New Search

SpamAssassin 3.1.x 3.2.0 and 3.2.1 before 20070611 when running as root in unusual configurations using vpopmail or virtual users allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.

oval:org.mitre.oval:def:10354

SpamAssassin 3.1.x 3.2.0 and 3.2.1 before 20070611 when running as root in unusual configurations using vpopmail or virtual users allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-2873
Product(s):