Mandrake Linux Security Advisory : spamassassin (MDKSA-2005:106)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A Denial of Service bug was discovered in SpamAssassin. An attacker
could construct a particular message that would cause SpamAssassin to
consume CPU resources. If a large number of these messages were sent,
it could lead to a DoS. SpamAssassin 3.0.4 was released to correct
this vulnerability, as well as other minor bug fixes, and is provided
with this update.

For full details on the changes from previous versions of SpamAssassin
to this current version, please refer to the online documentation at
http://wiki.apache.org/spamassassin/NextRelease.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 18583 (mandrake_MDKSA-2005-106.nasl)

Bugtraq ID:

CVE ID: CVE-2005-1266

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now