RedHatRHSA-2007:0492(RHSA-2007:0492) Moderate: spamassassin security update
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.7%
SpamAssassin provides a way to reduce unsolicited commercial email (spam)
from incoming email.
Martin Krafft discovered a symlink issue in SpamAssassin that affects
certain non-default configurations. A local user could use this flaw to
create or overwrite files writable by the spamd process (CVE-2007-2873).
Users of SpamAssassin should upgrade to these updated packages which
contain a backported patch to correct this issue.
Note: This issue did not affect the version of SpamAssassin shipped with
Red Hat Enterprise Linux 3.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 4 | i386 | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.i386.rpm |
| RedHat | 4 | s390x | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.s390x.rpm |
| RedHat | 5 | ia64 | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.ia64.rpm |
| RedHat | 5 | i386 | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.i386.rpm |
| RedHat | 5 | ppc | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.ppc.rpm |
| RedHat | 5 | x86_64 | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.x86_64.rpm |
| RedHat | 4 | x86_64 | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.x86_64.rpm |
| RedHat | 5 | s390x | spamassassin | < 3.1.9-1.el5 | spamassassin-3.1.9-1.el5.s390x.rpm |
| RedHat | 4 | src | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.src.rpm |
| RedHat | 4 | ia64 | spamassassin | < 3.1.9-1.el4 | spamassassin-3.1.9-1.el4.ia64.rpm |
Related
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.7%