Local Privilege Escalation via Symlink Attack in ssmtp 2.50.6 and Earlier

Local Privilege Escalation via Symlink Attack in ssmtp 2.50.6 and Earlier

CVE-2004-0423 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file.

Learn more about our User Device Pen Test.