[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : IRIX Visual Admin/User Programs

Title: IRIX Visual Admin/User Programs
Released by: SGI
Date: 16th August 1996
Printable version: Click here
______________________________________________________________________________

                Silicon Graphics Inc. Security Advisory



        Title:   IRIX Visual Admin/User Programs

        Number:  19960801-01-PX

        Date:    August 16, 1996

______________________________________________________________________________



Silicon Graphics provides this information freely to the SGI user community

for its consideration, interpretation, implementation and use.   Silicon

Graphics recommends that this information be acted upon as soon as possible.



Silicon Graphics  will  not  be  liable  for any  indirect, special, or

consequential damages arising from the use of, failure to use or improper

use of any of the instructions or information in this Security Advisory.

______________________________________________________________________________





Several security vulnerabilities have been discovered in the the visual

admin and user tool programs used in the IRIX operating systems versions,

5.2, 5.3, 6.1 and 6.2.  SGI has investigated these issues and recommends

the following steps for neutralizing the exposure.  It is HIGHLY RECOMMENDED

that these measures be implemented on ALL SGI systems running IRIX versions

5.2, 5.3, 6.1 and 6.2.  This issue will be corrected in future releases

of IRIX.





- --------------

- --- Impact ---

- --------------



Provided with the correct network configuration and SGI environment, both

local and remote users may be able to become root on a targeted SGI system.





- ----------------

- --- Solution ---

- ----------------



The solution for this issue is a replacement of the visual user and

administrator programs found in the IRIX operating systems versions

5.2, 5.3, 6.1 and 6.2. The following patches has been generated

for IRIX 5.2, 5.3, 6.1 and 6.2 and are freely provided to the SGI

community.



To determine if the visual admin/user software is installed on a

particular system, the following command can be used:



     % versions desktop_eoe.sw.envm sysadmdesktop.sw.clients

     I = Installed, R = Removed



        Name                 Date      Description



     I  desktop_eoe          02/12/96  IndigoMagic Desktop, 5.3

     I  desktop_eoe.sw       02/12/96  IndigoMagic Desktop, 5.3

     I  desktop_eoe.sw.envm  02/12/96  Desktop



     I  sysadmdesktop        02/12/96  Desktop System Administration, 5.3

     I  sysadmdesktop.sw     02/12/96  Desktop System Administration

                             Software, 5.3

     I  sysadmdesktop.sw.clients  02/12/96  Desktop System Administration

                             Client Software



In the above case, the software of concern is installed and the steps

below should be performed. If no output is returned by the command,

the subsystem is not installed and no further action is required.





desktop_eoe.sw.envm

sysadmdesktop.sw.clients



**** IRIX 3.x, 4.x, and 5.0.x ****



In the IRIX operating systems versions 3.x, 4.x, and 5.0.x,

the user environment and programs are different than the ones

used in later versions of IRIX.  As such versions 3.x, 4.x,

and 5.0.x of IRIX do not have the security vulnerabilities

covered by this document and no further action is required.





**** IRIX 5.1.x ****



IRIX operating system version 5.1.x was a limited release version.

For the IRIX operating system version 5.1.x, an upgrade to 5.2 or

better is required first.  When the upgrade is completed, then the

patches described in the following sections can be applied depending

on the final version of the upgrade.





**** IRIX 5.2 ****



For the IRIX operating system version 5.2, an inst-able patch has been

generated and made available via anonymous FTP and your service/support

provider.  The patch is number 1519 and will install only on IRIX 5.2.



PLEASE NOTE:  Patch 65 is also required in addition to patch 1519.



