CVE-2006-3159
3 documents3 sources
Severity
2.1LOW
EPSS
0.1%
top 76.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 22
Latest updateMay 1
Description
pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003) allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message.
CVSS vector
AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9