Design, Implementation and Support of communication technologies of all types, from PSTN, ISDN and ADSL through to Frame relay and VPN tunnels. | IRIX /usr/sbin/Mail Arbitrary Mail Spool Access |
| Wednesday, 31 October 1990 | |
|
IRIX contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when usr/sbin/Mail fails to reset its group ID to the group ID of the caller, which will allow a malicious user to read the mail of other users, as well as that of the root user, resulting in a loss of confidentiality. Read more... |