Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2017-15705

Published: 17/09/2018 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Apache

Vulnerability Summary

A denial of service vulnerability was identified that exists in Apache SpamAssassin prior to 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssassin, using HTML::Parser, we setup an object and hook into the begin and end tag event handlers In both cases, the "open" event is immediately followed by a "close" event - even if the tag *does not* close in the HTML being parsed. Because of this, we are missing the "text" event to deal with the object normally. This can cause carefully crafted emails that might take more scan time than expected leading to a Denial of Service. The issue is possibly a bug or design decision in HTML::Parser that specifically impacts the way Apache SpamAssassin uses the module with poorly formed html. The exploit has been seen in the wild but not believed to have been purposefully part of a Denial of Service attempt. We are concerned that there may be attempts to abuse the vulnerability in the future.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache spamassassin

redhat enterprise linux desktop 7.0

redhat enterprise linux workstation 7.0

redhat enterprise linux server 7.0

debian debian linux 8.0

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

canonical ubuntu linux 12.04

canonical ubuntu linux 18.04

redhat enterprise linux eus 7.5

Vendor Advisories

Red Hat: Important: spamassassin security update
Synopsis Important: spamassassin security update Type/Severity Security Advisory: Important Topic An update for spamassassin is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Ubuntu Security Notice: spamassassin vulnerability
SpamAssassin could be made to crash if it received a specially crafted file ...
Ubuntu Security Notice: spamassassin vulnerabilities
Several security issues were fixed in SpamAssassin ...
Debian CVElist Bug Report Logs: spamassassin: CVE-2018-11781: local user code injection in the meta rule syntax
Debian Bug report logs - #908971 spamassassin: CVE-2018-11781: local user code injection in the meta rule syntax Package: src:spamassassin; Maintainer for src:spamassassin is Noah Meyerhans <noahm@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Sep 2018 20:45:07 UTC Severity: grave Ta ...
Debian CVElist Bug Report Logs: spamassassin: CVE-2017-15705: denial of service vulnerability
Debian Bug report logs - #908969 spamassassin: CVE-2017-15705: denial of service vulnerability Package: src:spamassassin; Maintainer for src:spamassassin is Noah Meyerhans <noahm@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Sep 2018 20:45:02 UTC Severity: grave Tags: security, upst ...
Debian CVElist Bug Report Logs: spamassassin: CVE-2018-11780: potential remote code execution bug with the PDFInfo plugin
Debian Bug report logs - #908970 spamassassin: CVE-2018-11780: potential remote code execution bug with the PDFInfo plugin Package: src:spamassassin; Maintainer for src:spamassassin is Noah Meyerhans <noahm@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Sep 2018 20:45:05 UTC Severity ...
Amazon Linux 2: ALAS2-2018-1103
A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags A carefully crafted mail message could cause SpamAssassin to consume significant resources If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing the delivery of email(CVE-2017-15705) A flaw was f ...
Amazon Linux AMI: ALAS-2018-1091
A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax This could cause the arbitrary code execution on the server when these rules are being processed(CVE-2018-11781) A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 342(CVE-2018-11780) A f ...
Red Hat: CVE-2017-15705
A flaw was found in the way SpamAssassin processes HTML email containing unclosed HTML tags A carefully crafted mail message could cause SpamAssassin to consume significant resources If a large number of these messages are sent, a denial of service could occur potentially delaying or preventing the delivery of email ...

References

CWE-20http://www.securityfocus.com/bid/105347https://access.redhat.com/errata/RHSA-2018:2916https://usn.ubuntu.com/3811-1/https://usn.ubuntu.com/3811-2/https://lists.debian.org/debian-lts-announce/2018/11/msg00016.htmlhttps://security.gentoo.org/glsa/201812-07http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.htmlhttps://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c%40%3Cannounce.apache.org%3Ehttps://access.redhat.com/errata/RHSA-2018:2916https://nvd.nist.govhttps://usn.ubuntu.com/3811-2/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook