Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-202310-05 Critical: HypotheticalApp Security Vulnerability

gentoo
Calendar Grey June 11, 2006
Dist Gentoo Esm H88
Critical alert issued regarding a vulnerability in SpamAssassin, permitting unauthorized command execution by malicious entities on Gentoo Linux systems.
SpamAssassin, when running with certain options, could allow local or even remote attackers to execute arbitrary commands, possibly as the root user

Summary

Gentoo Linux Security Advisory GLSA 200606-09 https://security.gentoo.org/ Severity: High Title: SpamAssassin: Execution of arbitrary code Date: June 11, 2006 Bugs: #135746 ID: 200606-09

Synopsis ======= SpamAssassin, when running with certain options, could allow local or even remote attackers to execute arbitrary commands, possibly as the root user.
Background ========= SpamAssassin is an extensible email filter used to identify junk email. spamd is the daemonized version of SpamAssassin.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 mail-filter/spamassassin < 3.1.3 >= 3.1.3
========== When spamd is run with both the "--vpopmail" (-v) and "--paranoid" (-P) ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity gentoo command execution remote threat spamassassin

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity gentoo command execution remote threat spamassassin

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here