getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
2005-01-27T05:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 1.2 (LOW)
AV:L/AC:H/Au:N/C:N/I:P/A:N
1.9
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | getmail | getmail | 2.3.7 | Yes |
| Application | getmail | getmail | 3.x | Yes |
| Application | getmail | getmail | 4.0 | Yes |
| Application | getmail | getmail | 4.0.0_b10 | Yes |
| Application | getmail | getmail | 4.0.1 | Yes |
| Application | getmail | getmail | 4.0.2 | Yes |
| Application | getmail | getmail | 4.0.3 | Yes |
| Application | getmail | getmail | 4.0.4 | Yes |
| Application | getmail | getmail | 4.0.5 | Yes |
| Application | getmail | getmail | 4.0.6 | Yes |
| Application | getmail | getmail | 4.0.7 | Yes |
| Application | getmail | getmail | 4.0.8 | Yes |
| Application | getmail | getmail | 4.0.9 | Yes |
| Application | getmail | getmail | 4.0.10 | Yes |
| Application | getmail | getmail | 4.0.11 | Yes |
| Application | getmail | getmail | 4.0.12 | Yes |
| Application | getmail | getmail | 4.0.13 | Yes |
| Application | getmail | getmail | 4.1 | Yes |
| Application | getmail | getmail | 4.1.1 | Yes |
| Application | getmail | getmail | 4.1.2 | Yes |
| Application | getmail | getmail | 4.1.3 | Yes |
| Application | getmail | getmail | 4.1.4 | Yes |
| Application | getmail | getmail | 4.1.5 | Yes |
| Operating System | gentoo | linux | 1.4 | Yes |
| Operating System | slackware | slackware_linux | 9.1 | Yes |
| Operating System | slackware | slackware_linux | 10.0 | Yes |
| Operating System | slackware | slackware_linux | current | Yes |