CVE-2018-11805

In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.7 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
apachespamassassin
𝑥
< 3.4.3
debiandebian_linux
8.0
debiandebian_linux
9.0
debiandebian_linux
10.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
spamassassin
bookworm
4.0.0-6
fixed
bullseye
3.4.6-1
fixed
sid
4.0.1-2
fixed
trixie
4.0.1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
spamassassin
bionic
Fixed 3.4.2-0ubuntu0.18.04.2
released
disco
Fixed 3.4.2-1ubuntu0.19.04.1
released
eoan
Fixed 3.4.2-1ubuntu0.19.10.1
released
trusty
Fixed 3.4.2-0ubuntu0.14.04.1+esm1
released
xenial
Fixed 3.4.2-0ubuntu0.16.04.2
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
perl-Mail-SpamAssassin
suse enterprise desktop 15 SP1
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP2
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP3
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP4
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP5
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP6
3.4.5-150600.23.4
fixed
suse enterprise desktop 15 SP7
3.4.5-150600.23.4
fixed
suse enterprise sap 12 SP1
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP2
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP3
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP4
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP5
3.4.2-44.8.1
fixed
suse enterprise sap 15 SP1
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP2
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP3
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP4
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP5
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP6
3.4.5-150600.23.4
fixed
suse enterprise sap 15 SP7
3.4.5-150600.23.4
fixed
suse enterprise server 12 SP1
3.4.2-44.8.1
fixed
suse enterprise server 12 SP2
3.4.2-44.8.1
fixed
suse enterprise server 12 SP3
3.4.2-44.8.1
fixed
suse enterprise server 12 SP4
3.4.2-44.8.1
fixed
suse enterprise server 12 SP5
3.4.2-44.8.1
fixed
suse enterprise server 15
3.4.2-7.9.1
fixed
suse enterprise server 15 SP1
3.4.2-12.5.1
fixed
suse enterprise server 15 SP2
3.4.2-12.5.1
fixed
suse enterprise server 15 SP3
3.4.2-12.5.1
fixed
suse enterprise server 15 SP4
3.4.2-12.5.1
fixed
suse enterprise server 15 SP5
3.4.2-12.5.1
fixed
suse enterprise server 15 SP6
3.4.5-150600.23.4
fixed
suse enterprise server 15 SP7
3.4.5-150600.23.4
fixed
perl-Mail-SpamAssassin-Plugin-iXhash2
suse enterprise server 15
2.05-7.9.1
fixed
spamassassin
suse enterprise desktop 15 SP1
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP2
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP3
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP4
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP5
3.4.2-12.5.1
fixed
suse enterprise desktop 15 SP6
3.4.5-150600.23.4
fixed
suse enterprise desktop 15 SP7
3.4.5-150600.23.4
fixed
suse enterprise sap 12 SP1
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP2
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP3
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP4
3.4.2-44.8.1
fixed
suse enterprise sap 12 SP5
3.4.2-44.8.1
fixed
suse enterprise sap 15 SP1
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP2
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP3
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP4
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP5
3.4.2-12.5.1
fixed
suse enterprise sap 15 SP6
3.4.5-150600.23.4
fixed
suse enterprise sap 15 SP7
3.4.5-150600.23.4
fixed
suse enterprise server 12 SP1
3.4.2-44.8.1
fixed
suse enterprise server 12 SP2
3.4.2-44.8.1
fixed
suse enterprise server 12 SP3
3.4.2-44.8.1
fixed
suse enterprise server 12 SP4
3.4.2-44.8.1
fixed
suse enterprise server 12 SP5
3.4.2-44.8.1
fixed
suse enterprise server 15
3.4.2-7.9.1
fixed
suse enterprise server 15 SP1
3.4.2-12.5.1
fixed
suse enterprise server 15 SP2
3.4.2-12.5.1
fixed
suse enterprise server 15 SP3
3.4.2-12.5.1
fixed
suse enterprise server 15 SP4
3.4.2-12.5.1
fixed
suse enterprise server 15 SP5
3.4.2-12.5.1
fixed
suse enterprise server 15 SP6
3.4.5-150600.23.4
fixed
suse enterprise server 15 SP7
3.4.5-150600.23.4
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00003.html
http://www.openwall.com/lists/oss-security/2019/12/12/1
http://www.openwall.com/lists/oss-security/2020/01/30/2
http://www.openwall.com/lists/oss-security/2020/01/30/3
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7647
