SpamAssassin spamd vpopmail Username Command Injection

Medium Nessus Network Monitor Plugin ID 3640

Synopsis

The remote host is vulnerable to an arbitrary 'command insertion' flaw.

Description

The remote host is running SpamAssassin, an anti-spam software application that detects and blocks spam emails. Due to a content-parsing error, SpamAssassin can be tricked into executing arbitrary commands with the privileges of the SpamAssassin spamd process. Additionally, the remote version of SpamAssassin must be running with either '--vpopmail' or '--paranoid' enabled.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://spamassassin.org

Plugin Details

Severity: Medium

ID: 3640

Family: SMTP Clients

Published: 2006/06/08

Modified: 2018/09/16

Dependencies: 1332

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.1

Temporal Score: 5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 4.9

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:spamassassin

Exploitable With

Metasploit (SpamAssassin spamd Remote Command Execution)

Reference Information

CVE: CVE-2006-2447

BID: 18290