Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sympa | Sympa | * | 6.2.56 (including) |
Sympa | Sympa | 6.2.57-beta1 (including) | 6.2.57-beta1 (including) |
Sympa | Sympa | 6.2.57-beta2 (including) | 6.2.57-beta2 (including) |