The SGI Mail vulnerability is a local privilege escalation issue in the /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 software. This allows local users to read the mail of other users, potentially leading to unauthorized access to sensitive information.
The SGI Mail vulnerability is a local privilege escalation issue in the /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 software. This allows local users to read the mail of other users, potentially leading to unauthorized access to sensitive information.
You're affected if you use SGI Mail version 3.3 or 3.3.1 on an SGI IRIX system. To check if your system is vulnerable, run the following command:
ls -l /usr/sbin/Mail
Note that this vulnerability is specific to SGI Mail and not related to other mail clients.
To fix this vulnerability, apply the patch from the CERT advisory: http://www.cert.org/advisories/CA-1990-08.html. Alternatively, you can use the following immediate mitigations:
# Restrict access to /usr/sbin/Mail
chmod 755 /usr/sbin/Mail