April 10, 2001

Security advisory to mailx

Author: JT Smith

At LWN.net: A buffer overflow in mailx allows a local user to gain access to the
mail group.

Debian resolved this problem by no longer shipping mailx setgid mail.
Progeny has decided to use Debian's fix. This means that on mail
systems that do not have world writable mail spools one will not be
able to properly lock one's mailbox.


  • Linux
Click Here!