CVE-2009-2939
Published: 21 September 2009
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
Notes
Author | Note |
---|---|
jdstrand | per Weitse, the symlink attack should not be possible due to defensive programming. A subverted postfix process running as 'postfix' could replace the pid file, which master could then send signals to. |
Priority
Status
Package | Release | Status |
---|---|---|
postfix Launchpad, Ubuntu, Debian |
dapper |
Released
(2.2.10-1ubuntu0.3)
|
hardy |
Released
(2.5.1-2ubuntu1.3)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Released
(2.6.5-3)
|
|
lucid |
Released
(2.6.5-3)
|
|
maverick |
Released
(2.6.5-3)
|
|
upstream |
Released
(2.6.5-3)
|