Description
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
Affected products
- FreeBSD / FreeBSD2.1.0 – 2.1.0
- slackware / slackware_linux3.0 – 3.0
- university_of_washington / pine3.94