Local Security Bypass in clamav-milter on Ubuntu Systems
CVE-2009-1601

Currently unrated

Key Information:

Vendor: Ubuntu
Status: Linux
Vendor: CVE Published:; 11 May 2009

What is CVE-2009-1601?

The clamav-milter service in Ubuntu 9.04 has a vulnerability where the ownership of the current working directory is erroneously set to the clamav account. This misconfiguration may allow local users to circumvent access restrictions, permitting unauthorized read or write operations within the designated directory, potentially compromising system security.

References

http://www.ubuntu.com/usn/USN-770-1

vendor-advisoryx_refsource_UBUNTU

https://exchange.xforce.ibmcloud.com/vulnerabilities/50311

vdb-entryx_refsource_XF

https://launchpad.net/bugs/365823

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2009
Vulnerability Reserved
May 11, 2009