|
|
Home : Advisories : Silicon Graphics Computer Systems "IRIX" lp Vulner
| Title: |
Silicon Graphics Computer Systems "IRIX" lp Vulner |
| Released by: |
CERT |
| Date: |
10th April 1992 |
| Printable version: |
Click here |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================================
CA-92:08
Last Revised: September 19,1997
Attached copyright statement
CERT Advisory
April 10, 1992
Silicon Graphics Computer Systems "IRIX" lp Vulnerability
- ---------------------------------------------------------------------------
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
received information concerning a method of unauthorized root access
in the lp software in Silicon Graphics Computer Systems (SGI) IRIX
operating systems. This vulnerability is present in all current
versions of IRIX.
Silicon Graphics Computer Systems and the CERT/CC strongly recommend
that sites take immediate action to eliminate this vulnerability from
their systems.
This vulnerability will be fixed in IRIX 4.0.5 and is NOT present in any
version of the Trusted IRIX/B product.
- ---------------------------------------------------------------------------
I. Description
When IRIX pre-4.0.5 systems are installed or updated using either
the basic system software ("eoe1.sw.unix") or the system manager
software ("eoe2.sw.vadmin") media, a vulnerability is introduced
in the lp software.
II. Impact
Any user logged into the system can gain root access.
III. Solution
As root, execute the following commands:
# cd /usr/lib
# chmod a-s,go-w lpshut lpmove accept reject lpadmin
# chmod go-ws lpsched vadmin/serial_ports vadmin/users vadmin/disks
# cd /usr/bin
# chmod a-s,go-w disable enable
# chmod go-ws cancel lp lpstat
If the eoe2.sw.vadmin software is not installed, you may
ignore any warning messages from chmod such as:
"chmod: WARNING: can't access vadmin/serial_ports"
If system software should ever be reinstalled from pre-4.0.5
media or restored from a backup tape created before the patch was
applied, repeat the above procedure before enabling logins by
normal users.
- ---------------------------------------------------------------------------
The CERT/CC would like to thank Silicon Graphics Computer Systems for
bringing this security vulnerability to our attention and for their quick
response to this problem.
- ---------------------------------------------------------------------------
If you believe that your system has been compromised, contact CERT/CC or
your representative in FIRST (Forum of Incident Response and Security Teams).
Internet E-mail: cert@cert.org
Telephone: 412-268-7090 (24-hour hotline)
CERT/CC personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4),
on call for emergencies during other hours.
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Past advisories, information about FIRST representatives, and other
information related to computer security are available for anonymous ftp
from cert.org (192.88.209.5).
- ------------------------------------------------------------------------------
Copyright 1992 Carnegie Mellon University. Conditions for use, disclaimers,
and sponsorship information can be found in
http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .
If you do not have FTP or web access, send mail to cert@cert.org with
"copyright" in the subject line.
CERT is registered in the U.S. Patent and Trademark Office.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Revision History:
September 19,1997 Attached Copyright Statement
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQA+AwUBOBS+aVr9kb5qlZHQEQKsQQCg3+XIy6AaS7eA/5OAxESp2RAuxxcAl2LU
m1iqyt2HlXxOrV5rx7s7ihk=
=iyGI
-----END PGP SIGNATURE-----
|