The SGI anonymous FTP site is sgigate.sgi.com (204.94.209.1) or its

mirror, ftp.sgi.com.   Patches 1519 and 65 can be found in the

following directories on the FTP server:



        ~ftp/Security



                or



        ~ftp/Patches/5.2





                        ##### Checksums ####



The actual patch will be a tar file containing the following files:





Filename:                 patchSG0000065

Algorithm #1 (sum -r):    21651 1 patchSG0000065

Algorithm #2 (sum):       22083 1 patchSG0000065

MD5 checksum:             178E667D663FC87DE606E219439433C0



Filename:                 patchSG0000065.idb

Algorithm #1 (sum -r):    48983 1 patchSG0000065.idb

Algorithm #2 (sum):       36585 1 patchSG0000065.idb

MD5 checksum:             C912C423521A261B42D11CF2E602C18B



Filename:                 patchSG0000065.sgihelp_sw

Algorithm #1 (sum -r):    10479 2415 patchSG0000065.sgihelp_sw

Algorithm #2 (sum):       17168 2415 patchSG0000065.sgihelp_sw

MD5 checksum:             449AA74F1BCEC421945C829DD06F6439



Filename:                 README.patch.1519

Algorithm #1 (sum -r):    64017 8 README.patch.1519

Algorithm #2 (sum):       52961 8 README.patch.1519

MD5 checksum:             93E89D3AC06665B98E250C0B8A809ADA



Filename:                 patchSG0001519

Algorithm #1 (sum -r):    55758 2 patchSG0001519

Algorithm #2 (sum):       57617 2 patchSG0001519

MD5 checksum:             235727BDC4FAE2DC1897FF8DDA954F6C



Filename:                 patchSG0001519.desktop_eoe_sw

Algorithm #1 (sum -r):    31206 82 patchSG0001519.desktop_eoe_sw

Algorithm #2 (sum):       65374 82 patchSG0001519.desktop_eoe_sw

MD5 checksum:             BA9708E74288AFBB004E08CE7D7A0DCC



Filename:                 patchSG0001519.idb

Algorithm #1 (sum -r):    12780 8 patchSG0001519.idb

Algorithm #2 (sum):       53831 8 patchSG0001519.idb

MD5 checksum:             5904CF1725C9844FB02B31BB3D02091C



Filename:                 patchSG0001519.sysadmdesktop_sw

Algorithm #1 (sum -r):    01731 1687 patchSG0001519.sysadmdesktop_sw

Algorithm #2 (sum):       33557 1687 patchSG0001519.sysadmdesktop_sw

MD5 checksum:             6C18E62ABB312D2EDF503926BBDFAEB3





**** IRIX 5.3 ****



For the IRIX operating system version 5.3, an inst-able patch has been

generated and made available via anonymous FTP and your service/support

provider.  The patch is number 1518 and will install only on IRIX 5.3.



The SGI anonymous FTP site is sgigate.sgi.com (204.94.209.1) or its

mirror, ftp.sgi.com.   Patch 1518 can be found in the following

directories on the FTP server:



        ~ftp/Security



                or



        ~ftp/Patches/5.3





                        ##### Checksums ####



The actual patch will be a tar file containing the following files:





Filename:                 README.patch.1518

Algorithm #1 (sum -r):    33249 9 README.patch.1518

Algorithm #2 (sum):       338 9 README.patch.1518

MD5 checksum:             36D6B612F49DD8E109025A6AD41F2DB5



Filename:                 patchSG0001518

Algorithm #1 (sum -r):    53993 3 patchSG0001518

Algorithm #2 (sum):       22622 3 patchSG0001518

MD5 checksum:             1ADB33B26E86BF5BAE1D65C5B8BB4632



Filename:                 patchSG0001518.desktop_eoe_sw

Algorithm #1 (sum -r):    21022 101 patchSG0001518.desktop_eoe_sw

Algorithm #2 (sum):       55961 101 patchSG0001518.desktop_eoe_sw

MD5 checksum:             30EF63B7BA40E144F75ECD808E3BB5C6



Filename:                 patchSG0001518.idb

Algorithm #1 (sum -r):    16394 11 patchSG0001518.idb

Algorithm #2 (sum):       25741 11 patchSG0001518.idb

MD5 checksum:             A34F1D7B24F9AECCF7AF91187F16909F



Filename:                 patchSG0001518.sysadmdesktop_sw

Algorithm #1 (sum -r):    37847 2879 patchSG0001518.sysadmdesktop_sw

Algorithm #2 (sum):       39927 2879 patchSG0001518.sysadmdesktop_sw

MD5 checksum:             0A6B5C8446748AAF9C4BD464723F22C2





**** IRIX 6.0.x ****



IRIX operating system version 6.0.x was a limited release version.

