Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2005:106 (spamassassin)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53967

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2005:106 (spamassassin)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to spamassassin
announced via advisory MDKSA-2005:106.

A Denial of Service bug was discovered in SpamAssassin. An attacker
could construct a particular message that would cause SpamAssassin to
consume CPU resources. If a large number of these messages were sent,
it could lead to a DoS. SpamAssassin 3.0.4 was released to correct
this vulnerability, as well as other minor bug fixes, and is provided
with this update.

For full details on the changes from previous versions of SpamAssassin
to this current version, please refer to the online documentation at
http://wiki.apache.org/spamassassin/NextRelease.

Affected versions: 10.1, 10.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:106

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1266
13978
http://www.securityfocus.com/bid/13978
DSA-736
http://www.debian.org/security/2005/dsa-736
GLSA-200506-17
http://security.gentoo.org/glsa/glsa-200506-17.xml
MDKSA-2005:106
http://www.mandriva.com/security/advisories?name=MDKSA-2005:106
RHSA-2005:498
http://www.redhat.com/support/errata/RHSA-2005-498.html
[spamassassin-announce] 20050615 Denial of Service Vulnerability in Apache SpamAssassin 3.0.1-3.0.3
http://mail-archives.apache.org/mod_mbox/spamassassin-announce/200506.mbox/%3c17072.35054.586017.822288%40proton.pathname.com%3e
http://bugs.gentoo.org/show_bug.cgi?id=94722
http://www.vuxml.org/freebsd/cc4ce06b-e01c-11d9-a8bd-000cf18bbe54.html
oval:org.mitre.oval:def:10901
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10901

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53967
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:106 (spamassassin)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to spamassassin announced via advisory MDKSA-2005:106. A Denial of Service bug was discovered in SpamAssassin. An attacker could construct a particular message that would cause SpamAssassin to consume CPU resources. If a large number of these messages were sent, it could lead to a DoS. SpamAssassin 3.0.4 was released to correct this vulnerability, as well as other minor bug fixes, and is provided with this update. For full details on the changes from previous versions of SpamAssassin to this current version, please refer to the online documentation at http://wiki.apache.org/spamassassin/NextRelease. Affected versions: 10.1, 10.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:106 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1266 13978 http://www.securityfocus.com/bid/13978 DSA-736 http://www.debian.org/security/2005/dsa-736 GLSA-200506-17 http://security.gentoo.org/glsa/glsa-200506-17.xml MDKSA-2005:106 http://www.mandriva.com/security/advisories?name=MDKSA-2005:106 RHSA-2005:498 http://www.redhat.com/support/errata/RHSA-2005-498.html [spamassassin-announce] 20050615 Denial of Service Vulnerability in Apache SpamAssassin 3.0.1-3.0.3 http://mail-archives.apache.org/mod_mbox/spamassassin-announce/200506.mbox/%3c17072.35054.586017.822288%40proton.pathname.com%3e http://bugs.gentoo.org/show_bug.cgi?id=94722 http://www.vuxml.org/freebsd/cc4ce06b-e01c-11d9-a8bd-000cf18bbe54.html oval:org.mitre.oval:def:10901 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10901
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com