CVE-2003-1557

Name of the Vulnerable Software and Affected Versions SpamAssassin versions 2.40 through 2.43

Description The issue is related to an off-by-one buffer overflow in the spamc component of SpamAssassin. This occurs when the software is used in BSMTP mode, denoted by the "-B" option. The overflow can be triggered by remote attackers sending emails that contain headers with leading "." characters, potentially allowing the execution of arbitrary code.

Recommendations For SpamAssassin versions 2.40 through 2.43, consider disabling the BSMTP mode until a patch is available. Restrict access to the spamc component to minimize the risk of exploitation. Avoid using the "-B" option in the affected versions to prevent potential attacks.