CVE-2002-0129

Name of the Vulnerable Software and Affected Versions efax versions 0.9 and earlier

Description The issue allows local users to read arbitrary files when the software is installed setuid root. This is achieved via the -d option, which prints the contents of the file in a warning message.

Recommendations For efax versions 0.9 and earlier, consider removing the setuid root installation to prevent exploitation until a patch is available. As a temporary workaround, restrict access to the -d option to minimize the risk of arbitrary file reading.