AOH :: HP Unsorted M :: BU-2100.HTM

Multiple vulnerabilities in Deliver



Multiple vulnerabilities in Deliver
Multiple vulnerabilities in Deliver



==================================A0Deliver, multiple vulnerabilites
=A0March 24, 2010
=A0CVE-2010-0439
=================================
==Description=
Deliver (http://deliver.sourceforge.net/), a mail delivery program 
installed suid
root as /usr/bin/deliver, is vulnerable to several race conditions that can be
exploited by a local attacker using symbolic links.=A0 On systems using Deliver
over NFS, these attacks can result in gaining root privileges via
taking ownership
of critical system files.=A0 On other systems, these attacks can result in
denial-of-service conditions and information disclosure.=A0 In addition, users can
deny service to other users by creating lockfiles for other users' mailboxes.

==Solution=
Users are advised to discontinue use of Deliver in the absence of a patch or
new release from the developer.

==Credits=
These vulnerabilities were discovered by Dan Rosenberg
(dan.j.rosenberg@gmail.com). 

==Timeline=
1/14/10 - Vulnerabilities discovered
1/27/10 - Developer notified
1/27/10 - Developer response, fix planned
3/20/10 - Fix deadlines repeatedly passed, disclosure date set at 3/24/10
3/24/10 - Disclosure

==References=
CVE identifier CVE-2010-0439 has been assigned to these issues.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.