PublicDate: 2007-06-11 23:30:00 UTC
Candidate: CVE-2007-2873
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873
Description:
 SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root
 in unusual configurations using vpopmail or virtual users, allows local
 users to cause a denial of service (corrupt arbitrary files) via a symlink
 attack on a file that is used by spamd.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_spamassassin: ignored (reached end-of-life)
edgy_spamassassin: needed (reached end-of-life)
feisty_spamassassin: needed (reached end-of-life)
gutsy_spamassassin: released (3.2.2-0ubuntu1)
hardy_spamassassin: released (3.2.2-0ubuntu1)
intrepid_spamassassin: released (3.2.2-0ubuntu1)
jaunty_spamassassin: released (3.2.2-0ubuntu1)
karmic_spamassassin: released (3.2.2-0ubuntu1)
devel_spamassassin: released (3.2.2-0ubuntu1)
upstream_spamassassin: needs-triage