Test ID:	1.3.6.1.4.1.25623.1.0.58079
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2007:0074
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2007:0074. SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email. A flaw was found in the way SpamAssassin processes HTML email containing URIs. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a number of these messages are sent, this could lead to a denial of service, potentially delaying or preventing the delivery of email. (CVE-2007-0451) Users of SpamAssassin should upgrade to these updated packages which contain version 3.1.8 which is not vulnerable to these issues. This is an upgrade from SpamAssassin version 3.0.6 to 3.1.8, which contains many bug fixes and spam detection enhancements. Further details are available in the SpamAssassin 3.1 changelog and upgrade guide. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0074.html http://svn.apache.org/repos/asf/spamassassin/branches/3.1/UPGRADE http://svn.apache.org/repos/asf/spamassassin/branches/3.1/Changes http://www.redhat.com/security/updates/classification/#important Risk factor : Medium CVSS Score: 4.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0451 1017666 http://www.securitytracker.com/id?1017666 22584 http://www.securityfocus.com/bid/22584 24197 http://secunia.com/advisories/24197 24200 http://secunia.com/advisories/24200 24250 http://secunia.com/advisories/24250 24256 http://secunia.com/advisories/24256 24265 http://secunia.com/advisories/24265 24307 http://secunia.com/advisories/24307 24889 http://secunia.com/advisories/24889 33207 http://osvdb.org/33207 ADV-2007-0628 http://www.vupen.com/english/advisories/2007/0628 FEDORA-2007-241 http://fedoranews.org/cms/node/2659 FEDORA-2007-242 http://fedoranews.org/cms/node/2657 GLSA-200703-02 http://security.gentoo.org/glsa/glsa-200703-02.xml MDKSA-2007:049 http://www.mandriva.com/security/advisories?name=MDKSA-2007:049 RHSA-2007:0074 http://rhn.redhat.com/errata/RHSA-2007-0074.html RHSA-2007:0075 http://www.redhat.com/support/errata/RHSA-2007-0075.html SUSE-SR:2007:006 http://www.novell.com/linux/security/advisories/2007_6_sr.html http://spamassassin.apache.org/advisories/cve-2007-0451.txt http://svn.apache.org/repos/asf/spamassassin/branches/3.1/build/announcements/3.1.8.txt https://issues.rpath.com/browse/RPL-1073 oval:org.mitre.oval:def:10018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10018 spamassassin-url-dos(32536) https://exchange.xforce.ibmcloud.com/vulnerabilities/32536
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.