Title: IBM 7094 CTSS System Text Editor Multiple Instance Password File Local Disclosure
Multics CTSS on IBM 7094 contains a flaw that may disclose the contents of the password file. The issue occured when multiple instances of the system text editor were invoked, causing the editor to create temporary files with a constant name. This would unexplicably cause the contents of the system CTSS password file to display to any user logging into the system.
Local Access Required
Loss of Confidentiality
The vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.