes the spamd/spamc components\nwhich create a server that considerably speeds processing of mail.\n\nTo enable spamassassin, if you are receiving mail locally, simply add\nthis line to your ~/.procmailrc:\nINCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc\n\nTo filter spam for all users, add that line to /etc/procmailrc\n(creating if necessary).\");\n\n script_tag(name:\"affected\", value:\"'spamassassin' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"spamassassin\", rpm:\"spamassassin~3.4.4~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-14T14:40:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "The remote host is missing an update for the ", "modified": "2020-02-14T00:00:00", "published": "2020-02-12T00:00:00", "id": "OPENVAS:1361412562310877461", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877461", "type": "openvas", "title": "Fedora: Security Advisory for spamassassin (FEDORA-2020-24dac7d890)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877461\");\n script_version(\"2020-02-14T06:25:11+0000\");\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-14 06:25:11 +0000 (Fri, 14 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-12 04:06:20 +0000 (Wed, 12 Feb 2020)\");\n script_name(\"Fedora: Security Advisory for spamassassin (FEDORA-2020-24dac7d890)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-24dac7d890\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7SY2LUSH2X3IUXN4EQQ5A6QVUFYIV3D\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'spamassassin'\n package(s) announced via the FEDORA-2020-24dac7d890 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"SpamAssassin provides you with a way to reduce if not completely eliminate\nUnsolicited Commercial Email (SPAM) from your incoming email. It can\nbe invoked by a MDA such as sendmail or postfix, or can be called from\na procmail script, .forward file, etc. It uses a genetic-algorithm\nevolved scoring system to identify messages which look spammy, then\nadds headers to the message so they can be filtered by the user&#39, s mail\nreading software. This distribution includes the spamd/spamc components\nwhich create a server that considerably speeds processing of mail.\n\nTo enable spamassassin, if you are receiving mail locally, simply add\nthis line to your ~/.procmailrc:\nINCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc\n\nTo filter spam for all users, add that line to /etc/procmailrc\n(creating if necessary).\");\n\n script_tag(name:\"affected\", value:\"'spamassassin' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"spamassassin\", rpm:\"spamassassin~3.4.4~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-03T16:44:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "The remote host is missing an update for the ", "modified": "2020-02-02T00:00:00", "published": "2020-02-02T00:00:00", "id": "OPENVAS:1361412562310704615", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704615", "type": "openvas", "title": "Debian: Security Advisory for spamassassin (DSA-4615-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704615\");\n script_version(\"2020-02-02T04:00:11+0000\");\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-02 04:00:11 +0000 (Sun, 02 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-02 04:00:11 +0000 (Sun, 02 Feb 2020)\");\n script_name(\"Debian: Security Advisory for spamassassin (DSA-4615-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|10)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4615.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4615-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'spamassassin'\n package(s) announced via the DSA-4615-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Two vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.\");\n\n script_tag(name:\"affected\", value:\"'spamassassin' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 3.4.2-1~deb9u3.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 3.4.2-1+deb10u2.\n\nWe recommend that you upgrade your spamassassin packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"sa-compile\", ver:\"3.4.2-1~deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"spamassassin\", ver:\"3.4.2-1~deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"spamc\", ver:\"3.4.2-1~deb9u3\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"sa-compile\", ver:\"3.4.2-1+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"spamassassin\", ver:\"3.4.2-1+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"spamc\", ver:\"3.4.2-1+deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-15T14:44:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931", "CVE-2018-11805"], "description": "The remote host is missing an update for the ", "modified": "2020-04-07T00:00:00", "published": "2020-04-05T00:00:00", "id": "OPENVAS:1361412562310853096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853096", "type": "openvas", "title": "openSUSE: Security Advisory for spamassassin (openSUSE-SU-2020:0446-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853096\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2018-11805\", \"CVE-2020-1930\", \"CVE-2020-1931\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-05 03:00:42 +0000 (Sun, 05 Apr 2020)\");\n script_name(\"openSUSE: Security Advisory for spamassassin (openSUSE-SU-2020:0446-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0446-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00003.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'spamassassin'\n package(s) announced via the openSUSE-SU-2020:0446-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for spamassassin fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-11805: Fixed an issue with delimiter handling in rule files\n related to is_regexp_valid() (bsc#1118987).\n\n - CVE-2020-1930: Fixed an issue with rule configuration (.cf) files which\n can be configured to run system commands (bsc#1162197).\n\n - CVE-2020-1931: Fixed an issue with rule configuration (.cf) files which\n can be configured to run system commands with warnings (bsc#1162200).\n\n Non-security issue fixed:\n\n - Altering hash requires restarting loop (bsc#862963).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-446=1\");\n\n script_tag(name:\"affected\", value:\"'spamassassin' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Mail-SpamAssassin\", rpm:\"perl-Mail-SpamAssassin~3.4.2~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-Mail-SpamAssassin-Plugin-iXhash2\", rpm:\"perl-Mail-SpamAssassin-Plugin-iXhash2~2.05~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spamassassin\", rpm:\"spamassassin~3.4.2~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spamassassin-debuginfo\", rpm:\"spamassassin-debuginfo~3.4.2~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"spamassassin-debugsource\", rpm:\"spamassassin-debugsource~3.4.2~lp151.8.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:41:48", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "It was discovered that SpamAssassin incorrectly handled certain CF files. \nIf a user or automated system were tricked into using a specially-crafted \nCF file, a remote attacker could possibly run arbitrary code.", "edition": 2, "modified": "2020-02-04T00:00:00", "published": "2020-02-04T00:00:00", "id": "USN-4265-1", "href": "https://ubuntu.com/security/notices/USN-4265-1", "title": "SpamAssassin vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:38:53", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "USN-4265-1 fixed several vulnerabilities in SpamAssassin. This update provides \nthe corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.\n\nOriginal advisory details:\n\nIt was discovered that SpamAssassin incorrectly handled certain CF files. \nIf a user or automated system were tricked into using a specially-crafted \nCF file, a remote attacker could possibly run arbitrary code.", "edition": 2, "modified": "2020-02-04T00:00:00", "published": "2020-02-04T00:00:00", "id": "USN-4265-2", "href": "https://ubuntu.com/security/notices/USN-4265-2", "title": "SpamAssassin vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T01:52:29", "description": "Two vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.", "edition": 14, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-03T00:00:00", "title": "Debian DSA-4615-1 : spamassassin - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "p-cpe:/a:debian:debian_linux:spamassassin", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4615.NASL", "href": "https://www.tenable.com/plugins/nessus/133418", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4615. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133418);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/06\");\n\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_xref(name:\"DSA\", value:\"4615\");\n script_xref(name:\"IAVA\", value:\"2020-A-0056\");\n\n script_name(english:\"Debian DSA-4615-1 : spamassassin - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950258\"\n );\n # https://security-tracker.debian.org/tracker/source-package/spamassassin\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92e1b8a1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/spamassassin\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/spamassassin\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4615\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the spamassassin packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 3.4.2-1~deb9u3.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 3.4.2-1+deb10u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/03\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"sa-compile\", reference:\"3.4.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"spamassassin\", reference:\"3.4.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"spamc\", reference:\"3.4.2-1+deb10u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"sa-compile\", reference:\"3.4.2-1~deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"spamassassin\", reference:\"3.4.2-1~deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"spamc\", reference:\"3.4.2-1~deb9u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T02:45:22", "description": "The Apache SpamAssassin project reports :\n\nA nefarious rule configuration (.cf) files can be configured to run\nsystem commands. This issue is less stealthy and attempts to exploit\nthe issue will throw warnings.\n\nThanks to Damian Lukowski at credativ for reporting the issue\nethically. With this bug unpatched, exploits can be injected in a\nnumber of scenarios though doing so remotely is difficult. In addition\nto upgrading to SA 3.4.4, we again recommend that users should only\nuse update channels or 3rd party .cf files from trusted places.", "edition": 14, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-03T00:00:00", "title": "FreeBSD : spamassassin -- Nefarious rule configuration files can run system commands (c86bfee3-4441-11ea-8be3-54e1ad3d6335)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:spamassassin", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C86BFEE3444111EA8BE354E1AD3D6335.NASL", "href": "https://www.tenable.com/plugins/nessus/133435", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133435);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/10\");\n\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_xref(name:\"IAVA\", value:\"2020-A-0056\");\n\n script_name(english:\"FreeBSD : spamassassin -- Nefarious rule configuration files can run system commands (c86bfee3-4441-11ea-8be3-54e1ad3d6335)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache SpamAssassin project reports :\n\nA nefarious rule configuration (.cf) files can be configured to run\nsystem commands. This issue is less stealthy and attempts to exploit\nthe issue will throw warnings.