Postfix mail server hardlinks privilege escalation
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Postfix mail server hardlinks privilege escalation
updated since 14.08.2008
Published:
02.09.2008
Source:
BUGTRAQ
SecurityVulns ID:
9222
Type:
local
Level:
4
/10
Description:
It's possible to cause Postfix to deliver mail to system file by using hardlinks to symlink (available against standard in Linux, IRIX, Solaris).
Affected:
POSTFIX
:
Postfix 2.3
POSTFIX
:
postfix 2.4
POSTFIX
:
postfix 2.5
POSTFIX
:
postfix 2.6
CVE:
CVE-2008-2937
CVE-2008-2936
Original document
Roman Medina
,
PoCfix (PoC for Postfix local root vuln - CVE-2008-2936)
(
02.09.2008
)
Wietse Venema
,
Postfix local privilege escalation via hardlinked symlinks
(
14.08.2008
)
Files:
PoC for Postfix local root vuln - CVE-2008-2936
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
