Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2008-2936

Disclosure Date: August 18, 2008
CVE-2008-2936
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

References

Canonical
CVE-2008-2936 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936)
BID-30691 (http://www.securityfocus.com/bid/30691)
Advisory
FEDORA-2008-8595 (https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html)
SECUNIA-32231 (http://secunia.com/advisories/32231)
SECUNIA-31469 (http://secunia.com/advisories/31469)
DSA-1629 (http://www.debian.org/security/2008/dsa-1629)
SECUNIA-31530 (http://secunia.com/advisories/31530)
FEDORA-2008-8593 (https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html)
https://issues.rpath.com/browse/RPL-2689
SECTRACK-1020700 (http://www.securitytracker.com/id?1020700)
20080821 rPSA-2008-0259-1 postfix (http://www.securityfocus.com/archive/1/495632/100/0/threaded)
VU#938323 (http://www.kb.cert.org/vuls/id/938323)
[postfix-announce] 20080814 Postfix local privilege escalation via hardlinked symlinks (http://article.gmane.org/gmane.mail.postfix.announce/110)
SREASON-4160 (http://securityreason.com/securityalert/4160)
http://wiki.rpath.com/Advisories:rPSA-2008-0259
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html
SECUNIA-31474 (http://secunia.com/advisories/31474)
20080831 PoCfix (PoC for Postfix local root vuln - CVE-2008-2936) (http://www.securityfocus.com/archive/1/495882/100/0/threaded)
XF-postfix-symlink-code-execution(44460) (https://exchange.xforce.ibmcloud.com/vulnerabilities/44460)
EXPLOIT-DB-6337 (https://www.exploit-db.com/exploits/6337)
http://www.redhat.com/support/errata/RHSA-2008-0839.html
SECUNIA-31500 (http://secunia.com/advisories/31500)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033
SECUNIA-31477 (http://secunia.com/advisories/31477)
SECUNIA-31485 (http://secunia.com/advisories/31485)
USN-636-1 (https://usn.ubuntu.com/636-1)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:171
20080814 Postfix local privilege escalation via hardlinked symlinks (http://www.securityfocus.com/archive/1/495474/100/0/threaded)
ADV-2008-2385 (http://www.vupen.com/english/advisories/2008/2385)
GLSA-200808-12 (http://security.gentoo.org/glsa/glsa-200808-12.xml)
Miscellaneous
https://usn.ubuntu.com/636-1/

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis