NeXT 1.0a is a now-archaic operating system used in the past for various applications and workstations. The vulnerability allows local users to gain root privileges by exploiting a flaw in the restore0.9 installation script, which was designed to simplify the process of setting up NeXT systems.
You're affected if you use NeXT 1.0a. This is an older operating system, so if you don't recognise the name, you're probably not affected. Version info: Not specified in the advisory. Check with your IT department or historical records to confirm your system's version.
Contact a vendor or a historian of NeXT systems for assistance, as there are no publicly available patches for this vulnerability.
Immediate mitigations:
- Ensure that your system is not still running NeXT 1.0a, as it has been largely obsolete for decades.
- If you must use an older system, consider using virtualization software to isolate the vulnerable system from other systems.