FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
7f3fdef7-51d2-11da-8e93-0010dc4afb40	p5-Mail-SpamAssassin -- long message header denial of service A Secunia Advisory reports: A vulnerability has been reported in SpamAssassin, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the use of an inefficient regular expression in "/SpamAssassin/Message.pm" to parse email headers. This can cause perl to crash when it runs out of stack space and can be exploited via a malicious email that contains a large number of recipients. Discovery 2005-11-10 Entry 2005-11-10 p5-Mail-SpamAssassin < 3.1.0 http://secunia.com/advisories/17386/ http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
8092b820-1d6f-11dc-a0b2-001921ab2fa4	p5-Mail-SpamAssassin -- local user symlink-attack DoS vulnerability SpamAssassin website reports: A local user symlink-attack DoS vulnerability in SpamAssassin has been found, affecting versions 3.1.x, 3.2.0, and SVN trunk. Discovery 2007-06-11 Entry 2007-06-18 p5-Mail-SpamAssassin < 3.2.1 http://spamassassin.apache.org/advisories/cve-2007-2873.txt CVE-2007-2873
0d3a5148-f512-11d8-9837-000c41e2cdad	SpamAssassin -- denial-of-service in tokenize_headers According to the SpamAssassin 2.64 release announcement: Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date. The issue appears to be triggered by overly long message headers. Discovery 2004-08-04 Entry 2004-08-23 Modified 2004-08-28 p5-Mail-SpamAssassin < 2.64 CVE-2004-0796 10957 http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767 http://search.cpan.org/src/JMASON/Mail-SpamAssassin-2.64/Changes

VuXML ID

Description

7f3fdef7-51d2-11da-8e93-0010dc4afb40

p5-Mail-SpamAssassin -- long message header denial of service

A Secunia Advisory reports:

A vulnerability has been reported in SpamAssassin, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to the use of an inefficient regular expression in "/SpamAssassin/Message.pm" to parse email headers. This can cause perl to crash when it runs out of stack space and can be exploited via a malicious email that contains a large number of recipients.

Discovery 2005-11-10
Entry 2005-11-10
p5-Mail-SpamAssassin

< 3.1.0

http://secunia.com/advisories/17386/
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570

8092b820-1d6f-11dc-a0b2-001921ab2fa4

p5-Mail-SpamAssassin -- local user symlink-attack DoS vulnerability

SpamAssassin website reports:

A local user symlink-attack DoS vulnerability in SpamAssassin has been found, affecting versions 3.1.x, 3.2.0, and SVN trunk.

Discovery 2007-06-11
Entry 2007-06-18
p5-Mail-SpamAssassin

< 3.2.1

http://spamassassin.apache.org/advisories/cve-2007-2873.txt
CVE-2007-2873

0d3a5148-f512-11d8-9837-000c41e2cdad

SpamAssassin -- denial-of-service in tokenize_headers

According to the SpamAssassin 2.64 release announcement:

Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date.

The issue appears to be triggered by overly long message headers.

Discovery 2004-08-04
Entry 2004-08-23
Modified 2004-08-28
p5-Mail-SpamAssassin

< 2.64

CVE-2004-0796
10957
http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767
http://search.cpan.org/src/JMASON/Mail-SpamAssassin-2.64/Changes