2 matches found
CVE-2005-2655
lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments...
GLSA-201009-02 : Maildrop: privilege escalation
The remote host is affected by the vulnerability described in GLSA-201009-02 Maildrop: privilege escalation Christoph Anton Mitterer reported that maildrop does not properly drop its privileges when run as root. Impact : A local attacker could create a specially crafted .mailfilter file, possibly...