Nessus Plugin #14809
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[GLSA-200409-32] getmail: Filesystem overwrite vulnerability
- Family:
- Gentoo Local Security Checks
- Category:
- infos
- Copyright:
- (C) 2004 Michel Arboi
- Summary:
- getmail: Filesystem overwrite vulnerability
- Version:
- $Revision: 1.1 $
- Cve_id:
- -
- Bugtraq_id:
- -
- Xrefs:
- GLSA:200409-32
- Description:
- The remote host is affected by the vulnerability described in GLSA-200409-32
(getmail: Filesystem overwrite vulnerability)
David Watson discovered a vulnerability in getmail when it is configured to
run as root and deliver mail to the maildirs/mbox files of untrusted local
users. A malicious local user can then exploit a race condition, or a
similar symlink attack, and potentially cause getmail to create or
overwrite files in any directory on the system.
Impact
An untrusted local user could potentially create or overwrite files in any
directory on the system. This vulnerability may also be exploited to have
arbitrary commands executed as root.
Workaround
Do not run getmail as a privileged user
or, in version 4, use an external
MDA with explicitly configured user and group privileges.
References:
http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG
http://article.gmane.org/gmane.mail.getmail.user/1430
Solution:
All getmail users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=net-mail/getmail-4.2.0"
# emerge ">=net-mail/getmail-4.2.0"
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.