Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2004-451: spamassassin

Vulnerability Assessment Details

RHSA-2004-451: spamassassin

Vulnerability Assessment Summary
Check for the version of the spamassassin packages

Detailed Explanation for this Vulnerability Assessment

An updated spamassassin package that fixes a denial of service bug when
parsing malformed messages is now available.

SpamAssassin provides a way to reduce unsolicited commercial email (SPAM)
from incoming email.

A denial of service bug has been found in SpamAssassin versions below 2.64.
A malicious attacker could construct a message in such a way that would
cause spamassassin to stop responding, potentially preventing the delivery
or filtering of email. The Common Vulnerabilities and Exposures project
( has assigned the name CVE-2004-0796 to this issue.

Users of SpamAssassin should update to these updated packages which contain
a backported patch and is not vulnerable to this issue.

Solution :
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

***2*** NetGear ProSafe (GS752TXS) 52-Ports-Ports Rack-Mountable Switch
***2*** NetGear  ProSafe (GS752TXS) 52-Ports-Ports Rack-Mountable Switch pictureCisco ME-3400-24TS-A v04
Cisco ME-3400-24TS-A  v04 pictureTRENDnet TEG-228WS
TRENDnet TEG-228WS pictureNOISY Dell PowerConnect 5212 Managed Gigabit Ethernet 12-port Switch w/ 4 SFPs
NOISY Dell PowerConnect 5212 Managed Gigabit Ethernet 12-port Switch w/ 4 SFPs picture


No Discussions have been posted on this vulnerability.