Ecartis/Listar Insecure Privilege Dropping Vulnerability

Ecartis is the new name for the Listar software product. Listar is a mailing list management package for Linux, BSD, and other Unix like operating systems.

It has been reported that under some circumstances, Ecartis does not properly drop privileges. Specifically, this may happen when Ecartis is called by a non-root user. If additional Ecartis vulnerability exists, exploitation may result in consequences beyond those available to the non-privileged Ecartis user.


Privacy Statement
Copyright 2010, SecurityFocus