Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2004-451: spamassassin

Vulnerability Assessment Details

RHSA-2004-451: spamassassin

Vulnerability Assessment Summary
Check for the version of the spamassassin packages

Detailed Explanation for this Vulnerability Assessment

An updated spamassassin package that fixes a denial of service bug when
parsing malformed messages is now available.

SpamAssassin provides a way to reduce unsolicited commercial email (SPAM)
from incoming email.

A denial of service bug has been found in SpamAssassin versions below 2.64.
A malicious attacker could construct a message in such a way that would
cause spamassassin to stop responding, potentially preventing the delivery
or filtering of email. The Common Vulnerabilities and Exposures project
( has assigned the name CVE-2004-0796 to this issue.

Users of SpamAssassin should update to these updated packages which contain
a backported patch and is not vulnerable to this issue.

Solution :
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Knoppix 9.1.0 (i486) DVD
Knoppix 9.1.0 (i486) DVD pictureKnoppix V3.2 Linux CD Bootable Operating System Data Rcovery Tool
Knoppix V3.2 Linux CD Bootable Operating System Data Rcovery Tool pictureKnoppix Linux 9.1 LIVE 32GB bootable USB 3.1/3.0/2.0 w/ PERSISTENCE
Knoppix Linux 9.1 LIVE 32GB bootable USB 3.1/3.0/2.0 w/ PERSISTENCE pictureKnoppix Linux Bootable OS v8.6 "Original Live Operating System" 32G USB Stick
Knoppix Linux Bootable OS v8.6


No Discussions have been posted on this vulnerability.