Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 9:17 p.m.7 views

CVE-2005-2655

lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments...

10CVSS6.8AI score0.01481EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/09/06 12:0 a.m.18 views

Debian DSA-791-1 : maildrop - missing privilege release

Max Vozeler discovered that the lockmail program from maildrop, a simple mail delivery agent with filtering abilities, does not drop group privileges before executing commands given on the commandline, allowing an attacker to execute arbitrary commands with privileges of the group mail...

10CVSS5.9AI score0.01481EPSS
Exploits0References3
OSV
OSV
added 2005/08/30 5:3 p.m.7 views

CVE-2005-2655

lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments...

6.4AI score
Exploits0References2
Debian
Debian
added 2005/08/30 6:4 a.m.13 views

[SECURITY] [DSA 791-1] New maildrop packages fix arbitrary group mail command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 791-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2005 http://www.debian.org/security/faq -...

10CVSS0.9AI score0.01481EPSS
Exploits0
CVE
CVE
added 2005/08/30 4:0 a.m.53 views

CVE-2005-2655

CVE-2005-2655 affects maildrop’s lockmail component; prior to version 1.5.3, it does not drop group privileges before executing commands, enabling local privilege escalation via command-line arguments. Debian’s DSA-791-1 fixes this by updating maildrop to 1.5.3-1.1sarge1 (stable) and 1.5.3-2 (sid...

10CVSS6.5AI score0.01481EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder