CVE-2009-2939

Publication date 21 September 2009

Last updated 24 July 2024


Ubuntu priority

Negligible

Why this priority?

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.

Read the notes from the security team

Status

Package Ubuntu Release Status
postfix 10.10 maverick
Fixed 2.6.5-3
10.04 LTS lucid
Fixed 2.6.5-3
9.10 karmic
Fixed 2.6.5-3
9.04 jaunty Ignored end of life
8.10 intrepid Ignored end of life, was needed
8.04 LTS hardy
Fixed 2.5.1-2ubuntu1.3
6.06 LTS dapper
Fixed 2.2.10-1ubuntu0.3

Notes


jdstrand

per Weitse, the symlink attack should not be possible due to defensive programming. A subverted postfix process running as 'postfix' could replace the pid file, which master could then send signals to.

References

Related Ubuntu Security Notices (USN)

    • USN-1113-1
    • Postfix vulnerabilities
    • 18 April 2011

Other references