tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-11-17