SUSE-SA:2005:033: spamassassin

medium Nessus Plugin ID 19242

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2005:033 (spamassassin).

The anti spam tool SpamAssassin was prone to a denial-of-service attack. A remote attacker could craft a MIME E-Mail message that would waste a lot of CPU cycles parsing the Content-Type header.

This is tracked by the Mitre CVE ID CVE-2005-1266.

Only SUSE Linux 9.2 and 9.3 are affected, since they include the 3.x version of spamassassin. Older versions are not affected.

Solution

http://www.suse.de/security/advisories/2005_33_spamassassin.html

Plugin Details

Severity: Medium

ID: 19242

File Name: suse_SA_2005_033.nasl

Version: 1.9

Agent: unix

Family: SuSE Local Security Checks

Published: 7/20/2005

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Detections

Analytics