This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated spamassassin packages that fix a security issue are now
available for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
SpamAssassin provides a way to reduce unsolicited commercial email
(spam) from incoming email.
Martin Krafft discovered a symlink issue in SpamAssassin that affects
certain non-default configurations. A local user could use this flaw
to create or overwrite files writable by the spamd process
Users of SpamAssassin should upgrade to these updated packages which
contain a backported patch to correct this issue.
Note: This issue did not affect the version of SpamAssassin shipped
with Red Hat Enterprise Linux 3.
See also :
Update the affected spamassassin package.
Risk factor :
Low / CVSS Base Score : 1.9
CVSS Temporal Score : 1.7
Public Exploit Available : true
Family: Red Hat Local Security Checks
Nessus Plugin ID: 25521 ()
Bugtraq ID: 22584
CVE ID: CVE-2007-2873
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.