SpamAssassin < 3.1.8 Malformed HTML Long URI DoS
Low Nessus Network Monitor Plugin ID 3918
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack.
DescriptionThe remote host is running SpamAssassin, an anti-spam software application that detects and blocks spam emails. Due to a content-parsing error, SpamAssassin can be crashed when processing very long URIs within an email message. An attacker exploiting this flaw would only need to have the ability to craft and send an email. Successful exploitation leads to a loss of availability.
SolutionUpgrade to version 3.1.8 or higher.