Lucene search

K

SAINT CorporationSAINT:292C9607DC52FA97249F866D1B097065

HistoryJun 09, 2006 - 12:00 a.m.

SpamAssassin spamd vpopmail user vulnerability

2006-06-0900:00:00

SAINT Corporation

my.saintcorporation.com

21

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.947 High

EPSS

Percentile

99.3%

Added: 06/09/2006
CVE: CVE-2006-2447
BID: 18290
OSVDB: 26177

Background

SpamAssassin identifies spam e-mail using a variety of local and network based tests. **spamd** is a component of SpamAssassin which allows it to run as a network daemon.

Problem

When the vpopmail (-v) and paranoid (-P) options are used with **spamd**, the user name specified by the client is included in a shell command without sufficient checking for invalid characters. This allows arbitrary command execution by remote attackers.

Resolution

Upgrade to SpamAssassin 3.1.3 or higher.

References

<http://www.securityfocus.com/archive/1/436288>

Limitations

This exploit will only succeed when run from an address which is explicitly allowed by **spamd**.

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.947 High

EPSS

Percentile

99.3%

Related for SAINT:292C9607DC52FA97249F866D1B097065

cve1 nessus11 saint3 openvas10 exploitpack1 nvd1 debiancve1 redhat1 gentoo1 securityvulns1 packetstorm1 seebug3 debian1 centos1 veracode1 prion1 cvelist1 ubuntucve1 checkpoint_advisories1 metasploit1 exploitdb2 fedora2