ID CVE-2007-2873
Summary SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.
References
Vulnerable Configurations
  • cpe:2.3:a:spamassassin:spamassassin:3.1.0
    cpe:2.3:a:spamassassin:spamassassin:3.1.0
  • cpe:2.3:a:spamassassin:spamassassin:3.1.1
    cpe:2.3:a:spamassassin:spamassassin:3.1.1
  • cpe:2.3:a:spamassassin:spamassassin:3.1.2
    cpe:2.3:a:spamassassin:spamassassin:3.1.2
  • cpe:2.3:a:spamassassin:spamassassin:3.1.3
    cpe:2.3:a:spamassassin:spamassassin:3.1.3
  • cpe:2.3:a:spamassassin:spamassassin:3.1.4
    cpe:2.3:a:spamassassin:spamassassin:3.1.4
  • cpe:2.3:a:spamassassin:spamassassin:3.1.5
    cpe:2.3:a:spamassassin:spamassassin:3.1.5
  • cpe:2.3:a:spamassassin:spamassassin:3.1.6
    cpe:2.3:a:spamassassin:spamassassin:3.1.6
  • cpe:2.3:a:spamassassin:spamassassin:3.1.7
    cpe:2.3:a:spamassassin:spamassassin:3.1.7
  • cpe:2.3:a:spamassassin:spamassassin:3.1.8
    cpe:2.3:a:spamassassin:spamassassin:3.1.8
  • cpe:2.3:a:spamassassin:spamassassin:3.1.9
    cpe:2.3:a:spamassassin:spamassassin:3.1.9
  • cpe:2.3:a:spamassassin:spamassassin:3.2.0
    cpe:2.3:a:spamassassin:spamassassin:3.2.0
  • cpe:2.3:a:spamassassin:spamassassin:3.2.1
    cpe:2.3:a:spamassassin:spamassassin:3.2.1
CVSS
Base: 1.9 (as of 13-06-2007 - 09:55)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0492.NASL
    description From Red Hat Security Advisory 2007:0492 : Updated spamassassin packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email. Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process (CVE-2007-2873). Users of SpamAssassin should upgrade to these updated packages which contain a backported patch to correct this issue. Note: This issue did not affect the version of SpamAssassin shipped with Red Hat Enterprise Linux 3.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67521
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67521
    title Oracle Linux 4 / 5 : spamassassin (ELSA-2007-0492)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0492.NASL
    description Updated spamassassin packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email. Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process (CVE-2007-2873). Users of SpamAssassin should upgrade to these updated packages which contain a backported patch to correct this issue. Note: This issue did not affect the version of SpamAssassin shipped with Red Hat Enterprise Linux 3.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 25521
    published 2007-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25521
    title RHEL 4 / 5 : spamassassin (RHSA-2007:0492)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_8092B8201D6F11DCA0B2001921AB2FA4.NASL
    description SpamAssassin website reports : A local user symlink-attack DoS vulnerability in SpamAssassin has been found, affecting versions 3.1.x, 3.2.0, and SVN trunk.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 25533
    published 2007-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25533
    title FreeBSD : p5-Mail-SpamAssassin -- local user symlink-attack DoS vulnerability (8092b820-1d6f-11dc-a0b2-001921ab2fa4)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20070613_SPAMASSASSIN_ON_SL5_X.NASL
    description Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process (CVE-2007-2873).
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60207
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60207
    title Scientific Linux Security Update : spamassassin on SL5.x, SL4.x i386/x86_64 (fwd)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0492.NASL
    description Updated spamassassin packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email. Martin Krafft discovered a symlink issue in SpamAssassin that affects certain non-default configurations. A local user could use this flaw to create or overwrite files writable by the spamd process (CVE-2007-2873). Users of SpamAssassin should upgrade to these updated packages which contain a backported patch to correct this issue. Note: This issue did not affect the version of SpamAssassin shipped with Red Hat Enterprise Linux 3.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25527
    published 2007-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25527
    title CentOS 4 / 5 : spamassassin (CESA-2007:0492)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-125.NASL
    description SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd. SpamAssassin 3.1.9, which corrects this flaw, is provided with this update.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 25537
    published 2007-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25537
    title Mandrake Linux Security Advisory : spamassassin (MDKSA-2007:125)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-0390.NASL
    description Local symlink vulnerability. Fedora is not vulnerable in any default or common configurations. Read upstream's announcement for details. http://spamassassin.apache.org/advisories/CVE-2007-2873.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 27663
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27663
    title Fedora 7 : spamassassin-3.2.1-1.fc7 (2007-0390)
oval via4
accepted 2013-04-29T04:04:55.945-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.
family unix
id oval:org.mitre.oval:def:10354
status accepted
submitted 2010-07-09T03:56:16-04:00
title SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.
version 24
redhat via4
advisories
bugzilla
id 243455
title CVE-2007-2873 spamassassin symlink attack
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • comment spamassassin is earlier than 0:3.1.9-1.el4
      oval oval:com.redhat.rhsa:tst:20070492002
    • comment spamassassin is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20070074003
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • comment spamassassin is earlier than 0:3.1.9-1.el5
      oval oval:com.redhat.rhsa:tst:20070492005
    • comment spamassassin is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhsa:tst:20070075003
rhsa
id RHSA-2007:0492
released 2007-06-13
severity Moderate
title RHSA-2007:0492: spamassassin security update (Moderate)
rpms
  • spamassassin-0:3.1.9-1.el4
  • spamassassin-0:3.1.9-1.el5
refmap via4
bid 24481
confirm
mandriva MDKSA-2007:125
osvdb 37234
sectrack 1018242
vupen ADV-2007-2172
xf spamassassin-symlink-dos(34864)
Last major update 07-03-2011 - 21:55
Published 11-06-2007 - 19:30
Last modified 10-10-2017 - 21:32
Back to Top