\n\nThanks to Damian Lukowski at credativ for reporting the issue\nethically. With this bug unpatched, exploits can be injected in a\nnumber of scenarios though doing so remotely is difficult. In addition\nto upgrading to SA 3.4.4, we again recommend that users should only\nuse update channels or 3rd party .cf files from trusted places.\"\n );\n # https://mail-archives.apache.org/mod_mbox/spamassassin-announce/202001.mbox/%3c0a91e67a-3190-36e5-41e9-d3553743bcd2@apache.org%3e\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d85f0f21\"\n );\n # https://mail-archives.apache.org/mod_mbox/spamassassin-announce/202001.mbox/%3ccdae17ce-acde-6060-148a-6dc5f45ee728@apache.org%3e\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?46831c6b\"\n );\n # https://vuxml.freebsd.org/freebsd/c86bfee3-4441-11ea-8be3-54e1ad3d6335.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29ed1fcf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"spamassassin<3.4.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T02:29:10", "description": "Update to 3.4.4. Fixes CVE-2020-1930 and CVE-2020-1931.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 13, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-12T00:00:00", "title": "Fedora 31 : spamassassin (2020-24dac7d890)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:spamassassin", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-24DAC7D890.NASL", "href": "https://www.tenable.com/plugins/nessus/133626", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-24dac7d890.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133626);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/14\");\n\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_xref(name:\"FEDORA\", value:\"2020-24dac7d890\");\n\n script_name(english:\"Fedora 31 : spamassassin (2020-24dac7d890)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 3.4.4. Fixes CVE-2020-1930 and CVE-2020-1931.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-24dac7d890\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected spamassassin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"spamassassin-3.4.4-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"spamassassin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T02:32:45", "description": "Update to 3.4.4. Fixes CVE-2020-1930 and CVE-2020-1931.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 13, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-12T00:00:00", "title": "Fedora 30 : spamassassin (2020-bd20036cdc)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:30", "p-cpe:/a:fedoraproject:fedora:spamassassin"], "id": "FEDORA_2020-BD20036CDC.NASL", "href": "https://www.tenable.com/plugins/nessus/133628", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-bd20036cdc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133628);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/14\");\n\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_xref(name:\"FEDORA\", value:\"2020-bd20036cdc\");\n\n script_name(english:\"Fedora 30 : spamassassin (2020-bd20036cdc)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 3.4.4. Fixes CVE-2020-1930 and CVE-2020-1931.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd20036cdc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected spamassassin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"spamassassin-3.4.4-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"spamassassin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:54:31", "description": "It was discovered that SpamAssassin incorrectly handled certain CF\nfiles. If a user or automated system were tricked into using a\nspecially crafted CF file, a remote attacker could possibly run\narbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-05T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : spamassassin vulnerabilities (USN-4265-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:spamassassin", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4265-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4265-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133496);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/07\");\n\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n script_xref(name:\"USN\", value:\"4265-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0056\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : spamassassin vulnerabilities (USN-4265-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that SpamAssassin incorrectly handled certain CF\nfiles. If a user or automated system were tricked into using a\nspecially crafted CF file, a remote attacker could possibly run\narbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4265-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected spamassassin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"spamassassin\", pkgver:\"3.4.2-0ubuntu0.16.04.3\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"spamassassin\", pkgver:\"3.4.2-0ubuntu0.18.04.3\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"spamassassin\", pkgver:\"3.4.2-1ubuntu0.19.10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"spamassassin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:42:07", "description": "Two vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.4.2-0+deb8u3.