• info
• discussion
• exploit
• solution
• references

Multiple Vendor mailx Vulnerability

Solution:
Patches should be applied. A suitable short term solution is to remove the setgid or setuid bit, if present.

Redhat:
rpm -Uvh ftp://ftp.redhat.com/updates/5.1/i386/mailx-8.1.1-3.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/5.1/alpha/mailx-8.1.1-3.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/5.1/sparc/mailx-8.1.1-3.sparc.rpm

rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/mailx-8.1.1-3.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/mailx-8.1.1-3.alpha.rpm

rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/mailx-8.1.1-0.2.i386.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/mailx-8.1.1-0.2.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/mailx-8.1.1-0.2.sparc.rpm

Slackware:

ftp://ftp.cdrom.com/pub/linux/slackware/slakware/n3/mailx.tgz
ftp://ftp.cdrom.com/pub/linux/slackware/source/n/mailx/mailx-overflow.diff.gz

SGI
OS Version Vulnerable? Patch # Other Actions
IRIX 3.x yes not avail Note 1, 2 & 3
IRIX 4.x yes not avail Note 1, 2 & 3
IRIX 5.0.x yes not avail Note 1, 2 & 3
IRIX 5.1.x yes not avail Note 1, 2 & 3
IRIX 5.2 yes not avail Note 1, 2 & 3
IRIX 5.3 yes 3347
IRIX 6.0.x yes not avail Note 1, 2 & 3
IRIX 6.1 yes not avail Note 1, 2 & 3
IRIX 6.2 yes 3348
IRIX 6.3 yes 3394
IRIX 6.4 yes 3394
IRIX 6.5 yes not avail Note 4
IRIX 6.5.1m yes 3393 Note 5

NOTES:

1) Upgrade to currently supported IRIX operating system.
2) Chage permissions.
3) Unsupported by SGI, "freeware" sendmail distributions can be
found at http://www.sendmail.org/
4) For IRIX 6.5, you must first install IRIX 6.5.1 Maintenance
Release and then install patch 3393. If you have not
received an IRIX 6.5.1m CD for IRIX 6.5, contact your SGI
Support Provider or download the Maintenance Release from
http://support.sgi.com/
5) Patchsets have been replaced with quarterly Maintenance
Releases Streams starting with IRIX 6.5. Information about
Maintenance Release Streams can be found in the IRIX 6.5
Technical Brief at: http://www.sgi.com/software/irix6.5/

Sun patches are available at Sunsolve Online, http://sunsolve.sun.com