C-Note-01-001: Multiple Vulnerabilities in iCal 2.1 - 10/17/01

iPlanet's iCal, a multiplatform calendaring server, introduces a number of vulnerabilities. The vulnerabilities range from poor file permissions to insecure programming practices. These vulnerabilities allow local attackers to obtain root access as well as monitor keystrokes.
For more information, please refer to: http://www.atstake.com/research/advisories/2000/a100900-1.txt