Vulnerability Description
SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Seattle Lab Software | Slmail | 3.0.2421 |
References
- http://marc.info/?l=bugtraq&m=91996412724720&w=2
- http://marc.info/?l=ntbugtraq&m=91999015212415&w=2
- http://marc.info/?l=ntbugtraq&m=92110501504997&w=2
- http://www.securityfocus.com/bid/497
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5392
- http://marc.info/?l=bugtraq&m=91996412724720&w=2
- http://marc.info/?l=ntbugtraq&m=91999015212415&w=2
- http://marc.info/?l=ntbugtraq&m=92110501504997&w=2
- http://www.securityfocus.com/bid/497
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5392
FAQ
What is CVE-1999-0380?
CVE-1999-0380 is a vulnerability with a CVSS score of 4.6 (MEDIUM). SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, th...
How severe is CVE-1999-0380?
CVE-1999-0380 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-0380?
Check the references section above for vendor advisories and patch information. Affected products include: Seattle Lab Software Slmail.