Published: 10/09/2001 Updated: 19/12/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

msgchk in Digital UNIX 4.0G and previous versions allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
compaq tru64 4.0f
compaq tru64 4.0g
compaq tru64 4.0d
compaq tru64 4.0e

source: wwwsecurityfocuscom/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege Because msgchk fails to check file permissions before opening user configuration files in the user's home directory, a symbolic link to a target file can pe ...

Hi there 👋 Trails Senior Security Engineer, GREE 🇯🇵 2012, Now ~ Security Manager, LINE 🇯🇵 2008, 4 and half years Co-founder, PanicSecurity 🇰🇷 (PS ScanW3B) 2004 Security Engineer, Webzen 🇰🇷 2003, 2years Security Consultant, HackersLab 🇰🇷 (The first security consulting firm in Korea) 2001, 2years Founder, IGRUS, Inha Group of Research for UNIX

NVD-CWE-Other http://www.securityfocus.com/archive/1/213238 http://www.securityfocus.com/bid/3320 http://www.kb.cert.org/vuls/id/440539 https://exchange.xforce.ibmcloud.com/vulnerabilities/7102 https://nvd.nist.gov https://github.com/truefinder/truefinder https://www.exploit-db.com/exploits/21107/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-1092

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect