CVE-2006-3159

pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003) allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sun:iplanet_messaging_server:5.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:one_messaging_server:5.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-06-22 22:06

Updated : 2024-02-28 10:42


NVD link : CVE-2006-3159

Mitre link : CVE-2006-3159

CVE.ORG link : CVE-2006-3159


JSON object : View

Products Affected

sun

  • iplanet_messaging_server
  • one_messaging_server