Lucene search

K
ubuntuUbuntuUSN-4237-1
HistoryJan 13, 2020 - 12:00 a.m.

SpamAssassin vulnerabilities

2020-01-1300:00:00
ubuntu.com
57

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

81.9%

Releases

  • Ubuntu 19.10
  • Ubuntu 19.04
  • Ubuntu 18.04 ESM
  • Ubuntu 16.04 ESM

Packages

  • spamassassin - Perl-based spam filter using text analysis

Details

It was discovered that SpamAssassin incorrectly handled certain CF files.
If a user or automated system were tricked into using a specially-crafted
CF file, a remote attacker could possibly run arbitrary code.
(CVE-2018-11805)

It was discovered that SpamAssassin incorrectly handled certain messages.
A remote attacker could possibly use this issue to cause SpamAssassin to
consume resources, resulting in a denial of service. (CVE-2019-12420)

OSVersionArchitecturePackageVersionFilename
Ubuntu19.10noarchspamassassin< 3.4.2-1ubuntu0.19.10.1UNKNOWN
Ubuntu19.10noarchsa-compile< 3.4.2-1ubuntu0.19.10.1UNKNOWN
Ubuntu19.10noarchspamc< 3.4.2-1ubuntu0.19.10.1UNKNOWN
Ubuntu19.10noarchspamc-dbgsym< 3.4.2-1ubuntu0.19.10.1UNKNOWN
Ubuntu19.04noarchspamassassin< 3.4.2-1ubuntu0.19.04.1UNKNOWN
Ubuntu19.04noarchsa-compile< 3.4.2-1ubuntu0.19.04.1UNKNOWN
Ubuntu19.04noarchspamc< 3.4.2-1ubuntu0.19.04.1UNKNOWN
Ubuntu19.04noarchspamc-dbgsym< 3.4.2-1ubuntu0.19.04.1UNKNOWN
Ubuntu18.04noarchspamassassin< 3.4.2-0ubuntu0.18.04.2UNKNOWN
Ubuntu18.04noarchsa-compile< 3.4.2-0ubuntu0.18.04.2UNKNOWN
Rows per page:
1-10 of 161

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

81.9%