31 matches found
MiracleLinux 7 : spamassassin-3.4.0-4.el7 (AXSA:2018-3356:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3356:01 advisory. spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service CVE-2017-15705 spamassassin: Local use...
RHEL 5 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Local user code injection in the meta rule syntax CVE-2018-11781 - A denial of service...
RHEL 6 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Malicious rule configuration files can be configured to run system commands CVE-2020-1946 -...
SUSE CVE-2017-15705
A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and...
Mageia: Security Advisory (MGASA-2018-0425)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2011-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1961-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : spamassassin (EulerOS-SA-2021-1360)
According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain...
Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2020-2272)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for spamassassin (openSUSE-SU-2019:1831-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for spamassassin (moderate)
openSUSE Security Update: Security update for spamassassin Announcement ID: openSUSE-SU-2019:1831-1 Rating: moderate References: 1069831 1107765 1108745 1108748 1108749 1108750 1115411 Cross-References: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Affected Products: openSUSE Leap 15...
SUSE SLED12 / SLES12 Security Update : spamassassin (SUSE-SU-2019:1961-1)
This update for spamassassin to version 3.4.2 fixes the following issues : Security issues fixed : CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails bsc1108745. CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users bsc1108748. CVE-2018-11780: Fixe...
Fedora 29 : spamassassin (2018-8f0df2c366)
Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...
Fedora 28 : spamassassin (2018-46d7a7f63e)
Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...
Debian DLA-1578-1 : spamassassin security update
Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial of Service attacks under certain circumstances. CVE-2016-1238 Many Perl programs do not properly remove . period characters from the end of the includes directory array, which might allow loc...
Debian: Security Advisory (DLA-1578-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1578-1] spamassassin security update
Package : spamassassin Version : 3.4.2-0+deb8u1 CVE ID : CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Debian Bug : 784023 865924 883775 889501 891041 908969 908970 908971 913571 Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial...
USN-3811-2: SpamAssassin vulnerability
USN-3811-1 fixed a vulnerability in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a deni...
Amazon Linux 2 : spamassassin (ALAS-2018-1103)
A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing...
Important: spamassassin
Issue Overview: A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delayi...