|
|
Info |
Last Modified |
| 7 months ago |
|
|
|
|
Description |
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious attacker bypasses the AUTH_UNIX authentication scheme used by the xfsmd daemon and issues remote procedure calls that mount, unmount, create, delete or modify xfs file systems. This flaw is leveraged to obtain root privileges, resulting in a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Authentication Management
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: disable the daemon.
# killall /usr/etc/xfsmd
# vi /etc/inetd.conf
Look for a line in inetd.conf that looks like this:
sgi_xfsmd/1 stream rpc/tcp wait root ?/usr/etc/xfsmd xfsmd
...and comment it out by putting a "#" at the beginning of the line:
#sgi_xfsmd/1 stream rpc/tcp wait root ?/usr/etc/xfsmd xfsmd
...or simply remove the line from the file.
# killall -HUP inetd
|
|
Products |
|
IRIX
 |
6.5 |
6.5.1 |
6.5.2 |
6.5.3 |
6.5.4 |
6.5.5 |
6.5.6 |
6.5.7 |
6.5.8 |
6.5.9 |
6.5.10 |
6.5.11 |
6.5.12 |
6.5.13 |
6.5.14 |
6.5.15 |
6.5.16 |
6.2 |
6.3 |
6.4 |
|
|
|
|
|
|
Credit |
- Last Stage of Delirium Research Group - contact
 lsd-pl.net - Last Stage of Delirium Research Group
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
