Vulnerability Name:

CVE-2008-2937 (CCN-44461)

Assigned:2008-08-14
Published:2008-08-14
Updated:2018-10-11
Summary:Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:1.9 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N)
1.4 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
1.9 Low (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N)
1.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
1.9 Low (REDHAT CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N)
1.4 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: CONFIRM
Type: UNKNOWN
ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY

Source: CONFIRM
Type: UNKNOWN
ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY

Source: MITRE
Type: CNA
CVE-2008-2937

Source: CCN
Type: Postfix Web site
20080725

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Source: CCN
Type: SUSE Security Announcement SUSE-SA:2008:040
postfix Thu, 14 Aug 2008 14:00:00 +0000

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:040

Source: CCN
Type: RHSA-2011-0422
Moderate: postfix security update

Source: SECUNIA
Type: UNKNOWN
31477

Source: CCN
Type: SA31485
Postfix Symlink Handling and Destination Ownership Security Issues

Source: SECUNIA
Type: Vendor Advisory
31485

Source: SECUNIA
Type: Patch, Vendor Advisory
31500

Source: SECUNIA
Type: UNKNOWN
32231

Source: GENTOO
Type: UNKNOWN
GLSA-200808-12

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/Advisories:rPSA-2008-0259

Source: CCN
Type: GLSA-200808-12
Postfix: Local privilege escalation vulnerability

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:224

Source: CCN
Type: OSVDB ID: 47659
Postfix Cross-user Filename Local Mail Interception

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0422

Source: BUGTRAQ
Type: UNKNOWN
20080821 rPSA-2008-0259-1 postfix

Source: BID
Type: Patch
30691

Source: CCN
Type: BID-30691
Postfix Local Information Disclosure and Local Privilege Escalation Vulnerabilities

Source: VUPEN
Type: UNKNOWN
ADV-2008-2385

Source: XF
Type: UNKNOWN
postfix-email-information-disclosure(44461)

Source: XF
Type: UNKNOWN
postfix-email-information-disclosure(44461)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-2689

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-8595

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-8593

Source: SUSE
Type: SUSE-SA:2008:040
postfix security problem

Vulnerable Configuration:Configuration 1:
  • cpe:/a:postfix:postfix:2.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:postfix:postfix:2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:postfix:postfix:2.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:postfix:postfix:2.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:postfix:postfix:2.6.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:wietse_venema:postfix:1.0.21:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:5.6.z:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20082937
    V
    		CVE-2008-2937
    2015-11-16
    oval:org.mitre.oval:def:23277
    P
    		ELSA-2011:0422: postfix security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21591
    P
    		RHSA-2011:0422: postfix security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20110422
    P
    		RHSA-2011:0422: postfix security update (Moderate)
    2011-04-06
    BACK
    postfix postfix 2.5.0
    postfix postfix 2.5.1
    postfix postfix 2.5.2
    postfix postfix 2.5.3
    postfix postfix 2.6.0
    wietse_venema postfix 1.0.21
    gentoo linux *
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    novell open enterprise server *
    novell opensuse 10.2
    novell opensuse 10.3
    mandrakesoft mandrake linux 2008.1
    novell opensuse 11.0
    novell suse linux enterprise server 10 sp2
    redhat enterprise linux eus 5.6.z
    redhat enterprise linux long life 5.6