mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=101855467811695&w=2 | |
http://online.securityfocus.com/archive/1/267089 | Exploit Vendor Advisory |
http://www.iss.net/security_center/static/8818.php | Patch Vendor Advisory |
http://www.openbsd.org/errata30.html#mail | |
http://www.osvdb.org/5269 | |
http://www.securityfocus.com/bid/4495 | Exploit Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2002-07-03 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2002-0542
Mitre link : CVE-2002-0542
CVE.ORG link : CVE-2002-0542
JSON object : View
Products Affected
openbsd
- openbsd
CWE