Test ID:	1.3.6.1.4.1.25623.1.0.67391
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: spamass-milter
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: spamass-milter CVE-2010-1132 The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1132 BugTraq ID: 38578 http://www.securityfocus.com/bid/38578 Debian Security Information: DSA-2021 (Google Search) http://www.debian.org/security/2010/dsa-2021 http://www.exploit-db.com/exploits/11662 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038535.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038777.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038572.html http://archives.neohapsis.com/archives/fulldisclosure/2010-03/0139.html http://osvdb.org/62809 http://www.securitytracker.com/id?1023691 http://secunia.com/advisories/38840 http://secunia.com/advisories/38956 http://secunia.com/advisories/39265 http://www.vupen.com/english/advisories/2010/0559 http://www.vupen.com/english/advisories/2010/0683 http://www.vupen.com/english/advisories/2010/0837 XForce ISS Database: spamassassin-expand-command-execution(56732) https://exchange.xforce.ibmcloud.com/vulnerabilities/56732
Copyright	Copyright (C) 2010 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.