CVE-2008-5313

Name of the Vulnerable Software and Affected Versions MailScanner versions 4.68.8 through 4.74.16-1

Description The issue allows local users to overwrite arbitrary files via a symlink attack on certain temporary files used by various scripts, including those for autoupdate and wrapper functions in /etc/MailScanner/autoupdate/ and /etc/MailScanner/wrapper/, as well as scripts in /usr/share/MailScanner/MailScanner/ and the /usr/sbin/MailScanner executable. This could potentially be exploited by manipulating the configuration loaded from /etc/MailScanner/mailscanner.conf.with.mcp.

Recommendations For MailScanner versions 4.68.8 through 4.74.16-1, update to version 4.74.16-1 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable scripts and executables, such as those in /etc/MailScanner/autoupdate/, /etc/MailScanner/wrapper/, and /usr/share/MailScanner/MailScanner/, to minimize the risk of exploitation. Additionally, limit the ability to load or modify the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.