Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2020-3812

UNKNOWN

Published 2020-05-26T13:04:14.769312Z

Actions:

No CVSS data available

Description

qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without dropping its privileges first.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

netqmail

Affected Versions:

1.06

References

https://www.openwall.com/lists/oss-security/2020/05/19/8

https://bugs.debian.org/961060

https://www.debian.org/security/2020/dsa-4692

https://lists.debian.org/debian-lts-announce/2020/06/msg00002.html

https://usn.ubuntu.com/4556-1/

Published: 2020-05-26T13:04:14.769312Z

Last Modified: 2024-09-16T16:39:08.837Z

Copied to clipboard!