Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and previous versions does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ecartis ecartis 1.0.0_snapshot_2002-01-21 |
||
ecartis ecartis 1.0.0_snapshot_2002-01-25 |
||
listar listar 0.126a |
||
listar listar 0.127a |
||
listar listar 0.129a |