Test ID:	1.3.6.1.4.1.25623.1.0.58402
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:125 (spamassassin)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to spamassassin announced via advisory MDKSA-2007:125. SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd. SpamAssassin 3.1.9, which corrects this flaw, is provided with this update. Affected: 2007.0, 2007.1, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:125 http://spamassassin.apache.org/advisories/cve-2007-2873.txt Risk factor : Low CVSS Score: 1.9
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2873 1018242 http://www.securitytracker.com/id?1018242 24481 http://www.securityfocus.com/bid/24481 37234 http://osvdb.org/37234 ADV-2007-2172 http://www.vupen.com/english/advisories/2007/2172 MDKSA-2007:125 http://www.mandriva.com/security/advisories?name=MDKSA-2007:125 RHSA-2007:0492 http://www.redhat.com/support/errata/RHSA-2007-0492.html http://spamassassin.apache.org/advisories/cve-2007-2873.txt https://issues.rpath.com/browse/RPL-1450 oval:org.mitre.oval:def:10354 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10354 spamassassin-symlink-dos(34864) https://exchange.xforce.ibmcloud.com/vulnerabilities/34864
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.