You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Asif Iqbal <iq...@qwestip.net> on 2004/08/16 21:16:47 UTC

DoS on 2.63

Hi All

What you guys think about this 

http://www.securityfocus.com/advisories/7044

Platform: Unix
 Title: SpamAssassin GTUBE Denial of Service
 Description: SpamAssassin is a mail filter that identifies and
processes spam. Incorrect processing of mails with the GTUBE string exposes an access circumvention weakness and subsequent denial of service in the application.  SpamAssassin versions 2.64 and earlier are reported to be affected.

Should I need to upgrade my spamassassin 2.63?

I am using qmail-scanner-->spamc-->spamd(127.0.0.1)

Thanks
-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
There's no place like 127.0.0.1

Re: DoS on 2.63

Posted by Matt Kettler <mk...@evi-inc.com>.

At 03:20 PM 8/16/2004, Justin Mason wrote:
>Yes, you probably should upgrade.
>
>BTW that upgrade text is incorrect, doesn't match what's on the website,
>and this issue has nothing to do with GTUBE.  Any idea where it came from?

It's apparently in one of the bugtraq ID numbers on the same site.. might 
be a typo or mis-report.


http://www.securityfocus.com/bid/10898/discussion/