Multiple vulnerabilities in Deliver

From: Dan Rosenberg <dan.j.rosenberg@gmail.com>
To: bugtraq@securityfocus.com
Cc:
Subject: Multiple vulnerabilities in Deliver
Date:


==================================
Deliver, multiple vulnerabilites
March 24, 2010
CVE-2010-0439
==================================

==Description==

Deliver (http://deliver.sourceforge.net/), a mail delivery program
installed suid
root as /usr/bin/deliver, is vulnerable to several race conditions that can be
exploited by a local attacker using symbolic links. On systems using Deliver
over NFS, these attacks can result in gaining root privileges via
taking ownership
of critical system files. On other systems, these attacks can result in
denial-of-service conditions and information disclosure. In addition, users can
deny service to other users by creating lockfiles for other users' mailboxes.

==Solution==

Users are advised to discontinue use of Deliver in the absence of a patch or
new release from the developer.

==Credits==

These vulnerabilities were discovered by Dan Rosenberg
(dan.j.rosenberg@gmail.com).

==Timeline==

1/14/10 - Vulnerabilities discovered
1/27/10 - Developer notified
1/27/10 - Developer response, fix planned
3/20/10 - Fix deadlines repeatedly passed, disclosure date set at 3/24/10
3/24/10 - Disclosure

==References==

CVE identifier CVE-2010-0439 has been assigned to these issues.





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.