Vulnerability in SpamAssassin < 3.1.8

Denis Beauchemin Denis.Beauchemin at USherbrooke.ca
Fri Feb 16 20:41:18 CET 2007


In case you didn't know what to do on you Friday afternoon/night:

TITLE:
SpamAssassin Long URI Denial of Service

SECUNIA ADVISORY ID:
SA24197

VERIFY ADVISORY:
http://secunia.com/advisories/24197/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
SpamAssassin 3.x
http://secunia.com/product/4506/

DESCRIPTION:
A vulnerability has been reported in SpamAssassin, which can be exploited by
malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error and can be exploited
to cause a DoS via overly long URIs in the message content.

SOLUTION:
Update to version 3.1.8.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://svn.apache.org/repos/asf/spamassassin/branches/3.1/build/announcements/3.1.8.txt


Denis

-- 
   _
  °v°   Denis Beauchemin, analyste
 /(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x62252 F: 819.821.8045


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070216/1ede7fc6/smime.bin


More information about the MailScanner mailing list