Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2006-2447HistoryJun 06, 2006 - 9:06 p.m.
CVE-2006-2447
2006-06-0621:06:00
Debian Security Bug Tracker
security-tracker.debian.org
11
0.947 High
EPSS
Percentile
99.2%
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | spamassassin | <Â 3.1.3-1 | spamassassin_3.1.3-1_all.deb |
| Debian | 11 | all | spamassassin | <Â 3.1.3-1 | spamassassin_3.1.3-1_all.deb |
| Debian | 10 | all | spamassassin | <Â 3.1.3-1 | spamassassin_3.1.3-1_all.deb |
| Debian | 999 | all | spamassassin | <Â 3.1.3-1 | spamassassin_3.1.3-1_all.deb |
| Debian | 13 | all | spamassassin | <Â 3.1.3-1 | spamassassin_3.1.3-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2006-2447
2006-06-06 00:00:00
seebug
seebug
SpamAssassin spamd Remote Command Execution
2014-07-01 00:00:00
SpamAssassin spamd <= 3.1.3 - Command Injection
2014-07-01 00:00:00
SpamAssassin spamd <= 3.1.3 Command Injection
2006-06-06 00:00:00
saint
saint
SpamAssassin spamd vpopmail user vulnerability
2006-06-09 00:00:00
SpamAssassin spamd vpopmail user vulnerability
2006-06-09 00:00:00
SpamAssassin spamd vpopmail user vulnerability
2006-06-09 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:13:09
nessus
nessus
GLSA-200606-09 : SpamAssassin: Execution of arbitrary code
2006-06-16 00:00:00
openSUSE 10 Security Update : spamassassin (spamassassin-1904)
2007-10-17 00:00:00
SpamAssassin spamd Crafted Message Arbitrary Command Execution
2006-06-08 00:00:00
prion
prion
Design/Logic Flaw
2006-06-06 21:06:00
openvas
openvas
Gentoo Security Advisory GLSA 200606-09 (Spamassassin)
2008-09-24 00:00:00
SLES9: Security update for SpamAssassin
2009-10-10 00:00:00
SLES9: Security update for SpamAssassin
2009-10-10 00:00:00
centos
centos
spamassassin security update
2006-06-06 21:40:09
cvelist
cvelist
CVE-2006-2447
2006-06-06 21:00:00
redhat
redhat
(RHSA-2006:0543) spamassassin security update
2006-06-06 00:00:00
securityvulns
securityvulns
gentoo
gentoo
SpamAssassin: Execution of arbitrary code
2006-06-11 00:00:00
debian
debian
packetstorm
packetstorm
SpamAssassin spamd Remote Command Execution
2009-10-28 00:00:00
exploitpack
exploitpack
SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)
2006-06-06 00:00:00
cve
cve
CVE-2006-2447
2006-06-06 21:06:00
checkpoint_advisories
checkpoint_advisories
SpamAssassin Spamd Configurable Options Code Execution (CVE-2006-2447)
2009-12-01 00:00:00
metasploit
metasploit
SpamAssassin spamd Remote Command Execution
2008-07-19 15:40:30
exploitdb
exploitdb
SpamAssassin spamd - Remote Command Execution (Metasploit)
2010-04-30 00:00:00
SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)
2006-06-06 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: spamassassin-3.1.8-1.fc5
2007-02-15 19:48:41
[SECURITY] Fedora Core 5 Update: spamassassin-3.1.9-1.fc5.1
2007-06-12 21:36:03