• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
  • BUGTRAQ:19990912 elm filter program
  • BUGTRAQ:19951226 filter (elm package) security hole
  • XF:elm-filter2
Date Entry Created
19990607 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20000106-01)
Votes (Legacy)
ACCEPT(7) Armstrong, Bishop, Blake, Cole, Landfield, Shostack, Wall
MODIFY(2) Baker, Frech
NOOP(3) Christey, Northcutt, Ozancin
Comments (Legacy)
 Frech> XF:elm-filter2
 CHANGE> [Wall changed vote from NOOP to ACCEPT]
 Landfield> with Frech modifications
 Baker> ADD REF	Official Advisory
 Christey> The correct URL is
   Need to make sure that this CERT advisory describes the right
   problem, especially since the CERT advisory is dated December
   18, 1995 and the original Bugtraq post was December 26, 1995.
 Christey> BID:1802
   BID:1802 doesn't include the 1999 posting - does Security
   Focus think that the 1999 post describes a different
 Christey> XF:elm-filter2 isn't on the X-Force web site.  How about XF:elm-filter(402) ?
   Its references point to the December 26, 1995 BUgtraq post.
   Also consider CIAC:G-36 and CERT:VB-95:10
 Frech> DELREF:XF:elm-filter2(711)

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.