spamassassin-3.4.0-4.el7
エラータID: AXSA:2018-3356:01
リリース日:
2018/10/12 Friday - 00:43
題名:
spamassassin-3.4.0-4.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました
[Security Fix]
- Apache SpamAssassin には、HTML::Parser が、タグが正しく閉じられていないHTMLを
正常に処理しないことを利用して、巧妙に細工されたメールを介してスキャンタイムアウ
トを引き起こし、DoS攻撃を可能とする脆弱性があります。(CVE-2017-15705)
- Apache SpamAssasin のメタルールのシンタックスには、ローカルユーザーに
よるコードインジェクションの脆弱性があります。(CVE-2018-11781)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2017-15705
A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the "open" event is immediately followed by a "close" event - even if the tag *does not* close in the HTML being parsed. Because of this, we are missing the "text" event to deal with the object normally. This can cause carefully crafted emails that might take more scan time than expected leading to a Denial of Service. The issue is possibly a bug or design decision in HTML::Parser that specifically impacts the way Apache SpamAssassin uses the module with poorly formed html. The exploit has been seen in the wild but not believed to have been purposefully part of a Denial of Service attempt. We are concerned that there may be attempts to abuse the vulnerability in the future.
A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the "open" event is immediately followed by a "close" event - even if the tag *does not* close in the HTML being parsed. Because of this, we are missing the "text" event to deal with the object normally. This can cause carefully crafted emails that might take more scan time than expected leading to a Denial of Service. The issue is possibly a bug or design decision in HTML::Parser that specifically impacts the way Apache SpamAssassin uses the module with poorly formed html. The exploit has been seen in the wild but not believed to have been purposefully part of a Denial of Service attempt. We are concerned that there may be attempts to abuse the vulnerability in the future.
追加情報:
N/A
ダウンロード:
SRPMS
- spamassassin-3.4.0-4.el7.src.rpm
MD5: c72eb2e19daf421c496ab4086b3b37a5
SHA-256: 44923862015b2530b65b601506ceac1ff4f8df3ec35e1fb0dd70b8a889c8276f
Size: 1.30 MB
Asianux Server 7 for x86_64
- spamassassin-3.4.0-4.el7.x86_64.rpm
MD5: dbdbcdedde5a48158b23cb66a7653f95
SHA-256: e7431ac4ce9dc87f8bb6d98cb41bdc083e2fe838e9657c6d70a0641df6ae9a48
Size: 1.17 MB
English