\n\nWe recommend that you upgrade your spamassassin packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 5, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-19T00:00:00", "title": "Debian DLA-2107-1 : spamassassin security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "modified": "2020-02-19T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:sa-compile", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:spamassassin", "p-cpe:/a:debian:debian_linux:spamc"], "id": "DEBIAN_DLA-2107.NASL", "href": "https://www.tenable.com/plugins/nessus/133772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2107-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133772);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2020-1930\", \"CVE-2020-1931\");\n\n script_name(english:\"Debian DLA-2107-1 : spamassassin security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.4.2-0+deb8u3.\n\nWe recommend that you upgrade your spamassassin packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/02/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/spamassassin\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected sa-compile, spamassassin, and spamc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sa-compile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:spamc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"sa-compile\", reference:\"3.4.2-0+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"spamassassin\", reference:\"3.4.2-0+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"spamc\", reference:\"3.4.2-0+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-10T01:42:32", "description": "This update for spamassassin fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-11805: Fixed an issue with delimiter handling\n in rule files related to is_regexp_valid()\n (bsc#1118987).\n\n - CVE-2020-1930: Fixed an issue with rule configuration\n (.cf) files which can be configured to run system\n commands (bsc#1162197).\n\n - CVE-2020-1931: Fixed an issue with rule configuration\n (.cf) files which can be configured to run system\n commands with warnings (bsc#1162200). Non-security issue\n fixed :\n\n - Altering hash requires restarting loop (bsc#862963).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.", "edition": 2, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-06T00:00:00", "title": "openSUSE Security Update : spamassassin (openSUSE-2020-446)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931", "CVE-2018-11805"], "modified": "2020-04-06T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:perl-Mail-SpamAssassin-Plugin-iXhash2", "p-cpe:/a:novell:opensuse:spamassassin", "p-cpe:/a:novell:opensuse:spamassassin-debuginfo", "p-cpe:/a:novell:opensuse:perl-Mail-SpamAssassin", "p-cpe:/a:novell:opensuse:spamassassin-debugsource"], "id": "OPENSUSE-2020-446.NASL", "href": "https://www.tenable.com/plugins/nessus/135221", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-446.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135221);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/08\");\n\n script_cve_id(\"CVE-2018-11805\", \"CVE-2020-1930\", \"CVE-2020-1931\");\n\n script_name(english:\"openSUSE Security Update : spamassassin (openSUSE-2020-446)\");\n script_summary(english:\"Check for the openSUSE-2020-446 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for spamassassin fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-11805: Fixed an issue with delimiter handling\n in rule files related to is_regexp_valid()\n (bsc#1118987).\n\n - CVE-2020-1930: Fixed an issue with rule configuration\n (.cf) files which can be configured to run system\n commands (bsc#1162197).\n\n - CVE-2020-1931: Fixed an issue with rule configuration\n (.cf) files which can be configured to run system\n commands with warnings (bsc#1162200). Non-security issue\n fixed :\n\n - Altering hash requires restarting loop (bsc#862963).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1162197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1162200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=862963\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected spamassassin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-Mail-SpamAssassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-Mail-SpamAssassin-Plugin-iXhash2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:spamassassin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:spamassassin-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-Mail-SpamAssassin-3.4.2-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"spamassassin-3.4.2-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"spamassassin-debuginfo-3.4.2-lp151.8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"spamassassin-debugsource-3.4.2-lp151.8.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"perl-Mail-SpamAssassin / perl-Mail-SpamAssassin-Plugin-iXhash2 / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-04T02:33:07", "description": "This update for spamassassin fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-11805: Fixed an issue with delimiter handling in rule files\nrelated to is_regexp_valid() (bsc#1118987).\n\nCVE-2020-1930: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands (bsc#1162197).\n\nCVE-2020-1931: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands with warnings\n(bsc#1162200).