Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Postfix 'postfix_groups.pl'任意文件重写漏洞
Vulnerability Description
Postfix是Ubuntu操作系统默认的邮件传输代理(MTA)。 ** 有争议的**Postfix 2.5.2版本中的postfix_groups.pl允许本地用户借助一个对(1)/tmp/postfix_groups.stdout,(2)/tmp/postfix_groups.stderr,和(3)/tmp/postfix_groups.message临时文件的symlink攻击,重写任意文件。 注意:供应商对此漏洞有争议,指出"这不是一个真正的问题...用户必须在/usr/lib目录下编辑脚本。"
CVSS Information
N/A
Vulnerability Type
N/A