Mandriva Linux Security Advisory : postfix (MDVSA-2009:224-1)
Low Nessus Plugin ID 40813
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in postfix :
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account name (CVE-2008-2937).
This update provides a solution to this vulnerability.
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
SolutionUpdate the affected packages.