Описание
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 3.1.0a-2ubuntu1.1 |
| devel | released | 3.1.4-1ubuntu1 |
| edgy | released | 3.1.4-1ubuntu1 |
| feisty | released | 3.1.4-1ubuntu1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
5.1 Medium
CVSS2
Связанные уязвимости
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid ...
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
EPSS
5.1 Medium
CVSS2