Описание
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 4.60-3ubuntu3.3 |
| devel | released | 4.72-1ubuntu1 |
| hardy | released | 4.69-2ubuntu0.3 |
| jaunty | ignored | end of life |
| karmic | released | 4.69-11ubuntu4.2 |
| lucid | released | 4.71-3ubuntu1.1 |
| maverick | released | 4.72-1ubuntu1 |
| upstream | released | 4.72 |
Показывать по
4.4 Medium
CVSS2
Связанные уязвимости
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
transports/appendfile.c in Exim before 4.72, when a world-writable sti ...
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
4.4 Medium
CVSS2