SpamAssassin spamd vpopmail Username Command Injection

Medium Nessus Network Monitor Plugin ID 3640


The remote host is vulnerable to an arbitrary 'command insertion' flaw.


The remote host is running SpamAssassin, an anti-spam software application that detects and blocks spam emails. Due to a content-parsing error, SpamAssassin can be tricked into executing arbitrary commands with the privileges of the SpamAssassin spamd process. Additionally, the remote version of SpamAssassin must be running with either '--vpopmail' or '--paranoid' enabled.


Upgrade or patch according to vendor recommendations.

See Also

Plugin Details

Severity: Medium

ID: 3640

Family: SMTP Clients

Published: 2006/06/08

Modified: 2018/09/16

Dependencies: 1332

Risk Information

Risk Factor: Medium


Base Score: 5.1

Temporal Score: 5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 5.6

Temporal Score: 4.9


Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:spamassassin

Exploitable With

Metasploit (SpamAssassin spamd Remote Command Execution)

Reference Information

CVE: CVE-2006-2447

BID: 18290