Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200409-32
HistorySep 23, 2004 - 12:00 a.m.

getmail: Filesystem overwrite vulnerability

2004-09-2300:00:00
Gentoo Foundation
security.gentoo.org
8

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Background

getmail is a reliable fetchmail replacement that supports Maildir, Mboxrd and external MDA delivery.

Description

David Watson discovered a vulnerability in getmail when it is configured to run as root and deliver mail to the maildirs/mbox files of untrusted local users. A malicious local user can then exploit a race condition, or a similar symlink attack, and potentially cause getmail to create or overwrite files in any directory on the system.

Impact

An untrusted local user could potentially create or overwrite files in any directory on the system. This vulnerability may also be exploited to have arbitrary commands executed as root.

Workaround

Do not run getmail as a privileged user; or, in version 4, use an external MDA with explicitly configured user and group privileges.

Resolution

All getmail users should upgrade to the latest version:

 # emerge sync
 
 # emerge -pv ">=net-mail/getmail-4.2.0"
 # emerge ">=net-mail/getmail-4.2.0"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-mail/getmail< 4.2.0UNKNOWN

Related

openvas 8
nessus 5
debian 2
osv 1
debiancve 2
cvelist 2
nvd 2
cve 2
freebsd 1
kaspersky 1
openvas
openvas
Slackware Advisory SSA:2004-278-01 getmail
2012-09-11 00:00:00
Gentoo Security Advisory GLSA 200409-32 (getmail)
2008-09-24 00:00:00
Slackware: Security Advisory (SSA:2004-278-01)
2012-09-10 00:00:00
nessus
nessus
Debian DSA-553-1 : getmail - symlink vulnerability
2004-09-29 00:00:00
Slackware 10.0 / 9.1 / current : getmail (SSA:2004-278-01)
2005-07-13 00:00:00
GLSA-200409-32 : getmail: Filesystem overwrite vulnerability
2004-09-24 00:00:00
debian
debian
[SECURITY] [DSA 553-1] New getmail packages fix root compromise
2004-09-27 10:34:05
[SECURITY] [DSA 553-1] New getmail packages fix root compromise
2004-09-27 10:34:05
osv
osv
getmail - symlink vulnerability
2004-09-27 00:00:00
debiancve
debiancve
CVE-2004-0880
2005-01-27 05:00:00
CVE-2004-0881
2005-01-27 05:00:00
cvelist
cvelist
CVE-2004-0880
2004-09-24 04:00:00
CVE-2004-0881
2004-09-24 04:00:00
nvd
nvd
CVE-2004-0881
2005-01-27 05:00:00
CVE-2004-0880
2005-01-27 05:00:00
cve
cve
CVE-2004-0881
2005-01-27 05:00:00
CVE-2004-0880
2005-01-27 05:00:00
freebsd
freebsd
getmail -- symlink vulnerability during maildir delivery
2004-09-19 00:00:00
kaspersky
kaspersky
KLA10419 WLF vulnerability in getmail
2005-01-27 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for GLSA-200409-32
openvas8nessus5debian2osv1debiancve2cvelist2nvd2cve2freebsd1kaspersky1