CVE-2008-5312 - Improper Link Resolution Before File Access ('Link Following')

Severity

69%

Complexity

34%

Confidentiality

165%

mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) panda-autoupdate.new, (4) trend-autoupdate.new, and (5) rav-autoupdate.new scripts in /etc/MailScanner/autoupdate/, a different vulnerability than CVE-2008-5140.

CVSS 2.0 Base Score 6.9. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

MailScanner

First reported 16 years ago

2008-12-03 17:30:00

Last updated 14 years ago

2010-12-28 05:00:00

Affected Software

MailScanner 4.56.8-1

4.56.8-1

MailScanner 4.57.7-1

4.57.7-1

MailScanner 4.58.9-1

4.58.9-1

MailScanner 4.59.4-2

4.59.4-2

MailScanner 4.60.8-1

4.60.8-1

MailScanner 4.61.7-2

4.61.7-2

MailScanner 4.62.9-3

4.62.9-3

MailScanner 4.63.8-1

4.63.8-1

MailScanner 4.64.3-2

4.64.3-2

MailScanner 4.65.3-1

4.65.3-1

MailScanner 4.66.5-3

4.66.5-3

MailScanner 4.67.6-1

4.67.6-1

MailScanner 4.68.8-1

4.68.8-1

MailScanner 4.69.9-3

4.69.9-3

MailScanner 4.70.7-1

4.70.7-1

MailScanner 4.71.10-1

4.71.10-1

MailScanner 4.72.5-1

4.72.5-1

MailScanner 4.73.4-2

4.73.4-2

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353#44

33117

Vendor Advisory

http://www.mailscanner.info/ChangeLog

[oss-security] 20081128 CVE id request/update: mailscanner: many scripts allow local users to overwrite arbitrary files via symlink attacks

32557

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.