CVE-2009-1601
Summary
| CVE | CVE-2009-1601 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2009-05-11 15:30:00 UTC |
| Updated | 2017-08-17 01:30:00 UTC |
| Description | The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| USN-770-1: ClamAV vulnerability | Ubuntu | UBUNTU | www.ubuntu.com | Vendor Advisory |
| Ubuntu update for clamav - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| ClamAV 'clamav-milter' Initscript File Permission Vulnerability | BID | www.securityfocus.com | Patch |
| Bug #365823 “clamav-milter chowns root/arbitrary directory” : Bugs : “clamav” package : Ubuntu | CONFIRM | launchpad.net | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.