Back to search
CVE-2017-5899
Published: Mar 27, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. (dot dot) in the randstr argument.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20170207 Re: CVE Request: s-nail local root
mailing-list
x_refsource_MLIST
[s-nail-users] 20170127 [ANN]ounce of S-nail v14.8.16 ("Copris lunaris")
mailing-list
x_refsource_MLIST
[oss-security] 20170127 CVE Request: s-nail local root
mailing-list
x_refsource_MLIST
96138
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now