CVE Vulnerabilities

CVE-2004-0881

Published: Jan 27, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.

Affected Software

Name Vendor Start Version End Version
Getmail Getmail 2.3.7 (including) 2.3.7 (including)
Getmail Getmail 3.x (including) 3.x (including)
Getmail Getmail 4.0 (including) 4.0 (including)
Getmail Getmail 4.0.0_b10 (including) 4.0.0_b10 (including)
Getmail Getmail 4.0.1 (including) 4.0.1 (including)
Getmail Getmail 4.0.2 (including) 4.0.2 (including)
Getmail Getmail 4.0.3 (including) 4.0.3 (including)
Getmail Getmail 4.0.4 (including) 4.0.4 (including)
Getmail Getmail 4.0.5 (including) 4.0.5 (including)
Getmail Getmail 4.0.6 (including) 4.0.6 (including)
Getmail Getmail 4.0.7 (including) 4.0.7 (including)
Getmail Getmail 4.0.8 (including) 4.0.8 (including)
Getmail Getmail 4.0.9 (including) 4.0.9 (including)
Getmail Getmail 4.0.10 (including) 4.0.10 (including)
Getmail Getmail 4.0.11 (including) 4.0.11 (including)
Getmail Getmail 4.0.12 (including) 4.0.12 (including)
Getmail Getmail 4.0.13 (including) 4.0.13 (including)
Getmail Getmail 4.1 (including) 4.1 (including)
Getmail Getmail 4.1.1 (including) 4.1.1 (including)
Getmail Getmail 4.1.2 (including) 4.1.2 (including)
Getmail Getmail 4.1.3 (including) 4.1.3 (including)
Getmail Getmail 4.1.4 (including) 4.1.4 (including)
Getmail Getmail 4.1.5 (including) 4.1.5 (including)

References