0.9A

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

efax

NVD

Published: 2002-03-25

Updated: 2016-10-18

Summary

efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.

Vulnerable Configurations

Part	Description	Count
Application	Efax Efax Efax 0.8A Efax Efax 0.9 Efax Efax 0.9A	3

References

http://marc.info/?l=vuln-dev&m=101114350330912&w=2
http://seclists.org/bugtraq/2002/Jan/0212.html
http://www.iss.net/security_center/static/7921.php
http://www.securityfocus.com/bid/3895