This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A flaw was discovered in the way that spamd processes the virtual POP
usernames passed to it. If running with the --vpopmail and --paranoid
flags, it is possible for a remote user with the ability to connect to
the spamd daemon to execute arbitrary commands as the user running
By default, the Spamassassin packages do not start spamd with either
of these flags and this usage is uncommon.
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.1
Public Exploit Available : true