7 matches found
SUSE CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...
Emacs movemail Privilege Escalation
This module exploits a SUID installation of the Emacs movemail utility to run a command as root by writing to 4.3BSD's /usr/lib/crontab.local. The vulnerability is documented in Cliff Stoll's book The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Current source:...
DEBIAN-CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...
DSA-685-1 emacs21 - format string
Bulletin has no description...
Debian DSA-670-1 : emacs20 - format string
Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
DSA-671-1 xemacs21 - format string
Bulletin has no description...
DSA-670-1 emacs20 - format string
Bulletin has no description...