MidnightBSD

Advisories for s-nail_project

CVE-2017-5899 MEDIUM

Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. (dot dot) in the randstr argument.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-362,

Products Affected

Vendor Product Version
s-nail_project s-nail *