qpopper -- multiple privilege escalation vulnerabilities

ID EB29A575-3381-11DA-8340-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2005-11-26T00:00:00


Jens Steube reports that qpopper is vulnerable to a privilege escalation vulnerability. qpopper does not properly drop root privileges so that user supplied configuration and trace files can be processed with root privileges. This could allow a local attacker to create or modify arbitrary files. qpopper is also affected by improper umask settings which could allow users to create group or world-writeable files, possibly allowing an attacker to overwrite arbitrary files.