GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Mon Sep 06, 2010 9:26 pm Post subject: [ GLSA 201009-02 ] Maildrop: privilege escalation |
|
|
Gentoo Linux Security Advisory
Title: Maildrop: privilege escalation (GLSA 201009-02)
Severity: high
Exploitable: local
Date: September 06, 2010
Bug(s): #308043
ID: 201009-02
Synopsis
Insecure permission handling in maildrop might allow local attackers to
elevate their privileges.
Background
maildrop is the mail filter/mail delivery agent that is used by the
Courier Mail Server.
Affected Packages
Package: mail-filter/maildrop
Vulnerable: < 2.4.2
Unaffected: >= 2.4.2
Architectures: All supported architectures
Description
Christoph Anton Mitterer reported that maildrop does not properly drop
its privileges when run as root.
Impact
A local attacker could create a specially crafted .mailfilter file,
possibly leading to the execution of arbitrary commands with the "root"
group privileges. NOTE: Successful exploitation requires that maildrop
is run as root with the -d option.
Workaround
There is no known workaround at this time.
Resolution
All maildrop users should upgrade to the latest version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=mail-filter/maildrop-2.4.2" |
References
CVE-2010-0301 |
|