oss-sec mailing list archives
Re: CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks
From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 3 Dec 2008 11:56:00 -0500 (EST)
Different CVE's because different versions were reported affected. ====================================================== Name: CVE-2008-5312 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5312 Reference: MLIST:[oss-security] 20081128 CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/29/1 Reference: MISC:http://bugs.debian.org/506353 mailscanner 4.55.10 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140. ====================================================== Name: CVE-2008-5313 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313 Reference: MLIST:[oss-security] 20081128 CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/29/1 Reference: MISC:http://bugs.debian.org/506353 mailscanner 4.68.8 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.
Current thread:
- CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks Raphael Geissert (Nov 29)
- Re: CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks Steven M. Christey (Dec 03)