CVE-2004-0881

getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.

Published: Jan 27, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-0881
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
getmail / getmail	4.0.11	4.0.11.x
getmail / getmail	4.1.3	4.1.3.x
getmail / getmail	4.1.2	4.1.2.x
getmail / getmail	4.0.7	4.0.7.x
getmail / getmail	4.1	4.1.x
getmail / getmail	4.0.5	4.0.5.x
getmail / getmail	3.x	3.x.x
getmail / getmail	4.0.13	4.0.13.x
getmail / getmail	4.0.10	4.0.10.x
getmail / getmail	4.0.6	4.0.6.x
getmail / getmail	4.0.2	4.0.2.x
getmail / getmail	4.1.1	4.1.1.x
getmail / getmail	4.0.4	4.0.4.x
getmail / getmail	4.1.5	4.1.5.x
getmail / getmail	4.0	4.0.x
getmail / getmail	4.0.9	4.0.9.x
getmail / getmail	4.0.0_b10	4.0.0_b10.x
getmail / getmail	4.1.4	4.1.4.x
getmail / getmail	4.0.1	4.0.1.x
getmail / getmail	4.0.3	4.0.3.x
getmail / getmail	4.0.12	4.0.12.x
getmail / getmail	4.0.8	4.0.8.x
getmail / getmail	2.3.7	2.3.7.x
slackware / slackware_linux	10.0	10.0.x
slackware / slackware_linux	9.1	9.1.x
slackware / slackware_linux	current	current.x
gentoo / linux	1.4	1.4.x

Vulnerability Database

289,599

CVE-2004-0881