Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2011/06/13 12:0 a.m.36 views

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : postfix vulnerabilities (USN-1113-1)

It was discovered that the Postfix package incorrectly granted write access on the PID directory to the postfix user. A local attacker could use this flaw to possibly conduct a symlink attack and overwrite arbitrary files. This issue only affected Ubuntu 6.06 LTS and 8.04 LTS. CVE-2009-2939 Wiets...

6.9CVSS8.3AI score0.16334EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2011/05/11 12:0 a.m.47 views

Debian DSA-2233-1 : postfix - several vulnerabilities

Several vulnerabilities were discovered in Postfix, a mail transfer agent. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2939 The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to...

6.9CVSS8.9AI score0.21646EPSS
Exploits4References8
Debian
Debian
added 2011/05/10 5:57 p.m.36 views

[SECURITY] [DSA 2233-1] postfix security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2233-1 [email protected] http://www.debian.org/security/ Florian Weimer May 10, 2011 http://www.debian.org/security/faq -...

6.9CVSS9.9AI score0.21646EPSS
Exploits4
OSV
OSV
added 2009/09/21 7:30 p.m.6 views

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

6.2AI score
Exploits0References2
Debian CVE
Debian CVE
added 2009/09/21 7:0 p.m.28 views

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

6.9CVSS6.2AI score0.00495EPSS
Exploits2
CVE
CVE
added 2009/09/21 7:0 p.m.84 views

CVE-2009-2939

CVE-2009-2939 affects Postfix on Debian/Ubuntu where the postinst script grants the postfix user write access to /var/spool/postfix/pid, enabling local users to perform symlink attacks that can overwrite arbitrary files. Connected advisories confirm the issue across multiple distributions and rep...

6.9CVSS6.1AI score0.00495EPSS
Exploits2References2Affected Software1
UbuntuCve
UbuntuCve
added 2009/09/21 12:0 a.m.27 views

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

6.9CVSS6AI score0.00495EPSS
Exploits2References3
Rows per page
Query Builder