SpamAssassin Local Symlink Attack And Denial of Service Vulnerability

Bugtraq ID: 24481
Class: Design Error
CVE: CVE-2007-2873
Remote: No
Local: Yes
Published: Jun 14 2007 12:00AM
Updated: Jun 15 2007 04:39PM
Credit: Martin F. Krafft of Debian reported this vulnerability.
Vulnerable: SpamAssassin SpamAssassin 3.2
SpamAssassin SpamAssassin 3.1.9
SpamAssassin SpamAssassin 3.1.8
SpamAssassin SpamAssassin 3.1.7
SpamAssassin SpamAssassin 3.1.6
SpamAssassin SpamAssassin 3.1.5
SpamAssassin SpamAssassin 3.1.4
SpamAssassin SpamAssassin 3.1.3
SpamAssassin SpamAssassin 3.1.2
SpamAssassin SpamAssassin 3.1.1
SpamAssassin SpamAssassin 3.1
rPath rPath Linux 1
Redhat Fedora Core6
Redhat Fedora Core5
Redhat Fedora 7
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Not Vulnerable: SpamAssassin SpamAssassin 3.2.1


 

Privacy Statement
Copyright 2010, SecurityFocus