Phase:Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack.
ReferencesBUGTRAQ:Sunday, September 12, 1999 elm filter program | BUGTRAQ:Tuesday, December 26, 1995 filter (elm package) security hole | XF:elm-filter2
Votes:Modified (Thursday, January 06, 2000-01)
Comments: ACCEPT(7) Shostack, Bishop, Blake, Wall, Landfield, Cole, Armstrong | MODIFY(2) Baker, Frech | NOOP(3) Ozancin, Christey, Northcutt | REVIEWING(1) Levy
F7: Frech> XF:elm-filter2 | CHANGE> [Wall changed vote from NOOP to ACCEPT] | Landfield> with Frech modifications | Baker> ADD REF http://www.cert.org/ftp/cert_bulletins/VB-95:10a.elm Official Advisory | Christey> The correct URL is http://www.cert.org/vendor_bulletins/VB-95:10a.elm | Need to make sure that this CERT advisory describes the right | problem, especially since the CERT advisory is dated December | 18, 1995 and the original Bugtraq post was December 26, 1995. | Christey> BID:1802 | URL:http://www.securityfocus.com/bid/1802 | BID:1802 doesn't include the 1999 posting - does Security | Focus think that the 1999 post describes a different | vulnerability? | Christey> XF:elm-filter2 isn't on the X-Force web site. How about XF:elm-filter(402) ? | Its references point to the December 26, 1995 BUgtraq post. | | Also consider CIAC:G-36 and CERT:VB-95:10 | Frech> DELREF:XF:elm-filter2(711) | ADDREF:XF:elm-filter(402)