CVE-2002-0469

Name of the Vulnerable Software and Affected Versions Ecartis (formerly Listar) versions 1.0.0 and earlier

Description The issue arises when Ecartis is installed setuid-root, 'lock-to-user' is not set, and it is called by certain MTA's. In such cases, Ecartis does not properly drop privileges, which could allow local users to gain privileges.

Recommendations For Ecartis (formerly Listar) versions 1.0.0 and earlier, consider setting 'lock-to-user' to prevent privilege escalation. Additionally, ensure that Ecartis is not installed setuid-root unless necessary, and restrict its use with certain MTA's to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.