|
|
Home : Advisories : SGI "IRIX" /usr/sbin/fmt Vulnerability
| Title: |
SGI "IRIX" /usr/sbin/fmt Vulnerability |
| Released by: |
CERT |
| Date: |
26th August 1991 |
| Printable version: |
Click here |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
CA-91:14
Last Revised: September 18,1997
Attached copyright statement
CERT Advisory
August 26, 1991
SGI "IRIX" /usr/sbin/fmt Vulnerability
- ---------------------------------------------------------------------------
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
received information concerning a vulnerability of mail messages in Silicon
Graphics Computer Systems' IRIX versions prior to 4.0 (this includes all
3.2 and 3.3.* versions). This problem has been fixed in version 4.0.
Information regarding the exploitation of this vulnerability is inherently
disclosed by any discussion of the problem (including this Advisory) so
we recommend taking immediate action. Until you are able to apply the patch,
mail at your site is vulnerable to being read by any ordinary user logged
in at that site.
Silicon Graphics has provided the enclosed patch instructions.
- ---------------------------------------------------------------------------
I. DESCRIPTION:
A vulnerability exists such that IRIX pre-4.0 (e.g., 3.3.3) systems
with the basic system software ("eoe1.sw.unix") installed can allow
unauthorized read access to users' mail messages, by exploiting a
configuration error in a standard system utility. Due to the ease
of exploiting this vulnerability and the simplicity of the corrective
action, the CERT/CC urges all sites to install the patch given below.
II. IMPACT:
Anyone who can log in on a given IRIX pre-4.0 (3.2, 3.3, 3.3.*) system
can read mail messages which have been delivered to any other user on
that same system.
III. SOLUTION:
As "root", execute the following commands:
chmod 755 /usr/sbin/fmt
chown root.sys /usr/sbin/fmt
If system software should ever be reloaded from a 3.2 or 3.3.*
installation tape or from a backup tape created before the patch
was applied, repeat the above procedure immediately after the software
has been reloaded, before enabling logins by normal users.
[Fixed in IRIX 4.0.]
- ---------------------------------------------------------------------------
The CERT/CC would like to thank Silicon Graphics for bringing this
vulnerability and solution to our attention.
- ---------------------------------------------------------------------------
If you believe that your system has been compromised, contact CERT/CC via
telephone or e-mail.
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Internet E-mail: cert@cert.org
Telephone: 412-268-7090 24-hour hotline:
CERT/CC personnel answer 7:30a.m.-6:00p.m. EST,
on call for emergencies during other hours.
Past advisories and other computer security related information are available
for anonymous ftp from the cert.org (192.88.209.5) system.
- ----------------------------------------------------------------------------
Copyright 1991 Carnegie Mellon University. Conditions for use, disclaimers,
and sponsorship information can be found in
http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .
If you do not have FTP or web access, send mail to cert@cert.org with
"copyright" in the subject line.
CERT is registered in the U.S. Patent and Trademark Office.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Revision History
September 18,1997 Attached Copyright Statement
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQA/AwUBOBS9PVr9kb5qlZHQEQJQvwCg60klWMhrdNziSKTjPz/Wpjj5ClkAn3TT
jQsLcpYF1D3KyxIGxxAutxlj
=Uw9v
-----END PGP SIGNATURE-----
|
