Symlink Attack Vulnerability in NetBSD's mail.local

Symlink Attack Vulnerability in NetBSD's mail.local

CVE-2016-6253 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.

Learn more about our User Device Pen Test.