A fix is available
APAR status
Closed as program error.
Error description
Bellmail binary is vulnerable to a privilege escalation security vulnerability. When saving mail using 's' subcommand of bellmail, a user is allowed to write to a system file.
Local fix
Problem summary
Bellmail binary is vulnerable to a privilege escalation security vulnerability. When saving mail using 's' subcommand of bellmail, a user is allowed to write to a system file.
Problem conclusion
Drop the root privilege before saving mail.
Temporary fix
Comments
APAR Information
APAR number
IV91010
Reported component name
AIX V7.2
Reported component ID
5765CD200
Reported release
720
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Submitted date
2016-11-24
Closed date
2016-12-08
Last modified date
2017-04-11
APAR is sysrouted FROM one or more of the following:
IV91005
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
AIX V7.2
Fixed component ID
5765CD200
Applicable component levels
R720 PSY U873971
UP17/04/10 I 1000
PTF to Fileset Mapping
U873971 bos.net.tcp.client_core 7.2.0.3
U873971 bos.net.tcp.client_core 7.2.0.3
[{"Business Unit":{"code":"BU070","label":"IBM Infrastructure"},"Product":{"code":"SSVEF8","label":"AIX 7.2 Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"720","Edition":"","Line of Business":{"code":"LOB68","label":"Power HW"}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SG11S","label":"AIX 7.2 HIPERS, APARs and Fixes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"720","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Document Information
Modified date:
10 September 2025