Test ID:	1.3.6.1.4.1.25623.1.0.69026
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201009-02 (maildrop)
Summary:	The remote host is missing updates announced in;advisory GLSA 201009-02.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 201009-02. Vulnerability Insight: Insecure permission handling in maildrop might allow local attackers to elevate their privileges. Solution: All maildrop users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-filter/maildrop-2.4.2' CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0301 1023515 http://securitytracker.com/id?1023515 38367 http://secunia.com/advisories/38367 38374 http://secunia.com/advisories/38374 DSA-1981 http://www.debian.org/security/2010/dsa-1981 [oss-security] 20100127 CVE id request: maildrop http://marc.info/?l=oss-security&m=126462927918840&w=2 [oss-security] 20100128 Re: CVE id request: maildrop http://marc.info/?l=oss-security&m=126468324913920&w=2 http://marc.info/?l=oss-security&m=126468551017070&w=2 http://marc.info/?l=oss-security&m=126468618017829&w=2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564601 http://www.courier-mta.org/maildrop/changelog.html https://bugzilla.redhat.com/show_bug.cgi?id=559681 maildrop-group-priv-escalation(55980) https://exchange.xforce.ibmcloud.com/vulnerabilities/55980
Copyright	Copyright (C) 2011 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.