Mandriva: Subject: [Security Announce] [ MDVSA-2008:171 ] postfix

Mandriva: Subject: [Security Announce] [ MDVSA-2008:171 ] postfix
BugsAlert Home > Mandriva: Subject: [Security Announce] [ MDVSA-2008:171 ] postfix




LinuxSecurity.com: Sebastian Krahmer of the SUSE Security Team discovered a flaw in the way Postfix dereferenced symbolic links. If a local user had write access to a mail spool directory without a root mailbox file, it could be possible for them to append arbitrary data to files that root had write permissions to (CVE-2008-2936). Original Source: http://www.linuxsecurity.com/content/view/141166?rdf Learn more about Mandriva: Subject: [Security Announce] [ MDVSA-2008:171 ] postfix


Tags: mandriva subject security announce mdvsa-2008 171 postfix

Related Items
VUPEN - Mandriva Security Update Fixes Vim Command Injection Vulnerabilities
CVE-2008-2271 (Drupal, Site_Documentation_Module)
Vuln: NOS Microsystems getPlus Download Manager Unauthorized Access Vulnerability
Red Hat update for coreutils
TROJ_DLOADER.HV
reinstallation antivirus after the days remaining
Zak Greant: Back to the Beginning