Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2011/06/13 12:0 a.m.36 views

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : postfix vulnerabilities (USN-1113-1)

It was discovered that the Postfix package incorrectly granted write access on the PID directory to the postfix user. A local attacker could use this flaw to possibly conduct a symlink attack and overwrite arbitrary files. This issue only affected Ubuntu 6.06 LTS and 8.04 LTS. CVE-2009-2939 Wiets...

6.9CVSS8.3AI score0.16334EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2011/05/11 12:0 a.m.47 views

Debian DSA-2233-1 : postfix - several vulnerabilities

Several vulnerabilities were discovered in Postfix, a mail transfer agent. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2939 The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to...

6.9CVSS8.9AI score0.21646EPSS
Exploits4References8
Debian
Debian
added 2011/05/10 5:57 p.m.40 views

[SECURITY] [DSA 2233-1] postfix security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2233-1 [email protected] http://www.debian.org/security/ Florian Weimer May 10, 2011 http://www.debian.org/security/faq -...

6.9CVSS9.9AI score0.21646EPSS
Exploits4
OSV
OSV
added 2009/09/21 7:30 p.m.7 views

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

6.2AI score
Exploits0References2
CVE
CVE
added 2009/09/21 7:0 p.m.84 views

CVE-2009-2939

CVE-2009-2939 affects Postfix on Debian/Ubuntu where the postinst script grants the postfix user write access to /var/spool/postfix/pid, enabling local users to perform symlink attacks that can overwrite arbitrary files. Connected advisories confirm the issue across multiple distributions and rep...

6.9CVSS6.1AI score0.00495EPSS
Exploits2References2Affected Software1
Debian CVE
Debian CVE
added 2009/09/21 7:0 p.m.31 views

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

6.9CVSS6.2AI score0.00495EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2009/09/21 12:0 a.m.28 views

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

6.9CVSS6AI score0.00495EPSS
Exploits2References3
Rows per page
Query Builder