CVE-2008-2937

描述

Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.

受影響套件(1)

• Debian/postfixfrom 0, < 2.5.4-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-2937