ignore security and it'll go away

Register | Login

Home Files News About Contact Add New

Showing 1 - 1 of 1

Files

Gentoo Linux Security Advisory 200808-12: Posted Aug 15, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200808-12 - Sebastian Krahmer of SuSE has found that Postfix allows to deliver mail to root-owned symlinks in an insecure manner under certain conditions. Normally, Postfix does not deliver mail to symlinks, except to root-owned symlinks, for compatibility with the systems using symlinks in /dev like Solaris. Furthermore, some systems like Linux allow to hardlink a symlink, while the POSIX.1-2001 standard requires that the symlink is followed. Depending on the write permissions and the delivery agent being used, this can lead to an arbitrary local file overwriting vulnerability (CVE-2008-2936). Furthermore, the Postfix delivery agent does not properly verify the ownership of a mailbox before delivering mail (CVE-2008-2937). Versions less than 2.5.3-r1 are affected.; tags | advisory, arbitrary, local, root; systems | linux, solaris, suse, osx, gentoo; advisories | CVE-2008-2936, CVE-2008-2937; MD5 | 3d10d7b22f9734485a3dd000961d1cf5; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 46 files
Ubuntu 29 files
the_cyber_nuxbie 27 files
Sony 25 files
Debian 24 files
Benjamin Kunz Mejri 16 files
Gentoo 16 files
Tipping Point 15 files
HP 15 files
KedAns-Dz 14 files

Recent News

Acta: Germany Delays Signing Anti-Piracy Agreement: Posted Feb 11, 2012; tags | headline, germany, mpaa, pirate; Link | Favorite | Comments (0)

Anonymous Says Attack Put CIA Website Offline: Posted Feb 11, 2012; tags | headline, denial of service, anonymous, cia; Link | Favorite | Comments (0)

Microsoft To Send Users 4 Critical Patches On Valentine's Day: Posted Feb 10, 2012; tags | headline, microsoft, flaw, patch; Link | Favorite | Comments (0)

Malware Devs Embrace Open Source: Posted Feb 10, 2012; tags | headline, malware, trojan; Link | Favorite | Comments (0)

Mobile Security Researchers Warn Of Evolving Android Malware: Posted Feb 10, 2012; tags | headline, malware, phone, google; Link | Favorite | Comments (0)

Security Patches Cost Google $410,000 In Finder's Fees: Posted Feb 10, 2012; tags | headline, flaw, google; Link | Favorite | Comments (0)

Google Wallet PIN Security Cracked In Seconds: Posted Feb 9, 2012; tags | headline, hacker, phone, google; Link | Favorite | Comments (0)

Airport Bomb Twitter Joker In Second Fine Appeal Bid: Posted Feb 9, 2012; tags | headline, government, twitter; Link | Favorite | Comments (0)

Chinese iPhone Maker Foxconn Hacked: Posted Feb 9, 2012; tags | headline, hacker, microsoft, phone, apple; Link | Favorite | Comments (0)

Anonymous Goes After Syria: Posted Feb 9, 2012; tags | headline, government, anonymous, syria; Link | Favorite | Comments (0)

View More News →

packet storm

© 2012 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Advertising: Become an Advertiser
Hosting By: Rokabear; Global Mirror List