CVE-2006-2447

EPSS 75.8%

spamassassin - programming error

發布日:2006/6/6修改日:2026/4/28

描述

SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.

受影響套件(2)

Debian/spamassassinfrom 0, < 3.1.3-1
Debian/spamassassinfrom 0, < 3.0.3-2sarge1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-2447