SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Spamassassin | Spamassassin | 2.40 (including) | 2.40 (including) |
| Spamassassin | Spamassassin | 2.41 (including) | 2.41 (including) |
| Spamassassin | Spamassassin | 2.42 (including) | 2.42 (including) |
| Spamassassin | Spamassassin | 2.43 (including) | 2.43 (including) |
| Spamassassin | Spamassassin | 2.44 (including) | 2.44 (including) |
| Spamassassin | Spamassassin | 2.50 (including) | 2.50 (including) |
| Spamassassin | Spamassassin | 2.55 (including) | 2.55 (including) |
| Spamassassin | Spamassassin | 2.60 (including) | 2.60 (including) |
| Spamassassin | Spamassassin | 2.63 (including) | 2.63 (including) |
| Red Hat Enterprise Linux 3 | RedHat | spamassassin-0:2.55-3.2 | * |
References
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337
- http://marc.info/?l=spamassassin-announce\u0026m=109168121628767\u0026w=2
- http://security.gentoo.org/glsa/glsa-200408-06.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:084
- http://www.securityfocus.com/bid/10957
- https://bugzilla.fedora.us/show_bug.cgi?id=2268
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16938
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337
- http://marc.info/?l=spamassassin-announce\u0026m=109168121628767\u0026w=2
- http://security.gentoo.org/glsa/glsa-200408-06.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:084
- http://www.securityfocus.com/bid/10957
- https://bugzilla.fedora.us/show_bug.cgi?id=2268
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16938
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413