SpamAssassin spamd vpopmail user vulnerability

Added: 06/09/2006
CVE: CVE-2006-2447
BID: 18290
OSVDB: 26177


SpamAssassin identifies spam e-mail using a variety of local and network based tests. spamd is a component of SpamAssassin which allows it to run as a network daemon.


When the vpopmail (-v) and paranoid (-P) options are used with spamd, the user name specified by the client is included in a shell command without sufficient checking for invalid characters. This allows arbitrary command execution by remote attackers.


Upgrade to SpamAssassin 3.1.3 or higher.



This exploit will only succeed when run from an address which is explicitly allowed by spamd.
Back to exploit index