• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SpamAssassin Vpopmail and Paranoid Switches Remote Command Execution Vulnerability

Solution:
The vendor has addressed this issue in the 3.0.x strain with version 3.0.6 and in the 3.1.x strain with 3.1.3.

Please see the referenced vendor advisories for more information.


SpamAssassin SpamAssassin 2.63

• Mandriva perl-Mail-SpamAssassin-2.63-3.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva perl-Mail-SpamAssassin-2.63-3.1.C30mdk.x86_64.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-2.63-3.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-2.63-3.1.C30mdk.src.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-2.63-3.1.C30mdk.x86_64.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-tools-2.63-3.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-tools-2.63-3.1.C30mdk.x86_64.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download

SpamAssassin SpamAssassin 3.0

• SpamAssassin Mail-SpamAssassin-3.0.6.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 0.6.tar.gz

SpamAssassin SpamAssassin 3.0.1

• SpamAssassin Mail-SpamAssassin-3.0.6.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 0.6.tar.gz

SpamAssassin SpamAssassin 3.0.2

• Mandriva perl-Mail-SpamAssassin-3.0.4-0.3.102mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva perl-Mail-SpamAssassin-3.0.4-0.3.102mdk.x86_64.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-0.3.102mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-0.3.102mdk.src.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-0.3.102mdk.x86_64.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamc-3.0.4-0.3.102mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamc-3.0.4-0.3.102mdk.x86_64.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamd-3.0.4-0.3.102mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamd-3.0.4-0.3.102mdk.x86_64.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-tools-3.0.4-0.3.102mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-tools-3.0.4-0.3.102mdk.x86_64.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• SpamAssassin Mail-SpamAssassin-3.0.6.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 0.6.tar.gz

SpamAssassin SpamAssassin 3.0.3

• SpamAssassin Mail-SpamAssassin-3.0.6.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 0.6.tar.gz

SpamAssassin SpamAssassin 3.0.4

• Mandriva perl-Mail-SpamAssassin-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva perl-Mail-SpamAssassin-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva perl-Mail-SpamAssassin-3.0.4-3.3.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-3.3.20060mdk.src.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-3.3.20060mdk.src.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-3.0.4-3.3.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamc-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamc-3.0.4-3.3.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamd-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 10.2:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamd-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-spamd-3.0.4-3.3.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-tools-3.0.4-3.3.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva spamassassin-tools-3.0.4-3.3.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• SpamAssassin Mail-SpamAssassin-3.0.6.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 0.6.tar.gz


• Trustix perl-mail-spamassassin-3.0.4-4tr.i586.rpm
  Trustix Secure Linux 2.2
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix perl-mail-spamassassin-3.0.4-4tr.i586.rpm
  Trustix Secure Linux 3.0
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix spamassassin-3.0.4-4tr.i586.rpm
  Trustix Secure Linux 2.2
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix spamassassin-3.0.4-4tr.i586.rpm
  Trustix Secure Linux 3.0
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix spamassassin-tools-3.0.4-4tr.i586.rpm
  Trustix Secure Linux 2.2
  ftp://ftp.trustix.org/pub/trustix/updates/


• Trustix spamassassin-tools-3.0.4-4tr.i586.rpm
  Trustix Secure Linux 3.0
  ftp://ftp.trustix.org/pub/trustix/updates/

SpamAssassin SpamAssassin 3.0.5

• SpamAssassin Mail-SpamAssassin-3.0.6.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 0.6.tar.gz

SpamAssassin SpamAssassin 3.1

• SpamAssassin Mail-SpamAssassin-3.1.3.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 1.3.tar.gz

SpamAssassin SpamAssassin 3.1.1

• SpamAssassin Mail-SpamAssassin-3.1.3.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 1.3.tar.gz

SpamAssassin SpamAssassin 3.1.2

• SpamAssassin Mail-SpamAssassin-3.1.3.tar.gz
  http://apache.mirror.rafal.ca/spamassassin/source/Mail-SpamAssassin-3. 1.3.tar.gz