Vulnerabilities > CVE-2004-0881

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
getmail
gentoo
slackware
nessus

Summary

getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.

Nessus

  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2004-278-01.NASL
    descriptionNew getmail packages are available for Slackware 9.1, 10.0 and -current to fix a security issue. If getmail is used as root to deliver to user owned files or directories, it can be made to overwrite system files.
    last seen2020-06-01
    modified2020-06-02
    plugin id18776
    published2005-07-13
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18776
    titleSlackware 10.0 / 9.1 / current : getmail (SSA:2004-278-01)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200409-32.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200409-32 (getmail: Filesystem overwrite vulnerability) David Watson discovered a vulnerability in getmail when it is configured to run as root and deliver mail to the maildirs/mbox files of untrusted local users. A malicious local user can then exploit a race condition, or a similar symlink attack, and potentially cause getmail to create or overwrite files in any directory on the system. Impact : An untrusted local user could potentially create or overwrite files in any directory on the system. This vulnerability may also be exploited to have arbitrary commands executed as root. Workaround : Do not run getmail as a privileged user; or, in version 4, use an external MDA with explicitly configured user and group privileges.
    last seen2020-06-01
    modified2020-06-02
    plugin id14809
    published2004-09-24
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14809
    titleGLSA-200409-32 : getmail: Filesystem overwrite vulnerability
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_GETMAIL_325.NASL
    descriptionThe following package needs to be updated: getmail
    last seen2016-09-26
    modified2011-10-03
    plugin id15489
    published2004-10-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=15489
    titleFreeBSD : getmail -- symlink vulnerability during maildir delivery (56)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_8C33B299163B11D9AC1B000D614F7FAD.NASL
    descriptionDavid Watson reports a symlink vulnerability in getmail. If run as root (not the recommended mode of operation), a local user may be able to cause getmail to write files in arbitrary directories via a symlink attack on subdirectories of the maildir.
    last seen2020-06-01
    modified2020-06-02
    plugin id37686
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37686
    titleFreeBSD : getmail -- symlink vulnerability during maildir delivery (8c33b299-163b-11d9-ac1b-000d614f7fad)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-553.NASL
    descriptionA security problem has been discovered in getmail, a POP3 and APOP mail gatherer and forwarder. An attacker with a shell account on the victims host could utilise getmail to overwrite arbitrary files when it is running as root.
    last seen2020-06-01
    modified2020-06-02
    plugin id15390
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15390
    titleDebian DSA-553-1 : getmail - symlink vulnerability