Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 7 : spamassassin-3.4.0-4.el7 (AXSA:2018-3356:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3356:01 advisory. spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service CVE-2017-15705 spamassassin: Local use...

7.8CVSS6.9AI score0.07879EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 5 : spamassassin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Local user code injection in the meta rule syntax CVE-2018-11781 - A denial of service...

7.8CVSS7.7AI score0.07879EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.24 views

RHEL 6 : spamassassin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Malicious rule configuration files can be configured to run system commands CVE-2020-1946 -...

7.7AI score0.07879EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.5 views

SUSE CVE-2017-15705

A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and...

7.5CVSS9AI score0.07879EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2018-0425)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.1082EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:2011-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.1082EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.34 views

SUSE: Security Advisory (SUSE-SU-2019:1961-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.37 views

EulerOS 2.0 SP2 : spamassassin (EulerOS-SA-2021-1360)

According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain...

9.3CVSS6.6AI score0.07879EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/10/30 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2020-2272)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.9AI score0.07879EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/08/07 12:0 a.m.22 views

openSUSE: Security Advisory for spamassassin (openSUSE-SU-2019:1831-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/08/06 12:0 a.m.71 views

Security update for spamassassin (moderate)

openSUSE Security Update: Security update for spamassassin Announcement ID: openSUSE-SU-2019:1831-1 Rating: moderate References: 1069831 1107765 1108745 1108748 1108749 1108750 1115411 Cross-References: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Affected Products: openSUSE Leap 15...

9.8CVSS8.1AI score0.1082EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : spamassassin (SUSE-SU-2019:1961-1)

This update for spamassassin to version 3.4.2 fixes the following issues : Security issues fixed : CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails bsc1108745. CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users bsc1108748. CVE-2018-11780: Fixe...

9.8CVSS7.3AI score0.1082EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.41 views

Fedora 29 : spamassassin (2018-8f0df2c366)

Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...

9.8CVSS6.7AI score0.1082EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.42 views

Fedora 28 : spamassassin (2018-46d7a7f63e)

Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...

9.8CVSS6.7AI score0.1082EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/14 12:0 a.m.30 views

Debian DLA-1578-1 : spamassassin security update

Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial of Service attacks under certain circumstances. CVE-2016-1238 Many Perl programs do not properly remove . period characters from the end of the includes directory array, which might allow loc...

9.8CVSS7AI score0.1082EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2018/11/14 12:0 a.m.51 views

Debian: Security Advisory (DLA-1578-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.1082EPSS
Exploits0References3
Debian
Debian
added 2018/11/13 7:6 p.m.470 views

[SECURITY] [DLA 1578-1] spamassassin security update

Package : spamassassin Version : 3.4.2-0+deb8u1 CVE ID : CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Debian Bug : 784023 865924 883775 889501 891041 908969 908970 908971 913571 Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial...

9.8CVSS6.9AI score0.1082EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/11/13 1:59 p.m.391 views

USN-3811-2: SpamAssassin vulnerability

USN-3811-1 fixed a vulnerability in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a deni...

5.3CVSS7.3AI score0.07879EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/11/09 12:0 a.m.41 views

Amazon Linux 2 : spamassassin (ALAS-2018-1103)

A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing...

7.8CVSS7AI score0.07879EPSS
Exploits0References3
Amazon
Amazon
added 2018/11/07 12:0 a.m.39 views

Important: spamassassin

Issue Overview: A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a large number of these messages are sent, a denial of service could occur potentially delayi...

7.8CVSS7.2AI score0.07879EPSS
Exploits0
Rows per page
Query Builder