qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attackers home directory, without dropping its privileges first.
Weakness
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Netqmail | Netqmail | 1.06 (including) | 1.06 (including) |
| Netqmail | Ubuntu | bionic | * |
| Netqmail | Ubuntu | eoan | * |
| Netqmail | Ubuntu | esm-apps/bionic | * |
| Netqmail | Ubuntu | esm-apps/focal | * |
| Netqmail | Ubuntu | esm-apps/xenial | * |
| Netqmail | Ubuntu | esm-infra-legacy/trusty | * |
| Netqmail | Ubuntu | focal | * |
| Netqmail | Ubuntu | trusty | * |
| Netqmail | Ubuntu | trusty/esm | * |
| Netqmail | Ubuntu | upstream | * |
| Netqmail | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/122.html
- https://cwe.mitre.org/data/definitions/233.html
- https://cwe.mitre.org/data/definitions/58.html
References
- https://bugs.debian.org/961060
- https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html
- https://usn.ubuntu.com/4556-1/
- https://www.debian.org/security/2020/dsa-4692
- https://www.openwall.com/lists/oss-security/2020/05/19/8
- https://bugs.debian.org/961060
- https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html
- https://usn.ubuntu.com/4556-1/
- https://www.debian.org/security/2020/dsa-4692
- https://www.openwall.com/lists/oss-security/2020/05/19/8