[Bug 258162] [NEW] Postfix local privilege escalation via hardlinked symlinks
alexkon at gmail.com
Fri Aug 15 15:17:23 BST 2008
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: postfix
Wietse Venema posted an advisory about this to Bugtraq. Excerpt:
"Sebastian Krahmer of SuSE has found a privilege escalation problem.
On some systems an attacker can hardlink a root-owned symlink to
for example /var/mail, and cause Postfix to append mail to existing
files that are owned by root or non-root accounts."
No CVE number has been assigned to this problem yet, to the best of my
** Affects: postfix (Ubuntu)
** Visibility changed to: Public
Postfix local privilege escalation via hardlinked symlinks
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in ubuntu.
More information about the Ubuntu-server-bugs