Lucene search
PRIOn knowledge basePRION:CVE-2009-2939HistorySep 21, 2009 - 7:30 p.m.
Code injection
2009-09-2119:30:00
PRIOn knowledge base
www.prio-n.com
5
6.7 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.4%
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
Related
cve
cve
CVE-2009-2939
2009-09-21 19:30:00
debiancve
debiancve
CVE-2009-2939
2009-09-21 19:30:00
ubuntucve
ubuntucve
CVE-2009-2939
2009-09-21 00:00:00
seebug
seebug
Debian和Ubuntu Postfix不安全临时文件建立漏洞
2009-09-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1113-1)
2011-05-10 00:00:00
Ubuntu Update for postfix USN-1113-1
2011-05-10 00:00:00
Debian: Security Advisory (DSA-2233-1)
2011-08-03 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : postfix vulnerabilities (USN-1113-1)
2011-06-13 00:00:00
Debian DSA-2233-1 : postfix - several vulnerabilities
2011-05-11 00:00:00
ubuntu
ubuntu
Postfix vulnerabilities
2011-04-18 00:00:00
debian
debian
[SECURITY] [DSA 2233-1] postfix security update
2011-05-10 17:58:13
osv
osv
postfix - several
2011-05-10 00:00:00
6.7 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.4%
Related for PRION:CVE-2009-2939