SpamAssassin spamd Crafted Message Arbitrary Command Execution

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote server allows execution of arbitrary commands.

Description :

The remote host is running spamd, a daemon belonging to SpamAssassin
and used to determine whether messages represent spam.

The installed version of spamd on the remote host appears to allow an
unauthenticated user to execute arbitrary commands, subject to the
privileges of the user under which it operates.

See also :

http://spamassassin.apache.org/advisories/cve-2006-2447.txt

Solution :

Upgrade to SpamAssassin 3.0.6 / 3.1.3 or later.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.0
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 21673 ()

Bugtraq ID: 18290

CVE ID: CVE-2006-2447