Nom du paquet
mailscanner
Date
2008-12-22
Advisory ID
MDVA-2008:241
Affected versions
CS4.0 x86_64 , CS4.0 i586

Problem description

Local users can use symlink attacks throughout a flaw on
trend-autoupdate script of MailScanner by using /tmp/opr.ini.#####
or /tmp/lpt temporary file (CVE-2008-5140).

Local users can use symlink attacks throughout flaws on
clamav-autoupdate, panda-autoupdate and rav-autoupdate scripts of
MailScanner by using ClamAV.update.log, pav.zip and RavBusy.lock
temporary files (CVE-2008-5312).

Local users can use symlink attacks throughout flaws on
kaspersky-wrapper, bitdefender-wrapper, rav-wrapper scripts and
Quarentine.pm, TNEF.pm, SA.pm, WorkArea.pm MailScanner perl modules
by using kavoutput.tmp.27073, log.bdc.27073, report.vir.27073,
MailScanner.ownertest.27073, tnef.27073 and MS.bayes.rebuild.lock
temporary files (CVE-2008-5313).

Further MailScanner had symlink flaws on antivir-autoupdate,
bitdefender-autoupdate, clamav-autoupdate, etrust-autoupdate,
generic-autoupdate, inoculan-autoupdate, kaspersky-autoupdate,
nod32-autoupdate, norman-autoupdate, rav-autoupdate,
sophos-autoupdate, symscanengine-autoupdate, vexira-autoupdate,
f-prot-autoupdate and css-autoupdate scripts under following
temporary vulnerable files: AntiVirBusy.lock, BitDefenderBusy.lock,
ClamAVBusy.lock, eTrustBusy.lock, GenericBusy.lock, InoculanBusy.lock,
KasperskyBusy.lock, Nod32Busy.lock, NormanBusy.lock, RavBusy.lock,
SophosBusy.lock, SymScanEngineBusy.lock, VexiraBusy.lock,
FProtBusy.lock and SYMCScan.lock.

This update provides fix for all symlink flaws described on this
security advisory.

Updated packages

CS4.0 x86_64

 4e93bc7c48ec8f65122d263237b99ec9  corporate/4.0/x86_64/mailscanner-4.55.9_1-3.1.20060mlcs4.noarch.rpm
 f92acdbed4f63778609726eaa2dc8fd1  corporate/4.0/x86_64/mailscanner-spamassassin-4.55.9_1-3.1.20060mlcs4.noarch.rpm 
 35f1b7e0cc1534def4394e7bec95ab48  corporate/4.0/SRPMS/mailscanner-4.55.9_1-3.1.20060mlcs4.src.rpm

CS4.0 i586

 4e93bc7c48ec8f65122d263237b99ec9  corporate/4.0/i586/mailscanner-4.55.9_1-3.1.20060mlcs4.noarch.rpm
 f92acdbed4f63778609726eaa2dc8fd1  corporate/4.0/i586/mailscanner-spamassassin-4.55.9_1-3.1.20060mlcs4.noarch.rpm 
 35f1b7e0cc1534def4394e7bec95ab48  corporate/4.0/SRPMS/mailscanner-4.55.9_1-3.1.20060mlcs4.src.rpm

References