oss-sec mailing list archives

Re: CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks

From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 3 Dec 2008 11:56:00 -0500 (EST)


Different CVE's because different versions were reported affected.

======================================================
Name: CVE-2008-5312
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5312
Reference: MLIST:[oss-security] 20081128 CVE id request/update: mailscanner: many scripts allow local users to 
overwrite arbitrary files via symlink attacks
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/29/1
Reference: MISC:http://bugs.debian.org/506353

mailscanner 4.55.10 might allow local users to overwrite arbitrary
files via a symlink attack on certain temporary files used by the (1)
f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new,
(4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in
/etc/MailScanner/autoupdate/, a different vulnerability than
CVE-2008-5140.


======================================================
Name: CVE-2008-5313
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313
Reference: MLIST:[oss-security] 20081128 CVE id request/update: mailscanner: many scripts allow local users to 
overwrite arbitrary files via symlink attacks
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/29/1
Reference: MISC:http://bugs.debian.org/506353

mailscanner 4.68.8 might allow local users to overwrite arbitrary
files via a symlink attack on certain temporary files used by the (1)
f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and
(4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the
(5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper,
and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9)
Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm,
and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14)
/usr/sbin/MailScanner; and (15) scripts that load the
/etc/MailScanner/mailscanner.conf.with.mcp configuration file.

Current thread:

CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks Raphael Geissert (Nov 29)
- Re: CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks Steven M. Christey (Dec 03)