Info

Disclosure

Jun 16, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

IRIX contains a flaw that may allow a local denial of service. The issue is triggered when a mapelf32exec() call is made on a malicious binary, and will result in loss of availability for the platform.

Classification

Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Disclosure: OSVDB Verified

Solution

Upgrade to version 6.5.25 or higher, as it has been reported to fix this vulnerability. In addition, Silicon Graphics, Inc. has released patches for some older versions.

Products

Silicon Graphics, Inc.	IRIX	6.5.20m
		6.5.20f
		6.5.21m
		6.5.21f
		6.5.22
		6.5.23
		6.5.24

References

Bugtraq ID: 10547
Secunia Advisory ID: 11872
ISS X-Force ID: 16416
CVE ID: 2004-0136 (see also: NVD)
Related OSVDB ID: 7122 7124
Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20040601-01-P.asc

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/7123