Info

Disclosure

Mar 14, 1995

Discovery

Unknown

Dates

Exploit

Mar 14, 1995

Solution

Unknown

Description

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user disables xauthority and connects to the display using shm:0. This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Misconfiguration
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Disable the use of the shared memory transport, by adding the -shmnumclients 0 option to the X invocation in /usr/lib/X11/xdm/Xservers (see the Xsgi man page).

Products

Silicon Graphics, Inc.	IRIX	5.2
		5.3

References

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1995_1/0673.html

Credit

Paul Danckaert - pauldumbc.edu -

Direct URL: http://osvdb.org/293

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Silicon Graphics, Inc.

IRIX

References

Credit