Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MailScanner 不安全临时文件创建漏洞
Vulnerability Description
MailScanner是一个Email病毒扫描、防黑和垃圾邮件过滤程序。 mailscanner 4.68.8和其它4.74.16-1之前的版本可能允许本地用户可以借助的一个symlink攻击 on certain temporary files used by the 对被(1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate,和(4) /etc/MailScanner/autoupdate/中的f-prot-6-autoup
CVSS Information
N/A
Vulnerability Type
N/A