FreeBSD : getmail -- symlink vulnerability during maildir delivery (8c33b299-163b-11d9-ac1b-000d614f7fad)
Low Nessus Plugin ID 37686
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionDavid Watson reports a symlink vulnerability in getmail. If run as root (not the recommended mode of operation), a local user may be able to cause getmail to write files in arbitrary directories via a symlink attack on subdirectories of the maildir.
SolutionUpdate the affected package.