\n\nNon-security issue fixed: Altering hash requires restarting loop\n(bsc#862963).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 2, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-31T00:00:00", "title": "SUSE SLES15 Security Update : spamassassin (SUSE-SU-2020:0813-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931", "CVE-2018-11805"], "modified": "2020-03-31T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin-Plugin-iXhash2", "p-cpe:/a:novell:suse_linux:spamassassin-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:spamassassin-debugsource", "p-cpe:/a:novell:suse_linux:spamassassin", "p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin"], "id": "SUSE_SU-2020-0813-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135025", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0813-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135025);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/02\");\n\n script_cve_id(\"CVE-2018-11805\", \"CVE-2020-1930\", \"CVE-2020-1931\");\n\n script_name(english:\"SUSE SLES15 Security Update : spamassassin (SUSE-SU-2020:0813-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for spamassassin fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-11805: Fixed an issue with delimiter handling in rule files\nrelated to is_regexp_valid() (bsc#1118987).\n\nCVE-2020-1930: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands (bsc#1162197).\n\nCVE-2020-1931: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands with warnings\n(bsc#1162200).\n\nNon-security issue fixed: Altering hash requires restarting loop\n(bsc#862963).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=862963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1930/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1931/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200813-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f7e5ee0c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15:zypper in -t patch\nSUSE-SLE-Product-SLES_SAP-15-2020-813=1\n\nSUSE Linux Enterprise Server 15-LTSS:zypper in -t patch\nSUSE-SLE-Product-SLES-15-2020-813=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS:zypper in -t\npatch SUSE-SLE-Product-HPC-15-2020-813=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS:zypper in -t\npatch SUSE-SLE-Product-HPC-15-2020-813=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin-Plugin-iXhash2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"perl-Mail-SpamAssassin-3.4.2-7.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-7.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"spamassassin-3.4.2-7.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"spamassassin-debuginfo-3.4.2-7.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"spamassassin-debugsource-3.4.2-7.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"spamassassin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-14T06:26:40", "description": "This update for spamassassin fixes the following issues :\n\nCVE-2018-11805: Fixed an issue with delimiter handling in rule files\nrelated to is_regexp_valid() (bsc#1118987).\n\nCVE-2020-1930: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands (bsc#1162197).\n\nCVE-2020-1931: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands with warnings\n(bsc#1162200).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-31T00:00:00", "title": "SUSE SLES12 Security Update : spamassassin (SUSE-SU-2020:0810-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931", "CVE-2018-11805"], "modified": "2020-03-31T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:spamassassin-debuginfo", "p-cpe:/a:novell:suse_linux:spamassassin-debugsource", "p-cpe:/a:novell:suse_linux:spamassassin", "p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin"], "id": "SUSE_SU-2020-0810-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135023", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0810-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135023);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-11805\", \"CVE-2020-1930\", \"CVE-2020-1931\");\n\n script_name(english:\"SUSE SLES12 Security Update : spamassassin (SUSE-SU-2020:0810-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for spamassassin fixes the following issues :\n\nCVE-2018-11805: Fixed an issue with delimiter handling in rule files\nrelated to is_regexp_valid() (bsc#1118987).\n\nCVE-2020-1930: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands (bsc#1162197).\n\nCVE-2020-1931: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands with warnings\n(bsc#1162200).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1930/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1931/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200810-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aac2bc3c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2020-810=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2020-810=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2020-810=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2020-810=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2020-810=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2020-810=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-810=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2020-810=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2020-810=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2020-810=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2020-810=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2020-810=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2020-810=1\n\nSUSE