Test ID:	1.3.6.1.4.1.25623.1.0.56936
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200606-09 (Spamassassin)
Summary:	The remote host is missing updates announced in;advisory GLSA 200606-09.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200606-09. Vulnerability Insight: SpamAssassin, when running with certain options, could allow local or even remote attackers to execute arbitrary commands, possibly as the root user. Solution: All SpamAssassin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-filter/spamassassin-3.1.3' CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2447 1016230 http://securitytracker.com/id?1016230 1016235 http://securitytracker.com/id?1016235 18290 http://www.securityfocus.com/bid/18290 2006-0034 http://www.trustix.org/errata/2006/0034/ 20060607 rPSA-2006-0096-1 spamassassin http://www.securityfocus.com/archive/1/436288/100/0/threaded 20430 http://secunia.com/advisories/20430 20443 http://secunia.com/advisories/20443 20482 http://secunia.com/advisories/20482 20531 http://secunia.com/advisories/20531 20566 http://secunia.com/advisories/20566 20692 http://secunia.com/advisories/20692 ADV-2006-2148 http://www.vupen.com/english/advisories/2006/2148 DSA-1090 http://www.debian.org/security/2006/dsa-1090 GLSA-200606-09 http://www.gentoo.org/security/en/glsa/glsa-200606-09.xml MDKSA-2006:103 http://www.mandriva.com/security/advisories?name=MDKSA-2006:103 RHSA-2006:0543 http://www.redhat.com/support/errata/RHSA-2006-0543.html http://www.nabble.com/ANNOUNCE%3A-Apache-SpamAssassin-3.1.3-available%21-t1736096.html oval:org.mitre.oval:def:9184 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9184 spamassassin-spamd-command-execution(27008) https://exchange.xforce.ibmcloud.com/vulnerabilities/27008
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.