Vulnerability

    in.comsat

Affected

    Solaris 8

Description

    Robert Weber found  following.  In  solaris 8, sun  eliminated the
    wtmp/utmp with  the improved  wtmpx/utmpx.   In the  update of all
    programs  that  read  these  someone  missed a "char tty[20]" that
    stores a utmpx-->ut_line[32].   When pty's start  getting high  in
    number comsat dumps core.

    Well we are not good enough to somehow put a bad pty in the  utmpx
    and somehow use  the extra 12  chars for an  exploit but we  think
    it's shotty work.

Solution

    You can use xbiff or a better mail program, It is the 21st century
    and all that.