Apache SpamAssassin 远程拒绝服务漏洞-一一网

漏洞信息详情

Apache SpamAssassin 远程拒绝服务漏洞

CNNVD编号：CNNVD-200506-137

危害等级：中危
CVE编号：
CVE-2005-1266
漏洞类型：

其他
发布时间：

2005-06-15
威胁类型：

远程
更新时间：

2005-10-20
厂商：

apache
漏洞来源：
Apache

漏洞简介

Apache SpamAssassin 3.0.1， 3.0.2和3.0.3版本中，远程攻击者可借助一条无界的带有长整型内容类型头的消息来触发拒绝服务攻击(CPU消耗和减速)。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

SpamAssassin SpamAssassin 2.40

SpamAssassin Mail-SpamAssassin-2.64.tar.gz

http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz

SpamAssassin SpamAssassin 2.41 0

SpamAssassin Mail-SpamAssassin-2.64.tar.gz

http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz

SpamAssassin SpamAssassin 2.42 0

SpamAssassin Mail-SpamAssassin-2.64.tar.gz

http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz

SpamAssassin SpamAssassin 2.43 0

SpamAssassin Mail-SpamAssassin-2.64.tar.gz

http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz

SpamAssassin SpamAssassin 2.44

Mandrake perl-Mail-SpamAssassin-2.44-1.1.91mdk.i586.rpm

Mandrake Linux 9.1

http://www.mandrakesecure.net/en/ftp.php

Mandrake perl-Mail-SpamAssassin-2.44-1.1.91mdk.ppc.rpm

Mandrake Linux 9.1/PPC

http://www.mandrakesecure.net/en/ftp.php

Mandrake perl-Mail-SpamAssassin-2.53-1.1.C21mdk.x86_64.rpm

Mandrake Corporate Server 2.1/X86_64

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-2.44-1.1.91mdk.i586.rpm

Mandrake Linux 9.1

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-2.44-1.1.91mdk.ppc.rpm

Mandrake Linux 9.1/PPC

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-2.53-1.1.C21mdk.x86_64.rpm

Mandrake Corporate Server 2.1/X86_64

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-tools-2.44-1.1.91mdk.i586.rpm

Mandrake Linux 9.1

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-tools-2.44-1.1.91mdk.ppc.rpm

Mandrake Linux 9.1/PPC

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-tools-2.53-1.1.C21mdk.x86_64.rpm

Mandrake Corporate Server 2.1/X86_64

http://www.mandrakesecure.net/en/ftp.php

SpamAssassin Mail-SpamAssassin-2.64.tar.gz

http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz

SpamAssassin SpamAssassin 2.50 0

SpamAssassin Mail-SpamAssassin-2.64.tar.gz

http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz

SpamAssassin SpamAssassin 2.55

Mandrake perl-Mail-SpamAssassin-2.55-2.1.92mdk.amd64.rpm

Mandrake Linux 9.2/AMD64

http://www.mandrakesecure.net/en/ftp.php

Mandrake perl-Mail-SpamAssassin-2.55-2.1.92mdk.i586.rpm

Mandrake Linux 9.2

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-2.55-2.1.92mdk.amd64.rpm

Mandrake Linux 9.2/AMD64

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-2.55-2.1.92mdk.i586.rpm

Mandrake Linux 9.2

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-tools-2.55-2.1.92mdk.amd64.rpm

Mandrake Linux 9.2/AMD64

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-tools-2.55-2.1.92mdk.i586.rpm

Mandrake Linux 9.2

http://www.mandrakesecure.net/en/ftp.php

SpamAssassin SpamAssassin 2.60

Conectiva spamassassin-2.60-28724U90_2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/spamassassin-2.60-28724U90_ 2cl.i386.rpm

Conectiva spamassassin-doc-2.60-28724U90_2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/9/RPMS/spamassassin-doc-2.60-28724 U90_2cl.i386.rpm

RedHat spamassassin-2.63-0.2.2.legacy.i386.rpm

RedHat Fedora Core 1

http://download.fedoralegacy.org/fedora/1/updates/i386/spamassassin-2. 63-0.2.2.legacy.i386.rpm

SpamAssassin Mail-SpamAssassin-2.64.tar.gz

http://old.spamassassin.org/released/Mail-SpamAssassin-2.64.tar.gz

SpamAssassin SpamAssassin 2.63

Conectiva spamassassin-2.63-54029U10_2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/10/RPMS/spamassassin-2.63-54029U10 _2cl.i386.rpm

Conectiva spamassassin-doc-2.63-54029U10_2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/10/RPMS/spamassassin-doc-2.63-5402 9U10_2cl.i386.rpm

Mandrake perl-Mail-SpamAssassin-2.63-2.1.100mdk.amd64.rpm

Mandrake Linux 10.0/AMD64

http://www.mandrakesecure.net/en/ftp.php

Mandrake perl-Mail-SpamAssassin-2.63-2.1.100mdk.i586.rpm

Mandrake Linux 10.0

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-2.63-2.1.100mdk.amd64.rpm

Mandrake Linux 10.0/AMD64

http://www.mandrakesecure.net/en/ftp.php

Mandrake spamassassin-2.63-2.1.100mdk.i586.rpm

Mandrake Li

参考网址

来源: www.vuxml.org

链接:http://www.vuxml.org/freebsd/cc4ce06b-e01c-11d9-a8bd-000cf18bbe54.html

来源: GENTOO

名称: GLSA-200506-17

链接:http://security.gentoo.org/glsa/glsa-200506-17.xml

来源: MISC

链接:http://bugs.gentoo.org/show_bug.cgi?id=94722

来源: MANDRAKE

名称: MDKSA-2005:106

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:106

来源: DEBIAN

名称: DSA-736

链接:http://www.debian.org/security/2005/dsa-736

来源: MLIST

名称: [spamassassin-announce] 20050615 Denial of Service Vulnerability in Apache SpamAssassin 3.0.1-3.0.3

链接:http://mail-archives.apache.org/mod_mbox/spamassassin-announce/200506.mbox/%3c17072.35054.586017.822288@proton.pathname.com%3e

来源: BID

名称: 13978

链接:http://www.securityfocus.com/bid/13978

来源: REDHAT

名称: RHSA-2005:498

链接:http://www.redhat.com/support/errata/RHSA-2005-498.html

更多>>

文章版权归作者所有，未经允许请勿转载。

THE END

信息安全

Seattle Lab Software SLMail多个远程缓冲区溢出漏洞

Apple Mac OS X ‘User Documentation’ 组件任意代码执行漏洞

fix bug:Redis序列化算法不一致导致乱码问题的原因及自定义序列化解决方案

PhpBB Plus 1.52多个跨站脚本(XSS)漏洞

Drupal Location模块安全漏洞

Namazu跨站脚本漏洞

Apache SpamAssassin 远程拒绝服务漏洞

漏洞信息详情

Apache SpamAssassin 远程拒绝服务漏洞

漏洞简介

漏洞公告

参考网址

受影响实体