Mandriva Linux Security Advisory 2010-038 - main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the.mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file. The updated packages have been patched to correct this issue.
a594ca8f9397f7050a0c918b62589d0df31710cea19426d9dd51300c8f33d6ee