Lucene search
K

16 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.71 views

SpamAssassin spamd Remote Command Execution

No description provided by source. $Id: spamassassinexec.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

5.1CVSS0.2AI score0.74703EPSS
Exploits12
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

SpamAssassin spamd <= 3.1.3 - Command Injection

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

5.1CVSS0.1AI score0.74703EPSS
Exploits12
Circl
Circl
added 2010/04/30 12:0 a.m.4 views

CVE-2006-2447

creationtimestamp| type| source ---|---|--- 2010-04-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16920 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/misc/spamassassinexec.rb 2025-02-06 03:13:38+00:00| seen|...

5.1CVSS5.7AI score0.74703EPSS
Exploits12References2
Exploit DB
Exploit DB
added 2010/04/30 12:0 a.m.37 views

SpamAssassin spamd - Remote Command Execution (Metasploit)

$Id: spamassassinexec.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

5.1CVSS7AI score0.74703EPSS
Exploits12
Packet Storm
Packet Storm
added 2009/10/28 12:0 a.m.32 views

SpamAssassin spamd Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SpamAssassin...

5.1CVSS0.1AI score0.74703EPSS
Exploits12
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.16 views

SLES9: Security update for SpamAssassin

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: perl-spamassassin spamassassin For more information, please visit the referenced security advisories. More details may also be found by searching for keyword...

5.1CVSS6.3AI score0.74703EPSS
Exploits12References1
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.22 views

Fedora Update for spamassassin FEDORA-2007-242

Check for the Version of spamassassin OpenVAS Vulnerability Test Fedora Update for spamassassin FEDORA-2007-242 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

5.1CVSS9.5AI score0.74703EPSS
Exploits12References2
Metasploit
Metasploit
added 2008/07/19 3:40 p.m.26 views

SpamAssassin spamd Remote Command Execution

This module exploits a flaw in the SpamAssassin spamd service by specifying a malicious vpopmail User header, when running with vpopmail and paranoid modes enabled non-default. Versions prior to v3.1.3 are vulnerable This module requires Metasploit: https://metasploit.com/download Current source:...

5.1CVSS6.3AI score0.74703EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.29 views

openSUSE 10 Security Update : spamassassin (spamassassin-1904)

This update fixes the following security problem in SpamAssassin : - CVE-2006-2447: SpamAssassin when running with vpopmail and the paranoid -P switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop...

5.1CVSS5.9AI score0.74703EPSS
Exploits12References1
Tenable Nessus
Tenable Nessus
added 2007/06/14 12:0 a.m.54 views

Fedora Core 5 : spamassassin-3.1.9-1.fc5.1 (2007-584)

Local symlink vulnerability. Fedora is not vulnerable in any default or common configurations. Read upstream's announcement for details. http://spamassassin.apache.org/advisories/CVE-2007-2873.txt Note that Tenable Network Security has extracted the preceding description block directly from the...

5.1CVSS8.1AI score0.74703EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2007/02/17 12:0 a.m.28 views

Fedora Core 5 : spamassassin-3.1.8-1.fc5 (2007-242)

This upgrades to version 3.1.8, which fixes some bugs and CVE-2007-0451 Malformed HTML Denial of Service. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much...

5.1CVSS8.1AI score0.74703EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.27 views

Fedora Core 5 : spamassassin-3.1.3-1.fc5 (2006-598)

3.1.3 Resolves CVE-2006-2447. Note that you are affected by this bug only if you launched spamd with both --vpopmail and --paranoid, which is not a common configuration. Also included are bug fixes from 3.1.2. Note that Tenable Network Security has extracted the preceding description block direct...

5.1CVSS5.4AI score0.74703EPSS
Exploits12References2
Saint
Saint
added 2006/06/09 12:0 a.m.28 views

SpamAssassin spamd vpopmail user vulnerability

Added: 06/09/2006 CVE: CVE-2006-2447 BID: 18290 OSVDB: 26177 Background SpamAssassin identifies spam e-mail using a variety of local and network based tests. spamd is a component of SpamAssassin which allows it to run as a network daemon. Problem When the vpopmail -v and paranoid -P options are...

5.1CVSS6.5AI score0.74703EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2006/06/08 12:0 a.m.30 views

RHEL 4 : spamassassin (RHSA-2006:0543)

Updated spamassassin packages that fix an arbitrary code execution flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SpamAssassin provides a way to reduce unsolicited commercial email SPAM from incoming email. A flaw was...

5.1CVSS5.7AI score0.74703EPSS
Exploits12References3
OSV
OSV
added 2006/06/06 9:6 p.m.4 views

CVE-2006-2447

SpamAssassin before 3.1.3, when running with vpopmail and the paranoid -P switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username...

7.3AI score0.74703EPSS
Exploits12References23
CVE
CVE
added 2006/06/06 9:0 p.m.83 views

CVE-2006-2447

CVE-2006-2447 affects SpamAssassin spamd prior to 3.1.3 when run with vpopmail (--vpopmail) and paranoid (--paranoid) options. A crafted message sent to the spamd daemon can cause remote execution of arbitrary commands in the spamd process’ user context. Public references describe multiple adviso...

5.1CVSS7.1AI score0.74703EPSS
Exploits12References19Affected Software1
Rows per page
Query Builder