Summary
The remote host is missing updates announced in
advisory GLSA 200408-06.
Solution
All SpamAssassin users should upgrade to the latest version:
# emerge sync
# emerge -pv '>=mail-filter/spamassassin-2.64'
# emerge '>=mail-filter/spamassassin-2.64'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200408-06 http://bugs.gentoo.org/show_bug.cgi?id=59483
http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2
Insight
SpamAssassin is vulnerable to a Denial of Service attack when handling certain malformed messages.
Severity
Classification
-
CVE CVE-2004-0796 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities