https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270404
Bug ID: 270404
Summary: comsat is willing to try to read and display any file
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
If comsat is enabled in /etc/inetd.conf, and user is logged in and
accepting notifications, then sending comsat a UDP packet like
user@0:../../etc/remote
will cause comsat to try to open /etc/remote (really
/var/mail/../../etc/remote) and display it on user's terminal.
--
You are receiving this mail because:
You are the assignee for the bug.
