Amazon Linux 2 : spamassassin (ALAS-2018-1103)
Medium Nessus Plugin ID 118834
SynopsisThe remote Amazon Linux 2 host is missing a security update.
DescriptionA flaw was found in the way SpamAssassin processes HTML email
containing unclosed HTML tags. A carefully crafted mail message could
cause SpamAssassin to consume significant resources. If a large number
of these messages are sent, a denial of service could occur
potentially delaying or preventing the delivery of
A flaw was found in the way a local user on the SpamAssassin server
could inject code in the meta rule syntax. This could cause the
arbitrary code execution on the server when these rules are being
SolutionRun 'yum update spamassassin' to update your system.