oss-sec mailing list archives

Re: CVE id request: masqmail

From: Josh Bressers <bressers () redhat com>
Date: Fri, 9 Sep 2011 13:27:21 -0400 (EDT)

Please use CVE-2011-3350.

Thanks.

-- 
    JB


----- Original Message -----

Hi,
a misuse of the seteuid function from glibc prevents masqmail from
properly
dropping root privileges.
References:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638002
http://article.gmane.org/gmane.mail.masqmail/303

Can you assign a CVE id to this?

Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG:
0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

Current thread:

CVE id request: masqmail Nico Golde (Sep 07)
- Re: CVE id request: masqmail Josh Bressers (Sep 09)