CVE-2010-0301
EPSS 0.05%maildrop - privilege escalation
Published: 2/4/2010Modified: 4/28/2026
Also known as:DEBIAN-CVE-2010-0301
Description
main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file.
Affected packages (2)
- Debian/maildropfrom 0, < 2.2.0-3.1
- Debian/maildropfrom 0, < 2.0.2-11+etch1