CVE-2006-3159

pipemaster in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 built May 14 2003 allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message...

Sun iPlanet symbolic links problem

pipemaster suid root application tries to read configuration from msg.conf file with relative path without checking for symbolic links. It makes it possible to read few trings from any file with symbolic link...