Solaris /usr/bin/mail -m Local Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Solaris /usr/bin/mail -m Local Buffer Overflow Vulnerability

Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

In the mean time turn off the setgid bit from the '/usr/bin/mail' executable.