Info

Disclosure

Nov 28, 1996

Discovery

Unknown

Dates

Exploit

Nov 28, 1996

Solution

Unknown

Description

IRIX contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the fsdump program creating files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Remove the setuid bit on the fsdump program or to remove the rfindd subsystem.

Products

Silicon Graphics, Inc.	IRIX	5.x
		6.0
		6.0.1
		6.1
		6.2

References

CVE ID: 1999-0044 (see also: NVD)
ISS X-Force ID: 2106
Bugtraq ID: 355
Vendor Specific Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/19970301-01-P
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1996_4/0309.html
Vendor URL: http://www.sgi.com

Credit

Jaechul Choe - poisoncosmos.kaist.ac.kr -
Yuri Volobuev - volobuevt1.chem.umn.edu -
Chris Sheldon - cshviewgraphics.com -

Direct URL: http://osvdb.org/984

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Silicon Graphics, Inc.

IRIX

References

Credit