Title: BSD mail Mail Append Arbitrary File Modification
BSD contains a flaw that may allow a malicious local user to modify arbitrary files on the system. The issue is triggered when a malicious user mails himself a root passwd entry that /usr/ucb/mail will append to /etc/passwd, resulting in a loss of integrity.
Local Access Required
Loss of Integrity
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.