CVE-2011-3350

NameCVE-2011-3350
Descriptionmasqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs638002

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
masqmail (PTS)sid0.3.4-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
masqmailsourcesqueeze0.2.27-1.1+squeeze1
masqmailsource(unstable)0.2.30-1low638002

Notes

[lenny] - masqmail <no-dsa> (no security issue by itself)

Search for package or bug name: Reporting problems