Apache SpamAssassin CVE-2017-15705 Denial of Service Vulnerability
BID:105347
CVE-2017-15705 |Info
Apache SpamAssassin CVE-2017-15705 Denial of Service Vulnerability
| Bugtraq ID: | 105347 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2017-15705 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 17 2018 12:00AM |
| Updated: | Sep 17 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
SpamAssassin SpamAssassin 3.3.2 SpamAssassin SpamAssassin 3.2.1 SpamAssassin SpamAssassin 3.2 SpamAssassin SpamAssassin 3.1.9 SpamAssassin SpamAssassin 3.1.8 SpamAssassin SpamAssassin 3.1.7 SpamAssassin SpamAssassin 3.1.6 SpamAssassin SpamAssassin 3.1.5 SpamAssassin SpamAssassin 3.1.4 SpamAssassin SpamAssassin 3.1.3 SpamAssassin SpamAssassin 3.1.2 SpamAssassin SpamAssassin 3.1.1 SpamAssassin SpamAssassin 3.1 SpamAssassin SpamAssassin 3.0.6 SpamAssassin SpamAssassin 3.0.5 SpamAssassin SpamAssassin 3.0.4 SpamAssassin SpamAssassin 3.0.3 SpamAssassin SpamAssassin 3.0.2 SpamAssassin SpamAssassin 3.0.1 SpamAssassin SpamAssassin 3.0 SpamAssassin SpamAssassin 2.64 SpamAssassin SpamAssassin 2.63 SpamAssassin SpamAssassin 2.60 SpamAssassin SpamAssassin 2.55 SpamAssassin SpamAssassin 2.50 0 SpamAssassin SpamAssassin 2.44 SpamAssassin SpamAssassin 2.43 0 SpamAssassin SpamAssassin 2.42 0 SpamAssassin SpamAssassin 2.41 0 SpamAssassin SpamAssassin 2.40 |
| Not Vulnerable: |
SpamAssassin SpamAssassin 3.4.2 |
Discussion
Apache SpamAssassin CVE-2017-15705 Denial of Service Vulnerability
Apache SpamAssassin is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
Versions prior to SpamAssassin 3.4.2 are vulnerable.
Apache SpamAssassin is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
Versions prior to SpamAssassin 3.4.2 are vulnerable.
Exploit / POC
Apache SpamAssassin CVE-2017-15705 Denial of Service Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Apache SpamAssassin CVE-2017-15705 Denial of Service Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Apache SpamAssassin CVE-2017-15705 Denial of Service Vulnerability
References:
References:
- Apache Homepage (Apache)
- Apache SpamAssassin 3.4.2 was recently released (Apache)
- Bug 1629521 CVE-2017-15705 spamassassin: Certain unclosed tags in crafted emails (Redhat)
- CVE-2017-15705 (Redhat)