Back to search
CVE-2006-3159
Published: Jun 22, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003) allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1016416
vdb-entry
x_refsource_SECTRACK
102496
vendor-advisory
x_refsource_SUNALERT
1016312
vdb-entry
x_refsource_SECTRACK
iplanet-msgconf-symlink(27220)
vdb-entry
x_refsource_XF
ADV-2006-2633
vdb-entry
x_refsource_VUPEN
20060614 Sun iPlanet Messaging Server 5.2 root password compromise
mailing-list
x_refsource_FULLDISC
18749
vdb-entry
x_refsource_BID
20919
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now