PT-2019-6665 · Masqmail · Masqmail

John Lightsey

Published

2019-11-19

Updated

2019-12-03

CVE-2011-3350

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions masqmail versions 0.2.21 through 0.2.30

Description The issue arises from improper calls to seteuid() in the src/log.c and src/masqmail.c files, leading to improper privilege dropping.

Recommendations For masqmail versions 0.2.21 through 0.2.30, consider updating to a version where the seteuid() calls are properly handled to ensure correct privilege dropping.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-273

Related Identifiers

CVE-2011-3350

Affected Products

Masqmail

PT-2019-6665 · Masqmail · Masqmail

CVE-2011-3350

Weakness Enumeration

Related Identifiers

Affected Products

References · 4