[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200606071807.k57I7oPK004480@lambchop.rdu.rpath.com>
Date: Wed Jun 7 19:08:01 2006
From: jmforbes at rpath.com (Justin M. Forbes)
Subject: rPSA-2006-0096-1 spamassassin
rPath Security Advisory: 2006-0096-1
Published: 2006-06-07
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Remote Root Deterministic Unauthorized Access
Updated Versions:
spamassassin=/conary.rpath.com@rpl:devel//1/3.0.6-0.1-1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2447
http://issues.rpath.com/browse/RPL-397
Description:
Previous versions of spamassassin have a remote unauthorized access
vulnerability only in a non-default and very uncommon configuration.
It affects only systems where spamd is used with vpopmail virtual
users, via the "-v" or "--vpopmail" switch, and when the "-P" or
"--paranoid" switch has been used. Both switches have to be enabled
for the vulnerability to exist.
Powered by blists - more mailing lists