CVE-2010-0301

Name of the Vulnerable Software and Affected Versions maildrop versions 2.3.0 and earlier

Description The issue allows local users to gain privileges via a crafted .mailfilter file in a user's home directory. This occurs when maildrop is run by root with the -d option, as it uses the gid of root for execution of the .mailfilter file.

Recommendations For versions 2.3.0 and earlier, consider restricting access to the .mailfilter file to prevent exploitation until a fix is available. As a temporary workaround, avoid running maildrop with the -d option as root to minimize the risk of privilege escalation.