CVE-2007-2873 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-2873 Interim 1 9 2023-07-03T02:13:56Z current 2021-05-30T12:39:05Z 2023-07-03T02:13:56Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-2873 SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 openSUSE Tumbleweed perl-Mail-SpamAssassin-3.4.6-71.3 perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-71.3 perl-spamassassin-3.2.5-26.22.18 perl-spamassassin-3.3.1-10.8.3 spamassassin-3.2.5-26.22.18 spamassassin-3.3.1-10.8.3 spamassassin-3.4.6-71.3 spamassassin-spamc-3.4.6-71.3 perl-spamassassin-3.2.5-26.22.18 as a component of SUSE Linux Enterprise Server 11 SP1 spamassassin-3.2.5-26.22.18 as a component of SUSE Linux Enterprise Server 11 SP1 perl-spamassassin-3.3.1-10.8.3 as a component of SUSE Linux Enterprise Server 11 SP2 spamassassin-3.3.1-10.8.3 as a component of SUSE Linux Enterprise Server 11 SP2 perl-spamassassin-3.3.1-10.8.3 as a component of SUSE Linux Enterprise Server 11 SP3 spamassassin-3.3.1-10.8.3 as a component of SUSE Linux Enterprise Server 11 SP3 perl-spamassassin-3.3.1-10.8.3 as a component of SUSE Linux Enterprise Server 11 SP4 spamassassin-3.3.1-10.8.3 as a component of SUSE Linux Enterprise Server 11 SP4 perl-Mail-SpamAssassin-3.4.6-71.3 as a component of openSUSE Tumbleweed perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-71.3 as a component of openSUSE Tumbleweed spamassassin-3.4.6-71.3 as a component of openSUSE Tumbleweed spamassassin-spamc-3.4.6-71.3 as a component of openSUSE Tumbleweed SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd. CVE-2007-2873 SUSE Linux Enterprise Server 11 SP1:perl-spamassassin-3.2.5-26.22.18 SUSE Linux Enterprise Server 11 SP1:spamassassin-3.2.5-26.22.18 SUSE Linux Enterprise Server 11 SP2:perl-spamassassin-3.3.1-10.8.3 SUSE Linux Enterprise Server 11 SP2:spamassassin-3.3.1-10.8.3 SUSE Linux Enterprise Server 11 SP3:perl-spamassassin-3.3.1-10.8.3 SUSE Linux Enterprise Server 11 SP3:spamassassin-3.3.1-10.8.3 SUSE Linux Enterprise Server 11 SP4:perl-spamassassin-3.3.1-10.8.3 SUSE Linux Enterprise Server 11 SP4:spamassassin-3.3.1-10.8.3 openSUSE Tumbleweed:perl-Mail-SpamAssassin-3.4.6-71.3 openSUSE Tumbleweed:perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-71.3 openSUSE Tumbleweed:spamassassin-3.4.6-71.3 openSUSE Tumbleweed:spamassassin-spamc-3.4.6-71.3 low 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P