CVE-2009-2939

Published: 21 September 2009

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.

Priority

Negligible

Status

Package Release Status
postfix
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.5-3)

Notes

AuthorNote
jdstrand 
per Weitse, the symlink attack should not be possible due to
defensive programming. A subverted postfix process running as 'postfix'
could replace the pid file, which master could then send signals to.

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading