Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0075

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58873

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2007:0075

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2007:0075.

SpamAssassin provides a way to reduce unsolicited commercial email (spam)
from incoming email.

A flaw was found in the way SpamAssassin processes HTML email containing
URIs. A carefully crafted mail message could cause SpamAssassin to consume
significant resources. If a number of these messages are sent, this could
lead to a denial of service, potentially delaying or preventing the
delivery of email. (CVE-2007-0451)

Users of SpamAssassin should upgrade to these updated packages which
contain version 3.1.8 which is not vulnerable to these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0075.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Medium

CVSS Score:
4.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-0451
1017666
http://www.securitytracker.com/id?1017666
22584
http://www.securityfocus.com/bid/22584
24197
http://secunia.com/advisories/24197
24200
http://secunia.com/advisories/24200
24250
http://secunia.com/advisories/24250
24256
http://secunia.com/advisories/24256
24265
http://secunia.com/advisories/24265
24307
http://secunia.com/advisories/24307
24889
http://secunia.com/advisories/24889
33207
http://osvdb.org/33207
ADV-2007-0628
http://www.vupen.com/english/advisories/2007/0628
FEDORA-2007-241
http://fedoranews.org/cms/node/2659
FEDORA-2007-242
http://fedoranews.org/cms/node/2657
GLSA-200703-02
http://security.gentoo.org/glsa/glsa-200703-02.xml
MDKSA-2007:049
http://www.mandriva.com/security/advisories?name=MDKSA-2007:049
RHSA-2007:0074
http://rhn.redhat.com/errata/RHSA-2007-0074.html
RHSA-2007:0075
http://www.redhat.com/support/errata/RHSA-2007-0075.html
SUSE-SR:2007:006
http://www.novell.com/linux/security/advisories/2007_6_sr.html
http://spamassassin.apache.org/advisories/cve-2007-0451.txt
http://svn.apache.org/repos/asf/spamassassin/branches/3.1/build/announcements/3.1.8.txt
https://issues.rpath.com/browse/RPL-1073
oval:org.mitre.oval:def:10018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10018
spamassassin-url-dos(32536)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32536

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58873
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0075
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0075. SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email. A flaw was found in the way SpamAssassin processes HTML email containing URIs. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a number of these messages are sent, this could lead to a denial of service, potentially delaying or preventing the delivery of email. (CVE-2007-0451) Users of SpamAssassin should upgrade to these updated packages which contain version 3.1.8 which is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0075.html http://www.redhat.com/security/updates/classification/#important Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0451 1017666 http://www.securitytracker.com/id?1017666 22584 http://www.securityfocus.com/bid/22584 24197 http://secunia.com/advisories/24197 24200 http://secunia.com/advisories/24200 24250 http://secunia.com/advisories/24250 24256 http://secunia.com/advisories/24256 24265 http://secunia.com/advisories/24265 24307 http://secunia.com/advisories/24307 24889 http://secunia.com/advisories/24889 33207 http://osvdb.org/33207 ADV-2007-0628 http://www.vupen.com/english/advisories/2007/0628 FEDORA-2007-241 http://fedoranews.org/cms/node/2659 FEDORA-2007-242 http://fedoranews.org/cms/node/2657 GLSA-200703-02 http://security.gentoo.org/glsa/glsa-200703-02.xml MDKSA-2007:049 http://www.mandriva.com/security/advisories?name=MDKSA-2007:049 RHSA-2007:0074 http://rhn.redhat.com/errata/RHSA-2007-0074.html RHSA-2007:0075 http://www.redhat.com/support/errata/RHSA-2007-0075.html SUSE-SR:2007:006 http://www.novell.com/linux/security/advisories/2007_6_sr.html http://spamassassin.apache.org/advisories/cve-2007-0451.txt http://svn.apache.org/repos/asf/spamassassin/branches/3.1/build/announcements/3.1.8.txt https://issues.rpath.com/browse/RPL-1073 oval:org.mitre.oval:def:10018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10018 spamassassin-url-dos(32536) https://exchange.xforce.ibmcloud.com/vulnerabilities/32536
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com