CVE-1999-0380 - Unrepresented Bi sexual

Description

SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user’s Finger File to point to the target file then running finger on the user.

Reference

http://www.securityfocus.com/bid/497 http://marc.info/?l=ntbugtraq&m=91999015212415&w=2 http://marc.info/?l=bugtraq&m=91996412724720&w=2 http://marc.info/?l=ntbugtraq&m=92110501504997&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/5392