IRIX contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user causes any program on the system to open a specially crafted file, and will result in a system hang and possible loss of availability for the platform.
Classification
Location:
Local Access Required
Attack Type:
Denial of Service,
Input Manipulation
Impact:
Loss of Availability
Exploit:
Exploit Unknown
Disclosure:
OSVDB Verified
Technical
This vulnerability affects the feature release (an 'f' after the version number) and the maintenance release (an 'm' after the version number) on version 6.5.10 and version 6.5.11.
Solution
Upgrade to version 6.5.12 or higher, as it has been reported to fix this vulnerability. Should you be one of the lucky few running 6.5.10m, 6.5.10f or 6.5.11f, the gods have smiled upon you. IRIX has released patches for those versions.
zlo.nu -