CVE-2016-6253
N/A
N/A
Summary
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-006.txt.asc
- http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html
- https://www.exploit-db.com/exploits/40141/
- https://www.exploit-db.com/exploits/40385/
- http://www.securityfocus.com/bid/92101
- http://akat1.pl/?id=2
- http://www.securitytracker.com/id/1036429
- http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local
References
- http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-006.txt.asc
- http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html
- https://www.exploit-db.com/exploits/40141/
- https://www.exploit-db.com/exploits/40385/
- http://www.securityfocus.com/bid/92101
- http://akat1.pl/?id=2
- http://www.securitytracker.com/id/1036429
- http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.