|
|
CVE Reference: CVE-2008-2937 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2937 |
|
|
Description: Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/44461 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html SAID Secunia Advisory: SA31485 Secunia Advisory: SA31500 Secunia Advisory: SA31477 Secunia Advisory: SA32231 REDHAT http://www.redhat.com/support/errata/RHSA-2011-0422.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:224 GENTOO http://security.gentoo.org/glsa/glsa-200808-12.xml FEDORA CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0259 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/495632/100/0/threaded BID 30691 |
|
| Return to the previous page. |
