March 18, 2010 at 10:05 pm
#
March 18, 2010 at 11:55 am
Just heading this one off before it gets too much further…
A couple of weeks ago, a researcher found a bug in the spamass-milter project, an open-source
milter to integrate SpamAssassin
filtering into an MTA. Here’s the exploit details.
This H-Online story covered it:
Security vulnerability in SpamAssassin filter module
The SpamAssassin Milter plug-in which plugs in to Milter and calls SpamAssassin, contains a security vulnerability which can be exploited by attackers using a crafted email to inject and execute code on a mail server. The SpamAssassin Milter plug-in is frequently used to run SpamAssassin on Postfix servers.
(I think this is the source article on Heise.de.)
That was more-or-less accurate — but the problem is the “chinese whispers” effect,
where a news story on another site builds on misreadings of another
news article. eSecurityPlanet:
Security Flaw Found in SpamAssassin Plug-in
The SpamAssassin Milter plug-in has been found to contain a security vulnerability. [...]
sigh.
To clarify: spamass-milter is not a part of SpamAssassin. it’s a
third-party product which allows sendmail/postfix users to integrate
spamassassin into their message flows as a milter.
Tags: spamassassin security spamass-milter milter news heise bugs
#
March 16, 2010 at 10:05 pm
#
March 15, 2010 at 10:05 pm
#
March 12, 2010 at 11:05 pm
#
March 11, 2010 at 11:05 pm
#
March 10, 2010 at 11:05 pm
#
March 8, 2010 at 11:05 pm
#
March 7, 2010 at 11:05 pm
#
March 6, 2010 at 11:05 pm
#
March 5, 2010 at 11:05 pm
#
March 4, 2010 at 11:05 pm
#
March 3, 2010 at 11:05 pm
#
March 1, 2010 at 11:05 pm
#
February 24, 2010 at 11:05 pm
#
February 22, 2010 at 11:05 pm
#
February 19, 2010 at 11:05 pm
#
February 18, 2010 at 11:05 pm
#
February 12, 2010 at 11:05 pm
#
February 11, 2010 at 11:05 pm
#
February 10, 2010 at 11:05 pm
#
February 8, 2010 at 11:05 pm
#
February 7, 2010 at 11:05 pm
#
February 5, 2010 at 11:05 pm
#
February 4, 2010 at 11:05 pm
#
February 3, 2010 at 11:05 pm
#
February 2, 2010 at 11:05 pm
#
February 1, 2010 at 11:05 pm
#
January 28, 2010 at 11:05 pm
#
January 27, 2010 at 11:05 pm
#
January 26, 2010 at 11:05 pm
#
January 25, 2010 at 11:05 pm
#
January 23, 2010 at 11:05 pm
#
January 22, 2010 at 11:05 pm
#
January 21, 2010 at 11:05 pm
#
January 20, 2010 at 11:05 pm
#
January 19, 2010 at 11:05 pm
#
January 14, 2010 at 11:05 pm
#
January 12, 2010 at 11:05 pm
#
January 11, 2010 at 11:05 pm
#
« Previous entries Next Page » Next Page »