Maildrop: >> Maildrop >> 0.64 Security Vulnerabilities
main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .mailfilter file in a user's home directory, which allows local users to gain privileges via a crafted file.
CVSS Score
6.9
EPSS Score
0.001
Published
2010-02-04
lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments.
CVSS Score
10.0
EPSS Score
0.004
Published
2005-08-30