Info

Disclosure

Apr 01, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

IRIX ftpd contains a flaw related to the ftp_syslog() function with anonymous FTP that may allow an attacker to avoid having actions logged. No further details have been provided.

Classification

Location: Remote/Network Access Required
Attack Type: Other
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, SGI has released a patch to address this vulnerability.

Products

SGI	IRIX	6.5.20
		6.5.21
		6.5.22
		6.5.23

References

Bugtraq ID: 10038
Secunia Advisory ID: 11282
ISS X-Force ID: 15724
Related OSVDB ID: 16895 16896
CVE ID: 2004-1891 (see also: NVD)
Vendor Specific Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20040401-01-P.asc

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218