Back to search
CVE-2008-2937
Published: Aug 18, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2008-8595
vendor-advisory
x_refsource_FEDORA
32231
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:224
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2008-8593
vendor-advisory
x_refsource_FEDORA
https://issues.rpath.com/browse/RPL-2689
x_refsource_CONFIRM
20080821 rPSA-2008-0259-1 postfix
mailing-list
x_refsource_BUGTRAQ
postfix-email-information-disclosure(44461)
vdb-entry
x_refsource_XF
30691
vdb-entry
x_refsource_BID
http://wiki.rpath.com/Advisories:rPSA-2008-0259
x_refsource_CONFIRM
SUSE-SA:2008:040
vendor-advisory
x_refsource_SUSE
RHSA-2011:0422
vendor-advisory
x_refsource_REDHAT
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
x_refsource_CONFIRM
31500
third-party-advisory
x_refsource_SECUNIA
31477
third-party-advisory
x_refsource_SECUNIA
31485
third-party-advisory
x_refsource_SECUNIA
ADV-2008-2385
vdb-entry
x_refsource_VUPEN
GLSA-200808-12
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now