Hi,
there is a symlink problem in the popauth utility, which is part of the
qpoper package. The binary is often istalled suid pop and follows
symlinks in the -trace file option.
This problem has been reported to vendors in June 2001.
Impact: in case of suid popauth and valid shell for user pop, the
attached script will create suid-pop shell, if someone su to pop. This
may happen as a part of some automated check script (startup script).
This vulnerability is not very crucial, however it should be reported at
least once.
/ih
mkbs2.sh
