Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5313

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-5313
Last Modified 28 Dec 2010 12:00:00
Published 03 Dec 2008 12:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5313

Summary

mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.

Vulnerable Systems

Application

  • Mailscanner 4.68.8

  • Mailscanner 4.68.8-1

  • Mailscanner 4.69.9-3

  • Mailscanner 4.70.7-1

  • Mailscanner 4.71.10-1

  • Mailscanner 4.72.5-1

  • Mailscanner 4.73.4-2


References

BID - 32557

MLIST - [oss-security] 20081128 CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks

CONFIRM - http://www.mailscanner.info/ChangeLog

SECUNIA - 33117

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353#44


Last Updated: 27 May 2016 10:48:46