Описание
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | postfix | Not affected | ||
| Red Hat Enterprise Linux 4 | postfix | Fixed | RHSA-2011:0422 | 06.04.2011 |
| Red Hat Enterprise Linux 5 | postfix | Fixed | RHSA-2011:0422 | 06.04.2011 |
Показывать по
Дополнительная информация
Статус:
1.9 Low
CVSS2
Связанные уязвимости
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mai ...
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
1.9 Low
CVSS2