Vulnerabilities > CVE-2019-18862 - Unspecified vulnerability in GNU Mailutils 0.5/0.6

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
gnu
exploit available
NVD
Published: 2019-11-11
Updated: 2020-08-24

Summary

maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.

Vulnerable Configurations

Part Description Count
Application
Gnu
3

Exploit-Db

idEDB-ID:47703
last seen2019-11-21
modified2019-11-21
published2019-11-21
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/47703
titleGNU Mailutils 3.7 - Privilege Escalation

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/155425/gnumailutils37-escalate.txt
idPACKETSTORM:155425
last seen2019-11-21
published2019-11-21
reporterMike Gualtieri
sourcehttps://packetstormsecurity.com/files/155425/GNU-Mailutils-3.7-Privilege-Escalation.html
titleGNU Mailutils 3.7 Privilege Escalation

References