3 matches found
EUVD-1999-0806
Malware in sbrugna...
unixware7.mail.txt
Greetings, OVERVIEW Any user can read/modify others' mail. BACKGROUND Only UnixWare 7.1 was tested. DETAILS Imagine my suprise when I saw that /var/mail was mode 777. As such, any user may create a file called /var/mail/ with a mode readable by him and trap all incoming mail. Afraid of getting...
SCO Unixware 7.1 - '/var/mail' Permissions
source: https://www.securityfocus.com/bid/849/info Certain versions of SCO's UnixWare only 7.1 was tested ship with the /var/mail/ directory with permission 777-rwxrwxrwx . This in effect allows malicious users to read incoming mail for users who do not yet have a mail file /var/mail/username...