8 matches found
Oracle: Security Advisory (ELSA-2007-0492)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : spamassassin on SL5.x, SL4.x i386/x86_64 (fwd)
Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process CVE-2007-2873. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C...
CentOS 4 / 5 : spamassassin (CESA-2007:0492)
Updated spamassassin packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SpamAssassin provides a way to reduce unsolicited commercial email spam from incomin...
[Full-disclosure] rPSA-2007-0119-1 spamassassin
rPath Security Advisory: 2007-0119-1 Published: 2007-06-13 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Denial of Service Updated Versions: spamassassin=/conary.rpath.com@rpl:devel//1/3.2.1-0.1-1 References: https://vulners.com/cve/CVE-2007-2873...
Fedora Core 5 : spamassassin-3.1.9-1.fc5.1 (2007-584)
Local symlink vulnerability. Fedora is not vulnerable in any default or common configurations. Read upstream's announcement for details. http://spamassassin.apache.org/advisories/CVE-2007-2873.txt Note that Tenable Network Security has extracted the preceding description block directly from the...
Moderate: spamassassin security update
3.1.9-1 - 3.1.9 CVE-2007-2873...
CVE-2007-2873
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service corrupt arbitrary files via a symlink attack on a file that is used by spamd...
CVE-2007-2873
CVE-2007-2873 arises in SpamAssassin 3.1.x, 3.2.0, and 3.2.1 (before 20070611) when SpamAssassin runs as root in unusual configurations using vpopmail or virtual users. A local attacker can exploit a symlink to cause a denial of service by corrupting arbitrary files used by spamd. The available c...