CVE-2008-5312

Name of the Vulnerable Software and Affected Versions MailScanner versions 4.55.10 through 4.74.16-1

Description The issue allows local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the scripts in /etc/MailScanner/autoupdate/, including f-prot-autoupdate, clamav-autoupdate, panda-autoupdate.new, trend-autoupdate.new, and rav-autoupdate.new.

Recommendations For MailScanner versions 4.55.10 through 4.74.16-1, update to version 4.74.16-1 or later to resolve the issue. As a temporary workaround, consider restricting access to the scripts in /etc/MailScanner/autoupdate/ to minimize the risk of exploitation.