6 matches found
FreeBSD Ports: movemail
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD : emacs -- movemail symlink race condition (5253)
The following package needs to be updated: emacs %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the VuXML entry has been cancelled. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques...
CVE-2010-0825
CVE-2010-0825 affects movemail in emacs 22 and 23. The vulnerability arises in lib-src/movemail.c, where a symlink attack combined with improper file-permission checks lets a local user read, modify, or delete arbitrary mailbox files. The issue is documented across multiple advisories (Mandriva M...
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : emacs22, emacs23 vulnerability (USN-919-1)
Dan Rosenberg discovered that the email helper in Emacs did not correctly check file permissions. A local attacker could perform a symlink race to read or append to another user's mailbox if it was stored under a group-writable group-'mail' directory. Note that Tenable Network Security has...
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...
Mandriva Update for initscripts MDVA-2010:083 (initscripts)
Check for the Version of initscripts OpenVAS Vulnerability Test Mandriva Update for initscripts MDVA-2010:083 initscripts Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...