Lucene search

K
prionPRIOn knowledge basePRION:CVE-2020-3812
HistoryMay 26, 2020 - 1:15 p.m.

Information disclosure

2020-05-2613:15:00
PRIOn knowledge base
www.prio-n.com
4

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker’s home directory, without dropping its privileges first.

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%