CERTVU:446864Sun Solaris mailx contains buffer overflow via -F option
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
19.7%
Overview
A buffer overflow in the mailx program on Solaris systems can allow an intruder to execute code with the privileges of the mail group.
Description
A buffer overflow in the -F option of the mailx program on Solaris systems may allow an intruder to execute code with the privileges of the group of the owner of the file (i.e. mailx is setgid mail). An exploit is publicly available that reportedly works against Solaris on Intel systems.
Impact
A local intruder can execute code with the privileges of the mail group.
Solution
We are currently unaware of any patches to fix the buffer overflow.
Until a patch can be developed, remove the setgid bit from the mailx program.
Vendor Information
Javascript is disabled. Click here to view vendors.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was discovered by Pablo Sor, Buenos Aires, Argentina,and documented with the aid of the Security Focus Vulnerability Help Team.
This document was written by Shawn V. Hernan
Other Information
| CVE IDs: | CVE-2001-0565 |
|---|---|
| Severity Metric: | 14.55 Date Public: |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
19.7%