SMTP: SpamAssassin AutoWhitelist DoS
This signature detects attempts to exploit a known vulnerability against SpamAssassin. A successful attack can result in a denial-of-service condition.
Extended Description
SpamAssassin is reported prone to a remote denial of service vulnerability. Full details regarding this vulnerability are not known. A remote attacker may potentially exploit this vulnerability to deny service to a target SpamAssassin service. SpamAssassin versions prior to 2.64 are reported vulnerable to this issue. This BID will be updated as further details regarding this vulnerability are announced.
Affected Products
Spamassassin spamassassin
References
BugTraq: 10957
CVE: CVE-2004-0796
URL: http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2
Short Name
SMTP:SAGTUBE-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
AutoWhitelist CVE-2004-0796 DoS SpamAssassin bid:10957
Release Date
08/18/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Spamassassin
CVSS Score
5.0