PublicDate: 2008-08-18 19:41:00 UTC
Candidate: CVE-2008-2936
References: 
 https://ubuntu.com/security/notices/USN-636-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936
Description:
 Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before
 2.6-20080814, when the operating system supports hard links to symlinks,
 allows local users to append e-mail messages to a file to which a
 root-owned symlink points, by creating a hard link to this symlink and then
 sending a message.  NOTE: this can be leveraged to gain privileges if there
 is a symlink to an init script.
Ubuntu-Description: 
Notes: 
 jdstrand> requires postfix as delivery agent, no root alias, no mail delivered
  to root, and the 'mail' account (or an application in the 'mail' group) to
  be compromised
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/258162
Priority: low
Discovered-by: Sebastian Krahmer
Assigned-to: lamont
CVSS: 

Patches_postfix:
upstream_postfix: released (2.5.4)
dapper_postfix: released (2.2.10-1ubuntu0.2)
feisty_postfix: released (2.3.8-2ubuntu0.2)
gutsy_postfix: released (2.4.5-3ubuntu1.2)
hardy_postfix: released (2.5.1-2ubuntu1.1)
devel_postfix: not-affected