Twenty Year Anniversary
Showing 1 - 3 of 3 RSS Feed

CVE-2010-0301

Status Candidate

Overview

main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file.

Related Files

Gentoo Linux Security Advisory 201009-2
Posted Sep 8, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201009-2 - Insecure permission handling in maildrop might allow local attackers to elevate their privileges. Christoph Anton Mitterer reported that maildrop does not properly drop its privileges when run as root. Versions less than 2.4.2 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2010-0301
MD5 | e4cc2fa7a55c4835d6565b252f840992
Mandriva Linux Security Advisory 2010-038
Posted Feb 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-038 - main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the.mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file. The updated packages have been patched to correct this issue.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2010-0301
MD5 | dc5fd9cb781046cbf741196521aa7d3f
Debian Linux Security Advisory 1981-2
Posted Jan 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1981-2 - The latest DSA for maildrop introduced two regressions. The maildrop program stopped working when invoked as a non-root user, such as with postfix. Also, the lenny version dropped a dependency on the courier-authlib package.

tags | advisory, root
systems | linux, debian
advisories | CVE-2010-0301
MD5 | 00664f6329ad84b6d0353790886ea97b
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    20 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close