Description: php0t has reported a vulnerability in Sun Java System Messaging Server / iPlanet Messaging Server, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information.
The vulnerability is caused due to the setuid program "pipe_master" reading the msg.conf configuration file using the path specified in the "CONFIGROOT" environment variable. This can be exploited via symlink attacks to disclose the first line of arbitrary files in the returned error message.
Solution: The vendor recommends restricting shell account access on the mail server to trusted users only.
Provided and/or discovered by: php0t
Changelog: 2006-07-05: Updated advisory with additional information.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.