In association with heise online

17 March 2010, 17:19

Security vulnerability in SpamAssassin filter module

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The SpamAssassin Milter plug-in which plugs in to Milter and calls SpamAssassin, contains a security vulnerability which can be exploited by attackers using a crafted email to inject and execute code on a mail server. The SpamAssassin Milter plug-in is frequently used to run SpamAssassin on Postfix servers.

In order to exploit the vulnerability, the plug-in must be called with the -x expand flag. For attackers to obtain root privileges, as the author of the security advisory proclaims, the plug-in has to be started as root – something which is anyway highly inadvisable. The attack occurs via a specially crafted recipient (RCPT TO) and is therefore unable to succeed if the plug-in only receives emails addressed to defined addresses.

The Internet Storm Center reports that the vulnerability is already being actively exploited online. To be on the safe side, Postfix administrators who use SpamAssassin should check their configurations. The developers are working on a patch.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit