

CA-90:08                       CERT Advisory
                              October 31, 1990
                       IRIX 3.3 & 3.31 /usr/sbin/Mail

---------------------------------------------------------------------------

The CERT/CC has received the following report of a vulnerability in
/usr/sbin/Mail, present only in IRIX 3.3 and 3.3.1.  This information was
provided to the CERT/CC by Robert Stephens, of Silicon Graphics Inc.

----------------------------------------------------------------------------

DESCRIPTION:
/usr/sbin/Mail can fail to reset its group id to the group id of the caller.
 
IMPACT:
Can allow any user logged onto the system to read any other user's
(including root's) mail.

SOLUTION:
A fixed /usr/sbin/Mail binary has been made available for anonymous ftp
from SGI.COM ([192.48.153.1]).  The correct binary can be found at:

	sgi/Mail/Mail

under the ftp directory.

Note that this binary must be installed with the same group (mail) and
permissions (2755) as your existing 3.3 or 3.3.1 /usr/sbin/Mail.

--------------------------------------------------------------------------

CONTACT INFORMATION

For further questions, please contact your Silicon Graphics support center
(Geometry Partners HOTLINE number: (800) 345-0222)

--------------------------------------------------------------------------

Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890

Internet E-mail: cert@cert.org
Telephone: 412-268-7090 24-hour hotline: CERT personnel answer
           7:30a.m.-6:00p.m. EST, on call for
           emergencies other hours.

Past advisories and other information are available for anonymous ftp
from cert.org (192.88.209.5).
