SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   SpamAssassin Vendors:   spamassassin.org
SpamAssassin symlink Bug Lets Local Users Deny Service
SecurityTracker Alert ID:  1018242
SecurityTracker URL:  http://securitytracker.com/id/1018242
CVE Reference:   CVE-2007-2873   (Links to External Site)
Date:  Jun 13 2007
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.1.0 to prior to 3.2.1
Description:   A vulnerability was reported in SpamAssassin. A local user can cause denial of service conditions.

If spamd is run with root user privileges, a local user can create a symbolic link (symlink) from a critical file on the system to a file used by spamd to cause the symlinked file to be overwritten with data. The data is not controlled by the user. This can cause denial of service conditions on the target system.

The system may be vulnerable in under the following conditions [not the default configuration]: if used with vpopmail or virtual users via the "-v"/"--vpopmail" OR "--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch.

Martin F. Krafft discovered this vulnerability.

Impact:   A local user can cause arbitrary files to be overwritten on the target system.
Solution:   The vendor has issued a fixed version (3.2.1).

The SpamAssassin advisory is available at:

http://spamassassin.apache.org/advisories/cve-2007-2873.txt

Vendor URL:  spamassassin.apache.org/advisories/cve-2007-2873.txt (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 13 2007 (Red Hat Issues Fix) SpamAssassin symlink Bug Lets Local Users Deny Service
Red Hat has released a fix for Red Hat Enterprise Linux 4 and 5.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC