PT-2020-16527 · Renaud Bastide Christophe Wolfhugel+1 · Sympa+1

Lightsey

Published

2020-10-07

Updated

2022-11-16

CVE-2020-26880

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sympa versions through 6.2.57b.2

Description The issue allows a local privilege escalation from the sympa user account to full root access. This is achieved by modifying the sympa.conf configuration file, which is owned by sympa, and then parsing it through the setuid sympa newaliases-wrapper executable.

Recommendations For versions through 6.2.57b.2, consider restricting access to the sympa newaliases-wrapper executable as a temporary workaround until a patch is available. Additionally, limit modifications to the sympa.conf configuration file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2020-26880

DLA-2441-1

DSA-4818-1

Affected Products

Debian

Sympa

PT-2020-16527 · Renaud Bastide Christophe Wolfhugel+1 · Sympa+1

CVE-2020-26880

Weakness Enumeration

Related Identifiers

Affected Products

References · 18