Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-2937HistoryAug 18, 2008 - 7:41 p.m.
CVE-2008-2937
2008-08-1819:41:00
Debian Security Bug Tracker
security-tracker.debian.org
21
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.1%
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user’s account name.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | postfix | < 2.5.4-1 | postfix_2.5.4-1_all.deb |
| Debian | 11 | all | postfix | < 2.5.4-1 | postfix_2.5.4-1_all.deb |
| Debian | 999 | all | postfix | < 2.5.4-1 | postfix_2.5.4-1_all.deb |
| Debian | 13 | all | postfix | < 2.5.4-1 | postfix_2.5.4-1_all.deb |
Related
veracode
veracode
Information Disclosure
2020-04-10 00:56:27
ubuntucve
ubuntucve
CVE-2008-2937
2008-08-18 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : postfix (MDVSA-2009:224-1)
2009-08-31 00:00:00
Scientific Linux Security Update : postfix on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
SuSE 10 Security Update : Postfix (ZYPP Patch Number 5500)
2008-08-14 00:00:00
nvd
nvd
CVE-2008-2937
2008-08-18 19:41:00
cve
cve
CVE-2008-2937
2008-08-18 19:41:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:224 (postfix)
2009-09-02 00:00:00
Mandrake Security Advisory MDVSA-2009:224 (postfix)
2009-09-02 00:00:00
Mandriva Security Advisory MDVSA-2009:224-1 (postfix)
2009-12-10 00:00:00
prion
prion
Design/Logic Flaw
2008-08-18 19:41:00
cvelist
cvelist
CVE-2008-2937
2008-08-18 19:00:00
securityvulns
securityvulns
Postfix mail server hardlinks privilege escalation
2008-09-02 00:00:00
redhat
redhat
(RHSA-2011:0422) Moderate: postfix security update
2011-04-06 00:00:00
suse
suse
local privilege escalation in postfix
2008-08-14 14:39:29
centos
centos
postfix security update
2011-04-08 12:13:18
gentoo
gentoo
Postfix: Local privilege escalation vulnerability
2008-08-14 00:00:00
oraclelinux
oraclelinux
postfix security update
2011-04-06 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: postfix-2.5.5-1.fc9
2008-10-09 21:33:24
[SECURITY] Fedora 8 Update: postfix-2.5.5-1.fc8
2008-10-09 21:31:27
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.1%
Related for DEBIANCVE:CVE-2008-2937