Vulnerability Description
The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Linux | 9.04 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/35000Vendor Advisory
- http://www.securityfocus.com/bid/34818Patch
- http://www.ubuntu.com/usn/USN-770-1Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50311
- https://launchpad.net/bugs/365823
- http://secunia.com/advisories/35000Vendor Advisory
- http://www.securityfocus.com/bid/34818Patch
- http://www.ubuntu.com/usn/USN-770-1Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50311
- https://launchpad.net/bugs/365823
FAQ
What is CVE-2009-1601?
CVE-2009-1601 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local us...
How severe is CVE-2009-1601?
CVE-2009-1601 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1601?
Check the references section above for vendor advisories and patch information. Affected products include: Ubuntu Linux.