VULHUB ™

mailx is a Mail User Agent distributed with most UNIX Operating Systems. A problem exists with the implementation of mailx distributed with Solaris. The problem involves lockfiles in the /var/mail directory. By default, the /var/mail directory is world writable as deployed with the Solaris Operating Environment. When a file is created in the /var/mail directory using the extension $LOGNAME.lock, it is possible to deny service to a legitimate user of mailx if the $LOGNAME.lock file is not removable by the mailx user. This problem makes it possible for a user with malicious intent to deny service to any user of mailx.

mailx is a Mail User Agent distributed with most UNIX Operating Systems. A problem exists with the implementation of mailx distributed with Solaris. The problem involves lockfiles in the /var/mail directory. By default, the /var/mail directory is world writable as deployed with the Solaris Operating Environment. When a file is created in the /var/mail directory using the extension $LOGNAME.lock, it is possible to deny service to a legitimate user of mailx if the $LOGNAME.lock file is not removable by the mailx user. This problem makes it possible for a user with malicious intent to deny service to any user of mailx.