Local Privilege Escalation in Postfix by Hard Link to Symlink
CVE-2008-2936

Currently unrated

Key Information:

Vendor: Postfix
Status: Postfix
Vendor: CVE Published:; 18 August 2008

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2008-2936?

The vulnerability in Postfix allows local users to exploit the email server's handling of symlinks and hard links. When the operating system allows the use of hard links to symlinks, an attacker can create a hard link to a symlink that points to a root-owned file. By appending email messages to this file, the attacker could potentially execute arbitrary code with elevated privileges, especially if the symlink targets a critical init script. This flaw highlights significant risks in server configurations and emphasizes the need for proper access control measures.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-2936 - Proof of Concept

References

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

ftp://ftp.porcupine.org/mirrors/postfix-release/official/...

x_refsource_CONFIRM

http://secunia.com/advisories/32231

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 18, 2008
👾
Exploit known to exist
Aug 18, 2008
Vulnerability published
Aug 18, 2008
Vulnerability Reserved
Jun 30, 2008

CVE-2008-2936 Data

JSON