CVE-2000-1074

Name of the Vulnerable Software and Affected Versions iCal version 2.1 Patch 2

Description The issue concerns the csstart program in the specified version of iCal, which uses relative pathnames to install certain libraries. This could potentially allow the icsuser account to gain root privileges by creating a malicious library in the current or parent directory.

Recommendations For iCal version 2.1 Patch 2, consider restricting the privileges of the icsuser account to prevent potential exploitation, and ensure that all library installations use absolute pathnames to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.