CVE-2004-0796
CVSS5.0
发布时间 :2004-10-20 00:00:00
修订时间 :2016-10-17 22:49:06
NMCOS    

[原文]SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages.


[CNNVD]SpamAssassin畸形消息远程拒绝服务漏洞(CNNVD-200410-080)

        
        SpamAssassin是一款用于过滤垃圾邮件的解决方案。
        SpamAssassin不能正确处理部分带有畸形头的EMAIL消息,远程攻击者可以利用这个漏洞使SpamAssassin服务崩溃,停止工作。
        目前没有详细漏洞细节提供。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:spamassassin:spamassassin:2.40
cpe:/a:spamassassin:spamassassin:2.41
cpe:/a:spamassassin:spamassassin:2.63
cpe:/a:spamassassin:spamassassin:2.42
cpe:/a:spamassassin:spamassassin:2.43
cpe:/a:spamassassin:spamassassin:2.60
cpe:/a:spamassassin:spamassassin:2.50
cpe:/a:spamassassin:spamassassin:2.44
cpe:/a:spamassassin:spamassassin:2.55

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10413SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages.
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0796
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0796
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200410-080
(官方数据源) CNNVD

- 其它链接及资源

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337
(UNKNOWN)  CONFIRM  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337
http://marc.info/?l=spamassassin-announce&m=109168121628767&w=2
(UNKNOWN)  MLIST  [spamassassin-announce] 20040805 [SA-Announce] SpamAssassin 2.64 is released!
http://security.gentoo.org/glsa/glsa-200408-06.xml
(UNKNOWN)  GENTOO  GLSA-200408-06
http://www.mandriva.com/security/advisories?name=MDKSA-2004:084
(UNKNOWN)  MANDRAKE  MDKSA-2004:084
http://www.securityfocus.com/bid/10957
(VENDOR_ADVISORY)  BID  10957
http://xforce.iss.net/xforce/xfdb/16938
(UNKNOWN)  XF  spamassassin-dos(16938)
https://bugzilla.fedora.us/show_bug.cgi?id=2268
(UNKNOWN)  FEDORA  FLSA:2268

- 漏洞信息

SpamAssassin畸形消息远程拒绝服务漏洞
中危 访问验证错误
2004-10-20 00:00:00 2005-10-20 00:00:00
远程  
        
        SpamAssassin是一款用于过滤垃圾邮件的解决方案。
        SpamAssassin不能正确处理部分带有畸形头的EMAIL消息,远程攻击者可以利用这个漏洞使SpamAssassin服务崩溃,停止工作。
        目前没有详细漏洞细节提供。
        

- 公告与补丁

        厂商补丁:
        SpamAssassin
        ------------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        
        http://old.SpamAssassin.org/released/Mail-SpamAssassin-2.64.tar.gz

        
        http://old.SpamAssassin.org/released/Mail-SpamAssassin-2.64.tar.bz2

        
        http://old.SpamAssassin.org/released/Mail-SpamAssassin-2.64.zip

        md5sum of archive files:
        a82a9dab95462d102e253edb99091fdd Mail-SpamAssassin-2.64.tar.gz
        cd482160ddbe371bbf4fb58b715ebbdf Mail-SpamAssassin-2.64.tar.bz2
        82a8f47ad87774b5a948 05ed9bc6753b Mail-SpamAssassin-2.64.zip
        sha1sum of archive files:
        7d5776a7c462c849bc48f12a48ed82dc929ac06f Mail-SpamAssassin-2.64.tar.gz
        ea4925c6967249a581c4966d1c efd1a3162eb639 Mail-SpamAssassin-2.64.tar.bz2
        5922db581c6ef8026455ecce055f14a25b499a3b Mail-SpamAssassin-2.64.zip

- 漏洞信息

8343
SpamAssassin GTUBE/AWL Filter Test DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

SpamAssasin (SA) contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a series of specially crafted e-mails that trigger SA rulesets (GTUBE and AWL) and begin to mark all mail as spam.

- 时间线

2004-08-05 2004-04-22
2004-08-05 Unknow

- 解决方案

Upgrade to version 2.64 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

SpamAssassin Malformed Email Remote Denial Of Service Vulnerability
Access Validation Error 10957
Yes No
2004-08-16 12:00:00 2009-07-12 06:16:00
This vulnerability was announced by the vendor.

- 受影响的程序版本

SpamAssassin SpamAssassin 2.63
SpamAssassin SpamAssassin 2.60
SpamAssassin SpamAssassin 2.55
SpamAssassin SpamAssassin 2.50 0
SpamAssassin SpamAssassin 2.44
SpamAssassin SpamAssassin 2.43 0
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
SpamAssassin SpamAssassin 2.42 0
SpamAssassin SpamAssassin 2.41 0
SpamAssassin SpamAssassin 2.40
Red Hat Fedora Core1
SpamAssassin SpamAssassin 2.64

- 不受影响的程序版本

SpamAssassin SpamAssassin 2.64

- 漏洞讨论

SpamAssassin is reported prone to a remote denial of service vulnerability. Full details regarding this vulnerability are not known.

A remote attacker may potentially exploit this vulnerability to deny service to a target SpamAssassin service.

SpamAssassin versions prior to 2.64 are reported vulnerable to this issue.

This BID will be updated as further details regarding this vulnerability are announced.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

The vendor has released version 2.64 addressing this issue.

Gentoo Linux has released advisory GLSA 200408-06 addressing this issue. Please see the referenced advisory for further information. Users of affected packages are urged to execute the following commands with superuser privileges:
emerge sync
emerge -pv ">=mail-filter/spamassassin-2.64"
emerge ">=mail-filter/spamassassin-2.64"

Mandrake has released advisory MDKSA-2004:084 to address this issue. Please see the attached advisory for details on obtaining and applying fixes.

OpenBSD has fixed this issue in OpenBSD-current, and the patch branches of 3.4 and 3.5. CVS as of 8 Aug 2004 has these fixes.

OpenPKG has released an advisory (OpenPKG-SA-2004.041) to address this issue. Please see the referenced advisory for more information.

Conectiva has released an advisory (CLA-2004:867) to address this issue. Please see the referenced advisory for more information.

Red Hat has released an advisory (RHSA-2004:451-05) to address this issue in Red Hat Enterprise Linux. Please see the advisory in Web references for more information.

A Fedora Legacy advisory FLSA:2268 is available to address this issue in Fedora Core 1 for the i386 architecture. Please see the referenced advisory for more information.


SpamAssassin SpamAssassin 2.40

SpamAssassin SpamAssassin 2.41 0

SpamAssassin SpamAssassin 2.42 0

SpamAssassin SpamAssassin 2.43 0

SpamAssassin SpamAssassin 2.44

SpamAssassin SpamAssassin 2.50 0

SpamAssassin SpamAssassin 2.55

SpamAssassin SpamAssassin 2.60

SpamAssassin SpamAssassin 2.63

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站