35 matches found
MiracleLinux 7 : spamassassin-3.4.0-4.el7 (AXSA:2018-3356:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3356:01 advisory. spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service CVE-2017-15705 spamassassin: Local use...
RHEL 5 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Local user code injection in the meta rule syntax CVE-2018-11781 - A denial of service...
RHEL 6 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Local user code injection in the meta rule syntax CVE-2018-11781 - A denial of service...
RHEL 6 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: Malicious rule configuration files can be configured to run system commands CVE-2020-1946 -...
Ubuntu: Security Advisory (USN-3811-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0425)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2011-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1961-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2020-2397)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : spamassassin (EulerOS-SA-2020-2397)
According to the version of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.CVE-2018-11781 Note that Tenable Network Security has...
Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2020-2272)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for spamassassin (EulerOS-SA-2020-2118)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : spamassassin (EulerOS-SA-2020-2118)
According to the version of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.CVE-2018-11781 Note that Tenable Network Security has...
openSUSE: Security Advisory for spamassassin (openSUSE-SU-2019:1831-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for spamassassin (moderate)
openSUSE Security Update: Security update for spamassassin Announcement ID: openSUSE-SU-2019:1831-1 Rating: moderate References: 1069831 1107765 1108745 1108748 1108749 1108750 1115411 Cross-References: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 Affected Products: openSUSE Leap 15...
SUSE SLED12 / SLES12 Security Update : spamassassin (SUSE-SU-2019:1961-1)
This update for spamassassin to version 3.4.2 fixes the following issues : Security issues fixed : CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails bsc1108745. CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users bsc1108748. CVE-2018-11780: Fixe...
Fedora 28 : spamassassin (2018-46d7a7f63e)
Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...
USN-3811-3: SpamAssassin vulnerabilities
USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code...
Debian DLA-1578-1 : spamassassin security update
Multiple vulnerabilities were found in Spamassassin, which could lead to Remote Code Execution and Denial of Service attacks under certain circumstances. CVE-2016-1238 Many Perl programs do not properly remove . period characters from the end of the includes directory array, which might allow loc...
Debian: Security Advisory (DLA-1578-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...