Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1601

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2009-1601
Last Modified 12 May 2009 12:43:55
Published 11 May 2009 11:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2009-1601

Summary

The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory.

Vulnerable Systems

Operating System

  • Ubuntu Linux 9.04


References

XF - clamav-clamavmilter-security-bypass(50311)

BID - 34818

CONFIRM - https://launchpad.net/bugs/365823

UBUNTU - USN-770-1

SECUNIA - 35000


Last Updated: 27 May 2016 10:50:36