paul Posted June 14, 2007 Report Share Posted June 14, 2007 SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd. SpamAssassin 3.1.9, which corrects this flaw, is provided with this update. Link to comment Share on other sites More sharing options...
Recommended Posts