5 matches found
Debian DSA-1981-1 : maildrop - privilege escalation
Christoph Anton Mitterer discovered that maildrop, a mail delivery agent with filtering abilities, is prone to a privilege escalation issue that grants a user root group privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
maildrop 2.3.0本地权限提升漏洞
CVE ID: CVE-2010-0301 maildrop是带有过滤功能的邮件传输代理。 如果root用户以-d选项运行maildrop,则main.C使用了root的gid执行用户主目录中的.mailfilter,这允许本地用户通过特制文件获得权限提升。成功攻击要求maildrop编译为没有设置RESETGID,如邮件目录没有使用粘着位。 Double Precision Inc. maildrop 2.3.0 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1981-1)以及相应补丁: DSA-1981-1:New maildrop...
Debian Security Advisory DSA 1981-1 (maildrop)
The remote host is missing an update to maildrop announced via advisory DSA 1981-1. OpenVAS Vulnerability Test $Id: deb19811.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 1981-1 maildrop Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
Debian: Security Advisory (DSA-1981-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1981-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...