Описание
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| emacs21 | removed | package | ||
| emacs21 | no-dsa | lenny | package | |
| emacs22 | removed | package | ||
| emacs22 | no-dsa | lenny | package | |
| xemacs21 | fixed | 21.4.22-3.1 | package | |
| xemacs21 | no-dsa | lenny | package | |
| xmacs21 | no-dsa | lenny | package | |
| emacs23 | fixed | 23.2+1-1 | package |
Примечания
Only exploitable when configured as setgid mail, which isn't set by default
EPSS
Связанные уязвимости
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
EPSS