Re: mailscanner: lock/pid file location symlink attack / TEMP-0000000-477739
On Fri, Feb 25, 2011 at 05:54:42AM +0200, henri@nerv.fi wrote:
> I think a CVE ID for mailscanner issue "lock/pid file location symlink attack" is CVE-2008-5313.
>
> References:
> 1: http://security-tracker.debian.org/tracker/TEMP-0000000-477739
> 2: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5313
> 3: http://security-tracker.debian.org/tracker/CVE-2010-3095
> 4: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596403
I'm not sure, there's three years time gap between and the description
only mentions other temporary files than the PID file?
Cheers,
Moritz
Reply to: