Category
Security
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Bug Id
4705717
Date of Resolved Release11-FEB-2003
Impact
Unprivileged local users with access to a mail server may be able to read the e-mail of other users due to a security vulnerability in mail(1).
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 2.6 without patch 109266-05
-
Solaris 7 without patch 109253-07
-
Solaris 8 without patch 111874-06
-
Solaris 9 without patch 114133-01
x86 Platform
-
Solaris 2.6 without patch 109267-05
-
Solaris 7 without patch 109254-07
-
Solaris 8 without patch 111875-06
-
Solaris 9 without patch 114134-01
Note: Solaris 2.5.1 will not be evaluated regarding a potential impact of the issue described in this Sun Alert document.
Symptoms
There are no symptoms that would show the described problem has been exploited to read other users' mail.
Workaround
There is no workaround. Please see the "Resolution" section below.
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 2.6 with patch 109266-05 or later
-
Solaris 7 with patch 109253-07 or later
-
Solaris 8 with patch 111874-06 or later
-
Solaris 9 with patch 114133-01 or later
x86 Platform
-
Solaris 2.6 with patch 109267-05 or later
-
Solaris 7 with patch 109254-07 or later
-
Solaris 8 with patch 111875-06 or later
-
Solaris 9 with patch 114134-01 or later
Modification History
References
109266-05
109253-07
111874-06
114133-01
109267-05
109254-07
111875-06
114134-01
AttachmentsThis solution has no attachment