Lucene search
K

26 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.108 views

Postfix <= 2.6-20080814 - (symlink) Local Privilege Escalation Exploit

No description provided by source. !/bin/sh rspocfix.sh PoC for Postfix local root vulnerability: CVE-2008-2936 by Roman Medina-Heigl Hernandez a.k.a. RoMaNSoFt [email protected] Tested: Ubuntu / Debian Madrid, 30.Aug.2008 Config writabledir=/tmp spooldir=/var/mail Use postconf mailspooldirectory...

6.2CVSS6.3AI score0.01001EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.21 views

Oracle Linux 5 : post (ELSA-2008-0839)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2008-0839 advisory. 2.3.3-2.1 - fixed postfix privilege problem with symlinks in the mail spool directory CVE-2008-2936 Resolves: rhbz456717 Tenable has extracted the preceding...

6.2CVSS5.5AI score0.01001EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/10/13 12:0 a.m.22 views

SLES10: Security update for Postfix

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: postfix More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references. SPDX-FileCopyrightText: 2009...

6.2CVSS6.4AI score0.01001EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.27 views

SLES9: Security update for Postfix

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: postfix For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5032740 within the SuS...

6.2CVSS0.5AI score0.01001EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.31 views

SuSE9 Security Update : Postfix (YOU Patch Number 12219)

A local privilege escalation vulnerability as well as a mailbox ownership problem has been fixed in postfix. CVE-2008-2936 and CVE-2008-2937 have been assigned to this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

6.2CVSS5.3AI score0.01001EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.32 views

openSUSE Security Update : postfix (postfix-133)

A local privilege escalation vulnerability as well as a mailbox ownership problem has been fixed in postfix. CVE-2008-2936 and CVE-2008-2937 have been assigned to this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

6.2CVSS5.3AI score0.01001EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.33 views

Mandriva Linux Security Advisory : postfix (MDVSA-2008:171)

Sebastian Krahmer of the SUSE Security Team discovered a flaw in the way Postfix dereferenced symbolic links. If a local user had write access to a mail spool directory without a root mailbox file, it could be possible for them to append arbitrary data to files that root had write permissions to...

6.2CVSS5.5AI score0.01001EPSS
Exploits6References1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.21 views

Ubuntu Update for postfix vulnerability USN-636-1

Ubuntu Update for Linux kernel vulnerabilities USN-636-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6361.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for postfix vulnerability USN-636-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

6.2CVSS6.4AI score0.01001EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.17 views

RedHat Update for postfix RHSA-2008:0839-01

Check for the Version of postfix OpenVAS Vulnerability Test RedHat Update for postfix RHSA-2008:0839-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.2CVSS6.3AI score0.01001EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.27 views

RedHat Update for postfix RHSA-2008:0839-01

Check for the Version of postfix OpenVAS Vulnerability Test RedHat Update for postfix RHSA-2008:0839-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.2CVSS6.3AI score0.01001EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.19 views

Fedora Update for postfix FEDORA-2008-8595

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.2CVSS6.7AI score0.01001EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.25 views

Fedora Update for postfix FEDORA-2008-8595

Check for the Version of postfix OpenVAS Vulnerability Test Fedora Update for postfix FEDORA-2008-8595 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.2CVSS6.5AI score0.01001EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2009/01/23 12:0 a.m.24 views

SuSE Update for postfix SUSE-SA:2008:040

Check for the Version of postfix OpenVAS Vulnerability Test $Id: gbsuse2008040.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for postfix SUSE-SA:2008:040 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free softwar...

6.2CVSS6.4AI score0.01001EPSS
Exploits6References1
securityvulns
securityvulns
added 2008/09/02 12:0 a.m.60 views

PoCfix &#40;PoC for Postfix local root vuln - CVE-2008-2936&#41;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, The recent vulnerability in Postfix discovered by Sebastian Krahmer is trivially exploitable when certain preconditions are met. Nevertheless, it's very difficult to find such conditions in a real-world scenario. I wrote this exploit for fun an...

6.2CVSS5.7AI score0.01001EPSS
Exploits6
Packet Storm
Packet Storm
added 2008/08/31 12:0 a.m.49 views

rs_pocfix.txt

!/bin/sh "rspocfix.sh" PoC for Postfix local root vulnerability: CVE-2008-2936 by Roman Medina-Heigl Hernandez a.k.a. RoMaNSoFt Tested: Ubuntu / Debian Madrid, 30.Aug.2008 Config writabledir=/tmp spooldir=/var/mail Use "postconf mailspooldirectory" to obtain this user=root target=/etc/passwd...

6.2CVSS6.3AI score0.01001EPSS
Exploits6
seebug.org
seebug.org
added 2008/08/31 12:0 a.m.40 views

Postfix &lt;= 2.6-20080814 (symlink) Local Privilege Escalation Exploit

No description provided by source. !/bin/sh "rspocfix.sh" PoC for Postfix local root vulnerability: CVE-2008-2936 by Roman Medina-Heigl Hernandez a.k.a. RoMaNSoFt [email protected] Tested: Ubuntu / Debian Madrid, 30.Aug.2008 Config writabledir=/tmp spooldir=/var/mail Use "postconf...

6.2CVSS0.1AI score0.01001EPSS
Exploits6
Debian
Debian
added 2008/08/19 9:2 a.m.27 views

[SECURITY] [DSA 1629-2] New postfix packages fix installability problem on i386

------------------------------------------------------------------------ Debian Security Advisory DSA-1629-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 19, 2008 http://www.debian.org/security/faq -...

6.2CVSS6.1AI score0.01001EPSS
Exploits6
Debian
Debian
added 2008/08/18 8:51 p.m.31 views

[SECURITY] [DSA 1629-1] New postfix packages fix privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1629-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst August 18, 2008 http://www.debian.org/security/faq -...

6.2CVSS6.2AI score0.01001EPSS
Exploits6
OSV
OSV
added 2008/08/18 7:41 p.m.5 views

CVE-2008-2936

Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending ...

6.2AI score
Exploits0References33
CVE
CVE
added 2008/08/18 7:0 p.m.105 views

CVE-2008-2936

CVE-2008-2936 - Postfix local privilege escalation : Affects Postfix as shipped before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 20080814. On OSes that support hard links to symlinks, a local user can fail-dangerously append mail to a root-owned symlink’s target by creating a har...

6.2CVSS6AI score0.01001EPSS
Exploits6References33Affected Software1
Rows per page
Query Builder