Lucene search
Ubuntu.comUB:CVE-2006-2447HistoryJun 06, 2006 - 12:00 a.m.
CVE-2006-2447
2006-06-0600:00:00
ubuntu.com
ubuntu.com
8
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.947 High
EPSS
Percentile
99.3%
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P)
switch, allows remote attackers to execute arbitrary commands via a crafted
message that is not properly handled when invoking spamd with the virtual
pop username.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | spamassassin | < 3.1.0a-2ubuntu1.1 | UNKNOWN |
| ubuntu | 6.10 | noarch | spamassassin | < 3.1.4-1ubuntu1 | UNKNOWN |
| ubuntu | 7.04 | noarch | spamassassin | < 3.1.4-1ubuntu1 | UNKNOWN |
Related
cve
cve
CVE-2006-2447
2006-06-06 21:06:00
nessus
nessus
RHEL 4 : spamassassin (RHSA-2006:0543)
2006-06-08 00:00:00
CentOS 4 : spamassassin (CESA-2006:0543)
2006-07-05 00:00:00
GLSA-200606-09 : SpamAssassin: Execution of arbitrary code
2006-06-16 00:00:00
saint
saint
SpamAssassin spamd vpopmail user vulnerability
2006-06-09 00:00:00
SpamAssassin spamd vpopmail user vulnerability
2006-06-09 00:00:00
SpamAssassin spamd vpopmail user vulnerability
2006-06-09 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200606-09 (Spamassassin)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200606-09 (Spamassassin)
2008-09-24 00:00:00
SLES9: Security update for SpamAssassin
2009-10-10 00:00:00
exploitpack
exploitpack
SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)
2006-06-06 00:00:00
nvd
nvd
CVE-2006-2447
2006-06-06 21:06:00
debiancve
debiancve
CVE-2006-2447
2006-06-06 21:06:00
centos
centos
spamassassin security update
2006-06-06 21:40:09
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 00:13:09
prion
prion
Design/Logic Flaw
2006-06-06 21:06:00
cvelist
cvelist
CVE-2006-2447
2006-06-06 21:00:00
seebug
seebug
SpamAssassin spamd Remote Command Execution
2014-07-01 00:00:00
SpamAssassin spamd <= 3.1.3 - Command Injection
2014-07-01 00:00:00
SpamAssassin spamd <= 3.1.3 Command Injection
2006-06-06 00:00:00
redhat
redhat
(RHSA-2006:0543) spamassassin security update
2006-06-06 00:00:00
gentoo
gentoo
SpamAssassin: Execution of arbitrary code
2006-06-11 00:00:00
securityvulns
securityvulns
packetstorm
packetstorm
SpamAssassin spamd Remote Command Execution
2009-10-28 00:00:00
debian
debian
checkpoint_advisories
checkpoint_advisories
SpamAssassin Spamd Configurable Options Code Execution (CVE-2006-2447)
2009-12-01 00:00:00
metasploit
metasploit
SpamAssassin spamd Remote Command Execution
2008-07-19 15:40:30
exploitdb
exploitdb
SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)
2006-06-06 00:00:00
SpamAssassin spamd - Remote Command Execution (Metasploit)
2010-04-30 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: spamassassin-3.1.8-1.fc5
2007-02-15 19:48:41
[SECURITY] Fedora Core 5 Update: spamassassin-3.1.9-1.fc5.1
2007-06-12 21:36:03
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.947 High
EPSS
Percentile
99.3%
Related for UB:CVE-2006-2447