Atstake Security Advisory (updated) - iPlanet's iCal, a multiplatform calendaring server, introduces a number of vulnerabilities to the system in which it is installed on. These vulnerabilities, ranging from poor file permissions to insecure programming practices allow local attackers to obtain root access, and remote attackers to monitor keystrokes. Includes obtain-ics.sh, a simple proof of concept local exploit.
9cb5d1d8417dd354b9437abf1dbd4e8347b3b25d0144afcd99dc883675a69423