Enterprise Storage 5:zypper in -t patch SUSE-Storage-5-2020-810=1\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2020-810=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"perl-Mail-SpamAssassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"spamassassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"spamassassin-debuginfo-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"spamassassin-debugsource-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"perl-Mail-SpamAssassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"spamassassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"spamassassin-debuginfo-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"spamassassin-debugsource-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"perl-Mail-SpamAssassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"spamassassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"spamassassin-debuginfo-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"spamassassin-debugsource-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"perl-Mail-SpamAssassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"spamassassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"spamassassin-debuginfo-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"spamassassin-debugsource-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"perl-Mail-SpamAssassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"spamassassin-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"spamassassin-debuginfo-3.4.2-44.8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"spamassassin-debugsource-3.4.2-44.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"spamassassin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-14T06:26:40", "description": "This update for spamassassin fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-11805: Fixed an issue with delimiter handling in rule files\nrelated to is_regexp_valid() (bsc#1118987).\n\nCVE-2020-1930: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands (bsc#1162197).\n\nCVE-2020-1931: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands with warnings\n(bsc#1162200).\n\nNon-security issue fixed: Altering hash requires restarting loop\n(bsc#862963).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-31T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : spamassassin (SUSE-SU-2020:0811-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-1930", "CVE-2020-1931", "CVE-2018-11805"], "modified": "2020-03-31T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin-Plugin-iXhash2", "p-cpe:/a:novell:suse_linux:spamassassin-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:spamassassin-debugsource", "p-cpe:/a:novell:suse_linux:spamassassin", "p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin"], "id": "SUSE_SU-2020-0811-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135024", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0811-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135024);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-11805\", \"CVE-2020-1930\", \"CVE-2020-1931\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : spamassassin (SUSE-SU-2020:0811-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for spamassassin fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-11805: Fixed an issue with delimiter handling in rule files\nrelated to is_regexp_valid() (bsc#1118987).\n\nCVE-2020-1930: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands (bsc#1162197).\n\nCVE-2020-1931: Fixed an issue with rule configuration (.cf) files\nwhich can be configured to run system commands with warnings\n(bsc#1162200).\n\nNon-security issue fixed: Altering hash requires restarting loop\n(bsc#862963).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=862963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-11805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1930/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1931/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200811-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?63fee10c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2020-811=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2020-811=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-Mail-SpamAssassin-Plugin-iXhash2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:spamassassin-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"perl-Mail-SpamAssassin-3.4.2-12.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-12.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"spamassassin-3.4.2-12.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"spamassassin-debuginfo-3.4.2-12.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"spamassassin-debugsource-3.4.2-12.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"perl-Mail-SpamAssassin-3.4.2-12.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-12.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"spamassassin-3.4.2-12.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"spamassassin-debuginfo-3.4.2-12.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"spamassassin-debugsource-3.4.2-12.