*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: postfix Wietse Venema posted an advisory about this to Bugtraq. Excerpt: "Sebastian Krahmer of SuSE has found a privilege escalation problem. On some systems an attacker can hardlink a root-owned symlink to for example /var/mail, and cause Postfix to append mail to existing files that are owned by root or non-root accounts." http://www.securityfocus.com/archive/1/495474/30/0/threaded No CVE number has been assigned to this problem yet, to the best of my knowledge. ** Affects: postfix (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- Postfix local privilege escalation via hardlinked symlinks https://bugs.launchpad.net/bugs/258162 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to postfix in ubuntu. -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
