CA-90:08                       CERT Advisory
                              October 31, 1990
                       IRIX 3.3 & 3.31 /usr/sbin/Mail

- ---------------------------------------------------------------------------

The CERT/CC has received the following report of a vulnerability in
/usr/sbin/Mail, present only in IRIX 3.3 and 3.3.1.  This information was
provided to the CERT/CC by Robert Stephens, of Silicon Graphics Inc.

- ----------------------------------------------------------------------------

DESCRIPTION:
/usr/sbin/Mail can fail to reset its group id to the group id of the caller.
 
IMPACT:
Can allow any user logged onto the system to read any other user's
(including root's) mail.

SOLUTION:
A fixed /usr/sbin/Mail binary has been made available for anonymous ftp
from SGI.COM ([192.48.153.1]).  The correct binary can be found at:

	sgi/Mail/Mail

under the ftp directory.

Note that this binary must be installed with the same group (mail) and
permissions (2755) as your existing 3.3 or 3.3.1 /usr/sbin/Mail.

- --------------------------------------------------------------------------

CONTACT INFORMATION

For further questions, please contact your Silicon Graphics support center
(Geometry Partners HOTLINE number: (800) 345-0222)

- --------------------------------------------------------------------------

Dan Farmer
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890

Internet E-mail: cert@cert.sei.cmu.edu
Telephone: 412-268-7090 24-hour hotline: CERT personnel answer
           7:30a.m.-6:00p.m. EST, on call for
           emergencies other hours.

Past advisories and other information are available for anonymous ftp
from cert.sei.cmu.edu (128.237.253.5).

------- End of Forwarded Message