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"spamassassin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=3D/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary). ", "modified": "2020-02-12T01:41:33", "published": "2020-02-12T01:41:33", "id": "FEDORA:42C8C608A4A8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: spamassassin-3.4.4-1.fc30", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=3D/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary). ", "modified": "2020-02-12T02:15:41", "published": "2020-02-12T02:15:41", "id": "FEDORA:7897B602D540", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: spamassassin-3.4.4-1.fc31", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2020-02-01T12:26:44", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "\nThe Apache SpamAssassin project reports:\n\nA nefarious rule configuration (.cf) files can be configured to\n\t run system commands. This issue is less stealthy and attempts to\n\t exploit the issue will throw warnings.\nThanks to Damian Lukowski at credativ for reporting the issue\n\t ethically. With this bug unpatched, exploits can be injected in a\n\t number of scenarios though doing so remotely is difficult. In\n\t addition to upgrading to SA 3.4.4, we again recommend that users\n\t should only use update channels or 3rd party .cf files from trusted\n\t places.\n\n", "edition": 3, "modified": "2020-01-28T00:00:00", "published": "2020-01-28T00:00:00", "id": "C86BFEE3-4441-11EA-8BE3-54E1AD3D6335", "href": "https://vuxml.freebsd.org/freebsd/c86bfee3-4441-11ea-8be3-54e1ad3d6335.html", "title": "spamassassin -- Nefarious rule configuration files can run system commands", "type": "freebsd", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-30T18:26:30", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1931"], "description": "\nthe Apache Spamassassin project reports:\n\nnefarious rule configuration (.cf) files can be configured to\n\t run system commands similar to CVE-2018-11805. This issue\n\t is less stealthy and attempts to exploit the issue will throw\n\t warnings.\n\n", "edition": 1, "modified": "2020-01-30T00:00:00", "published": "2020-01-30T00:00:00", "id": "E3404A6E-4364-11EA-B643-206A8A720317", "href": "https://vuxml.freebsd.org/freebsd/e3404a6e-4364-11ea-b643-206a8a720317.html", "title": "spamassassin -- Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings", "type": "freebsd", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2020-08-12T00:57:40", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1930", "CVE-2020-1931"], "description": "Package : spamassassin\nVersion : 3.4.2-0+deb8u3\nCVE ID : CVE-2020-1930 CVE-2020-1931\nDebian Bug : 950258\n\nTwo vulnerabilities were discovered in spamassassin, a Perl-based spam\nfilter using text analysis. Malicious rule or configuration files,\npossibly downloaded from an updates server, could execute arbitrary\ncommands under multiple scenarios.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n3.4.2-0+deb8u3.\n\nWe recommend that you upgrade your spamassassin packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 5, "modified": "2020-02-18T12:55:08", "published": "2020-02-18T12:55:08", "id": "DEBIAN:DLA-2107-1:76EFB", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202002/msg00015.html", "title": "[SECURITY] [DLA 2107-1] spamassassin security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2020-04-04T22:38:37", "bulletinFamily": "unix", "cvelist": ["CVE-2020-1930", "CVE-2020-1931", "CVE-2018-11805"], "description": "This update for spamassassin fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-11805: Fixed an issue with delimiter handling in rule files\n related to is_regexp_valid() (bsc#1118987).\n - CVE-2020-1930: Fixed an issue with rule configuration (.cf) files which\n can be configured to run system commands (bsc#1162197).\n - CVE-2020-1931: Fixed an issue with rule configuration (.cf) files which\n can be configured to run system commands with warnings (bsc#1162200).\n\n Non-security issue fixed:\n\n - Altering hash requires restarting loop (bsc#862963).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n", "edition": 1, "modified": "2020-04-04T21:12:59", "published": "2020-04-04T21:12:59", "id": "OPENSUSE-SU-2020:0446-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00003.html", "title": "Security update for spamassassin (important)", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2020-11-04T02:33:49", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11805", "CVE-2019-12420", "CVE-2020-1930", "CVE-2020-1931"], "description": "The SpamAssassin tool provides a way to reduce unsolicited commercial email (spam) from incoming email.\n\nSecurity Fix(es):\n\n* spamassassin: crafted configuration files can run system commands without any output or errors (CVE-2018-11805)\n\n* spamassassin: crafted email message can lead to DoS (CVE-2019-12420)\n\n* spamassassin: command injection via crafted configuration file (CVE-2020-1930)\n\n* spamassassin: command injection via crafted configuration file (CVE-2020-1931)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "modified": "2020-11-04T05:02:34", "published": "2020-11-03T17:21:29", "id": "RHSA-2020:4625", "href": "https://access.redhat.com/errata/RHSA-2020:4625", "type": "redhat", "title": "(RHSA-2020:4625) Moderate: spamassassin security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2020-11-12T03:33:22", "bulletinFamily": "unix", "cvelist": ["CVE-2019-12420", "CVE-2020-1930", "CVE-2020-1931", "CVE-2018-11805"], "description": "[3.4.2-10]\n- Fixed CVE-2018-11805\n- Resolves: rhbz#1787514\n- Fixed CVE-2020-1930\n- Resolves: rhbz#1820649\n- Fixed CVE-2020-1931\n- Resolves: rhbz#1820650\n[3.4.2-9]\n- Fix CVE-2019-12420\n- Resolves: rhbz#1812977\n[3.4.2-8]\n- Removed the obsolete SOUGHT channel for rule updates\n- Resolves: rhbz#1630362", "edition": 1, "modified": "2020-11-10T00:00:00", "published": "2020-11-10T00:00:00", "id": "ELSA-2020-4625", "href": "http://linux.oracle.com/errata/ELSA-2020-4625.html", "title": "spamassassin security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}