Vulnerabilities > CVE-2004-0796 - Remote Denial Of Service vulnerability in SpamAssassin Malformed Email
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200408-06.NASL description The remote host is affected by the vulnerability described in GLSA-200408-06 (SpamAssassin: Denial of Service vulnerability) SpamAssassin contains an unspecified Denial of Service vulnerability. Impact : By sending a specially crafted message an attacker could cause a Denial of Service attack against the SpamAssassin service. Workaround : There is no known workaround at this time. All users are encouraged to upgrade to the latest available version of SpamAssassin. last seen 2020-06-01 modified 2020-06-02 plugin id 14562 published 2004-08-30 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/14562 title GLSA-200408-06 : SpamAssassin: Denial of Service vulnerability code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200408-06. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(14562); script_version("1.18"); script_cvs_date("Date: 2019/08/02 13:32:41"); script_cve_id("CVE-2004-0796"); script_xref(name:"GLSA", value:"200408-06"); script_name(english:"GLSA-200408-06 : SpamAssassin: Denial of Service vulnerability"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200408-06 (SpamAssassin: Denial of Service vulnerability) SpamAssassin contains an unspecified Denial of Service vulnerability. Impact : By sending a specially crafted message an attacker could cause a Denial of Service attack against the SpamAssassin service. Workaround : There is no known workaround at this time. All users are encouraged to upgrade to the latest available version of SpamAssassin." ); # http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2 script_set_attribute( attribute:"see_also", value:"https://marc.info/?l=spamassassin-announce&m=109168121628767&w=2" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200408-06" ); script_set_attribute( attribute:"solution", value: "All SpamAssassin users should upgrade to the latest version: # emerge sync # emerge -pv '>=mail-filter/spamassassin-2.64' # emerge '>=mail-filter/spamassassin-2.64'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:spamassassin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2004/08/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"mail-filter/spamassassin", unaffected:make_list("ge 2.64"), vulnerable:make_list("le 2.63-r1"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "SpamAssassin"); }NASL family FreeBSD Local Security Checks NASL id FREEBSD_P5_MAIL_SPAMASSASSIN_264.NASL description According to the SpamAssassin 2.64 release announcement : Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date. The issue appears to be triggered by overly long message headers. last seen 2020-06-01 modified 2020-06-02 plugin id 14345 published 2004-08-23 reporter This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/14345 title FreeBSD : SpamAssassin -- denial-of-service in tokenize_headers (0d3a5148-f512-11d8-9837-000c41e2cdad) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2004-451.NASL description An updated spamassassin package that fixes a denial of service bug when parsing malformed messages is now available. SpamAssassin provides a way to reduce unsolicited commercial email (SPAM) from incoming email. A denial of service bug has been found in SpamAssassin versions below 2.64. A malicious attacker could construct a message in such a way that would cause spamassassin to stop responding, potentially preventing the delivery or filtering of email. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0796 to this issue. Users of SpamAssassin should update to these updated packages which contain a backported patch and is not vulnerable to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 15411 published 2004-10-02 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15411 title RHEL 3 : spamassassin (RHSA-2004:451) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-084.NASL description Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date. last seen 2020-06-01 modified 2020-06-02 plugin id 14333 published 2004-08-22 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14333 title Mandrake Linux Security Advisory : spamassassin (MDKSA-2004:084)
Oval
| accepted | 2013-04-29T04:05:27.350-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| definition_extensions |
| ||||||||
| description | SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages. | ||||||||
| family | unix | ||||||||
| id | oval:org.mitre.oval:def:10413 | ||||||||
| status | accepted | ||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||
| title | SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages. | ||||||||
| version | 26 |
Redhat
| rpms |
|
References
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129337
- http://marc.info/?l=spamassassin-announce&m=109168121628767&w=2
- http://security.gentoo.org/glsa/glsa-200408-06.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:084
- http://www.securityfocus.com/bid/10957
- https://bugzilla.fedora.us/show_bug.cgi?id=2268
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16938
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10413