3 matches found
Debian DSA-052-1 : sendfile - broken dropping of privileges
Daniel Kobras has discovered and fixed a problem in sendfiled which caused the daemon not to drop privileges as expected when sending notification mails. Exploiting this, a local user can easily make it execute arbitrary code under root privileges. %NASLMINLEVEL 70300 C Tenable Network Security,...
CVE-2001-0623
sendfiled, as included with Simple Asynchronous File Transfer SAFT, on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges...
CVE-2001-0623
CVE-2001-0623 affects the sendfiled component of SAFT on Linux, where privileges are not properly dropped when sending notification emails, enabling a local user to gain privileges (local privilege escalation). The issue is documented in Debian security advisories DSA-050-1 and DSA-052-1, which d...