New Search

SpamAssassin before 3.1.3 when running with vpopmail and the paranoid (-P) switch allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.

oval:org.mitre.oval:def:10617

The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2005-0088
Product(s):