Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19077
HistoryFeb 06, 2010 - 12:00 a.m.

maildrop 2.3.0本地权限提升漏洞

2010-02-0600:00:00
Root
www.seebug.org
23

0.0004 Low

EPSS

Percentile

5.7%

JSON

CVE ID: CVE-2010-0301

maildrop是带有过滤功能的邮件传输代理。

如果root用户以-d选项运行maildrop,则main.C使用了root的gid执行用户主目录中的.mailfilter,这允许本地用户通过特制文件获得权限提升。成功攻击要求maildrop编译为没有设置RESET_GID,如邮件目录没有使用粘着位。

Double Precision Inc. maildrop 2.3.0
厂商补丁:

Debian

Debian已经为此发布了一个安全公告(DSA-1981-1)以及相应补丁:
DSA-1981-1:New maildrop packages fix privilege escalation
链接:http://www.debian.org/security/2010/dsa-1981

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1.dsc
Size/MD5 checksum: 736 5d4c1da5e17a5055431958284386d2ae
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2.orig.tar.gz
Size/MD5 checksum: 3217622 d799e44aa65027a02343e5e08b97f3a0
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1.diff.gz
Size/MD5 checksum: 13865 bbbbb2f714d5aafbca2255ae600ed4d4

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_alpha.deb
Size/MD5 checksum: 396270 721dac0bfe0adfe12821648b114b529b

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_amd64.deb
Size/MD5 checksum: 363334 361b1d09e6029290979f22eef0fdba91

arm architecture (ARM)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_arm.deb
Size/MD5 checksum: 349906 8fee827790bdc6698f3597e12fe52d6f

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_hppa.deb
Size/MD5 checksum: 388340 08b9be87f2c3cc52c620db2adbfcacef

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_i386.deb
Size/MD5 checksum: 355822 0a4b406123abee445305109c4915ba23

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_ia64.deb
Size/MD5 checksum: 469936 91586db32dc8713252dd82239ae0eda8

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_mipsel.deb
Size/MD5 checksum: 376078 1ab6b5a13b76f428dac12534de3caa01

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_powerpc.deb
Size/MD5 checksum: 361516 932ec47bae8d8e0415cc34b9ef01da38

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.2-11+etch1_s390.deb
Size/MD5 checksum: 366974 f39b7f1d816f17060e5b0253426a9438

Debian GNU/Linux 5.0 alias lenny

Debian (stable)

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1.dsc
Size/MD5 checksum: 1137 fc8c7f28371afe62703db1c24103f348
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4.orig.tar.gz
Size/MD5 checksum: 3566630 78e6c27afe7eff9e132b8bc20087aae7
http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1.diff.gz
Size/MD5 checksum: 807697 85669f0b67c38a7e55e3f22e9431ea65

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_alpha.deb
Size/MD5 checksum: 401854 c19dc4ca2946033b4fdeb85fed6d86e1

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_amd64.deb
Size/MD5 checksum: 371578 1a3079eaa90d5665de73671a7f478d2e

arm architecture (ARM)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_arm.deb
Size/MD5 checksum: 350228 2e2614f28b004dbfbc51ed1ab6a90771

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_armel.deb
Size/MD5 checksum: 347804 66b6ff4506f5376c92bfc9c5e5fc6fd6

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_hppa.deb
Size/MD5 checksum: 388948 34f00537866981c9613aa7ac4ef16e5f

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_i386.deb
Size/MD5 checksum: 359326 1e1b2e94312f7074321d5b11dc3524f5

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_ia64.deb
Size/MD5 checksum: 466472 f2e570b2fcd4835f2fe69449aa95e069

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_mips.deb
Size/MD5 checksum: 375164 7fd35c034b5008d27cfd2cfedd106e16

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_mipsel.deb
Size/MD5 checksum: 375880 f94835ac5be58099a0b9fa7168dd53d8

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_powerpc.deb
Size/MD5 checksum: 380282 a84766802c113e9635589ed9d921a09d

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/m/maildrop/maildrop_2.0.4-3+lenny1_s390.deb
Size/MD5 checksum: 375186 ed49ebd7e0c72e3d602e12b2d24d5464

补丁安装方法:

  1. 手工安装补丁包:

首先,使用下面的命令来下载补丁软件:

wget url (url是补丁下载链接地址)

然后,使用下面的命令来安装补丁:

dpkg -i file.deb (file是相应的补丁名)

  1. 使用apt-get自动安装补丁包:

    首先,使用下面的命令更新内部数据库:

    apt-get update

    然后,使用下面的命令安装更新软件包:

    apt-get upgrade

Double Precision Inc.

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.courier-mta.org/maildrop/changelog.html

Related

openvas 14
nessus 4
debiancve 1
prion 1
securityvulns 2
fedora 2
cvelist 1
debian 1
cve 1
ubuntucve 1
gentoo 1
openvas
openvas
Fedora Update for maildrop FEDORA-2010-1927
2010-03-02 00:00:00
Gentoo Security Advisory GLSA 201009-02 (maildrop)
2011-03-09 00:00:00
Fedora Update for maildrop FEDORA-2010-1927
2010-03-02 00:00:00
nessus
nessus
GLSA-201009-02 : Maildrop: privilege escalation
2010-09-07 00:00:00
Fedora 12 : maildrop-2.4.0-12.fc12 (2010-1863)
2010-07-01 00:00:00
Debian DSA-1981-1 : maildrop - privilege escalation
2010-02-24 00:00:00
debiancve
debiancve
CVE-2010-0301
2010-02-04 20:15:00
prion
prion
Code injection
2010-02-04 20:15:00
securityvulns
securityvulns
[SECURITY] [DSA 1981-2] New maildrop packages fix regression
2010-02-04 00:00:00
maildrop privilege escalation
2010-02-04 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: maildrop-2.4.0-12.fc12
2010-02-16 13:10:19
[SECURITY] Fedora 11 Update: maildrop-2.4.0-12.fc11
2010-02-16 13:21:49
cvelist
cvelist
CVE-2010-0301
2010-02-04 18:00:00
debian
debian
[SECURITY] [DSA 1981-2] New maildrop packages fix regression
2010-01-28 20:20:03
cve
cve
CVE-2010-0301
2010-02-04 20:15:00
ubuntucve
ubuntucve
CVE-2010-0301
2010-02-04 00:00:00
gentoo
gentoo
Maildrop: privilege escalation
2010-09-06 00:00:00

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for SSV:19077
openvas14nessus4debiancve1prion1securityvulns2fedora2cvelist1debian1cve1ubuntucve1gentoo1