trend-autoupdate.new in mailscanner 4.55.10 and other versions prior to 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian mailscanner 4.55.10 |