Postfix Local Information Disclosure and Local Privilege Escalation Vulnerabilities

info
discussion
exploit
solution
references

Postfix Local Information Disclosure and Local Privilege Escalation Vulnerabilities

Postfix is prone to a local privilege-escalation vulnerability and a local information-disclosure vulnerability.

Local attackers can exploit this issue to read other users' mail or execute arbitrary commands with superuser privileges.

Versions prior to Postfix 2.5.4 Patchlevel 4 are vulnerable.