Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:830211HistoryApr 09, 2009 - 12:00 a.m.
Mandriva Update for spamassassin MDKSA-2007:049 (spamassassin)
2009-04-0900:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
7
0.042 Low
EPSS
Percentile
92.2%
Check for the Version of spamassassin
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for spamassassin MDKSA-2007:049 (spamassassin)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "A bug in the way that SpamAssassin processes HTML emails containing
URIs was discovered in versions 3.1.x. A carefully crafted mail
message could make SpamAssassin consume significant amounts of CPU
resources that could delay or prevent the delivery of mail if a
number of these messages were sent at once.
SpamAssassin has been upgraded to version 3.1.8 to correct this
problem, and other upstream bugs. In addition, an invalid path setting
in local.cf for the auto_whitelist_path has been fixed for Mandriva
2007.0.";
tag_affected = "spamassassin on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2007-02/msg00020.php");
script_id(830211);
script_version("$Revision: 6568 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_xref(name: "MDKSA", value: "2007:049");
script_cve_id("CVE-2007-0451");
script_name( "Mandriva Update for spamassassin MDKSA-2007:049 (spamassassin)");
script_summary("Check for the Version of spamassassin");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2007.0")
{
if ((res = isrpmvuln(pkg:"perl-Mail-SpamAssassin", rpm:"perl-Mail-SpamAssassin~3.1.8~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"spamassassin", rpm:"spamassassin~3.1.8~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"spamassassin-spamc", rpm:"spamassassin-spamc~3.1.8~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"spamassassin-spamd", rpm:"spamassassin-spamd~3.1.8~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"spamassassin-tools", rpm:"spamassassin-tools~3.1.8~0.1mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
redhat
redhat
(RHSA-2007:0075) Important: spamassassin security update
2007-03-13 00:00:00
(RHSA-2007:0074) Important: spamassassin security update
2007-02-21 00:00:00
nessus
nessus
GLSA-200703-02 : SpamAssassin: Long URI Denial of Service
2007-03-02 00:00:00
RHEL 4 : spamassassin (RHSA-2007:0074)
2007-02-23 00:00:00
openSUSE 10 Security Update : spamassassin (spamassassin-3077)
2007-10-17 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: spamassassin-3.1.8-1.fc6
2007-02-15 19:47:46
[SECURITY] Fedora Core 5 Update: spamassassin-3.1.8-1.fc5
2007-02-15 19:48:41
[SECURITY] Fedora Core 5 Update: spamassassin-3.1.9-1.fc5.1
2007-06-12 21:36:03
cvelist
cvelist
CVE-2007-0451
2007-02-16 19:00:00
cve
cve
CVE-2007-0451
2007-02-16 19:28:00
ubuntucve
ubuntucve
CVE-2007-0451
2007-02-16 00:00:00
debiancve
debiancve
CVE-2007-0451
2007-02-16 19:28:00
openvas
openvas
Fedora Update for spamassassin FEDORA-2007-241
2009-02-27 00:00:00
Fedora Update for spamassassin FEDORA-2007-241
2009-02-27 00:00:00
Mandriva Update for spamassassin MDKSA-2007:049 (spamassassin)
2009-04-09 00:00:00
gentoo
gentoo
SpamAssassin: Long URI Denial of service
2007-03-02 00:00:00
centos
centos
spamassassin security update
2007-02-21 19:24:09
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:13:22
prion
prion
Design/Logic Flaw
2007-02-16 19:28:00
nvd
nvd
CVE-2007-0451
2007-02-16 19:28:00
oraclelinux
oraclelinux
Important: spamassassin security update
2007-02-21 00:00:00
securityvulns
securityvulns
SpamAssassin DoS
2007-02-18 00:00:00