https://lists.apache.org/thread.html/0b5c73809d0690527341d940029f743807b70550050fd23ee869c5e5%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/2946b38caec47f7f6a79e8e03d2aa723794186e59a7dc6b5e76dfc18%40%3Cannounce.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/6f89f82a573ea616dce53ec67e52d963618a9f9ac71da5c1efdbd166%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/8534b60bae95ac3a8a4adb840f4ab26135f1c973ce197ff44439cbae%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/bc58907171c6585e5875a3ce86066d4956c218911cb74e3156de4433%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/c1f59b7e13b7f2c12f847f7d0dec2636df3cdbcaa6d8309007395ff4%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/d015dc5b4f24fd6777a85d068502a9c5d58d69d877ed5b0eb9a22cd5%40%3Cdev.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r217177f7de36deab36dab88db4b6448961122571176dd4b2c133d08e%40%3Cannounce.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r2578c486552637bfedbe624940cc60d6463bd90044c887bdebb75e74%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r3d32ebf97b1245b8237763444e911c4595d2ad5e34a1641840d8146f%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r6729f3d3be754a06c39bb4f11c925a3631e8ea2b4c865546d755cb0a%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/r6729f3d3be754a06c39bb4f11c925a3631e8ea2b4c865546d755cb0a%40%3Cdev.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r6729f3d3be754a06c39bb4f11c925a3631e8ea2b4c865546d755cb0a%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r71f789fcd6339144e3d4db8f4128def12c341e638bd0107a0b82a05b%40%3Cannounce.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/rc4df9835fb2d7b5bb1202fca99a1de21a40acef055661d3a9e8ae781%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rc4df9835fb2d7b5bb1202fca99a1de21a40acef055661d3a9e8ae781%40%3Cdev.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/rc4df9835fb2d7b5bb1202fca99a1de21a40acef055661d3a9e8ae781%40%3Cusers.spamassassin.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/12/msg00019.html
https://seclists.org/bugtraq/2019/Dec/27
https://seclists.org/oss-sec/2019/q4/154
https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.3.txt
https://usn.ubuntu.com/4237-1/
https://usn.ubuntu.com/4237-2/
https://www.debian.org/security/2019/dsa-4584
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00003.html
http://www.openwall.com/lists/oss-security/2019/12/12/1
http://www.openwall.com/lists/oss-security/2020/01/30/2
http://www.openwall.com/lists/oss-security/2020/01/30/3
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7647
https://lists.apache.org/thread.html/0b5c73809d0690527341d940029f743807b70550050fd23ee869c5e5%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/2946b38caec47f7f6a79e8e03d2aa723794186e59a7dc6b5e76dfc18%40%3Cannounce.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/6f89f82a573ea616dce53ec67e52d963618a9f9ac71da5c1efdbd166%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/8534b60bae95ac3a8a4adb840f4ab26135f1c973ce197ff44439cbae%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/bc58907171c6585e5875a3ce86066d4956c218911cb74e3156de4433%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/c1f59b7e13b7f2c12f847f7d0dec2636df3cdbcaa6d8309007395ff4%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/d015dc5b4f24fd6777a85d068502a9c5d58d69d877ed5b0eb9a22cd5%40%3Cdev.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r217177f7de36deab36dab88db4b6448961122571176dd4b2c133d08e%40%3Cannounce.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r2578c486552637bfedbe624940cc60d6463bd90044c887bdebb75e74%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r3d32ebf97b1245b8237763444e911c4595d2ad5e34a1641840d8146f%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r6729f3d3be754a06c39bb4f11c925a3631e8ea2b4c865546d755cb0a%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/r6729f3d3be754a06c39bb4f11c925a3631e8ea2b4c865546d755cb0a%40%3Cdev.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r6729f3d3be754a06c39bb4f11c925a3631e8ea2b4c865546d755cb0a%40%3Cusers.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/r71f789fcd6339144e3d4db8f4128def12c341e638bd0107a0b82a05b%40%3Cannounce.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/rc4df9835fb2d7b5bb1202fca99a1de21a40acef055661d3a9e8ae781%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rc4df9835fb2d7b5bb1202fca99a1de21a40acef055661d3a9e8ae781%40%3Cdev.spamassassin.apache.org%3E
https://lists.apache.org/thread.html/rc4df9835fb2d7b5bb1202fca99a1de21a40acef055661d3a9e8ae781%40%3Cusers.spamassassin.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/12/msg00019.html
https://seclists.org/bugtraq/2019/Dec/27
https://seclists.org/oss-sec/2019/q4/154
https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.3.txt
https://usn.ubuntu.com/4237-1/
https://usn.ubuntu.com/4237-2/
https://www.debian.org/security/2019/dsa-4584