For the IRIX operating system version 6.0.x an upgrade to 6.1 or

better is required first.  When the upgrade is completed, then

the patches described in the following sections can be applied

depending on the final version of the upgrade.





**** IRIX 6.1 ****



For the IRIX operating system version 6.1, an inst-able patch has been

generated and made available via anonymous FTP and your service/support

provider.  The patch is number 1517 and will install only on IRIX 6.1.



The SGI anonymous FTP site is sgigate.sgi.com (204.94.209.1) or its

mirror, ftp.sgi.com.   Patch 1517 can be found in the following

directories on the FTP server:



        ~ftp/Security



                or



        ~ftp/Patches/6.1





                        ##### Checksums ####



The actual patch will be a tar file containing the following files:





Filename:                 README.patch.1517

Algorithm #1 (sum -r):    34233 8 README.patch.1517

Algorithm #2 (sum):       52976 8 README.patch.1517

MD5 checksum:             7207358CF3D3854F4B4964853CF9CF9B



Filename:                 patchSG0001517

Algorithm #1 (sum -r):    22553 2 patchSG0001517

Algorithm #2 (sum):       65216 2 patchSG0001517

MD5 checksum:             C1461193D43BB591F56337673A21E264



Filename:                 patchSG0001517.desktop_eoe_sw

Algorithm #1 (sum -r):    26837 101 patchSG0001517.desktop_eoe_sw

Algorithm #2 (sum):       10036 101 patchSG0001517.desktop_eoe_sw

MD5 checksum:             B277610280445E4B14EB5925B42DBA05



Filename:                 patchSG0001517.idb

Algorithm #1 (sum -r):    64386 11 patchSG0001517.idb

Algorithm #2 (sum):       25466 11 patchSG0001517.idb

MD5 checksum:             261C1DA015BB251A833E6C633FEC537C



Filename:                 patchSG0001517.sysadmdesktop_sw

Algorithm #1 (sum -r):    15159 2860 patchSG0001517.sysadmdesktop_sw

Algorithm #2 (sum):       59057 2860 patchSG0001517.sysadmdesktop_sw

MD5 checksum:             6149BFE3C6A26316BD2BD37DD89E9AD2







**** IRIX 6.2 ****



For the IRIX operating system version 6.2, an inst-able patch has been

generated and made available via anonymous FTP and your service/support

provider.  The patch is number 1516 and will install only on IRIX 6.2.



The SGI anonymous FTP site is sgigate.sgi.com (204.94.209.1) or its

mirror, ftp.sgi.com.   Patch 1516 can be found in the following

directories on the FTP server:



        ~ftp/Security



                or



        ~ftp/Patches/6.2





                        ##### Checksums ####



The actual patch will be a tar file containing the following files:





Filename:                 README.patch.1516

Algorithm #1 (sum -r):    35151 8 README.patch.1516

Algorithm #2 (sum):       52984 8 README.patch.1516

MD5 checksum:             3CDCA2674C7AB2A8EC18CDFD37C3FBC3



Filename:                 patchSG0001516

Algorithm #1 (sum -r):    35036 2 patchSG0001516

Algorithm #2 (sum):       5041 2 patchSG0001516

MD5 checksum:             2E7B95E866E6D948C0F5A061201EA28D



Filename:                 patchSG0001516.desktop_eoe_sw

Algorithm #1 (sum -r):    43836 100 patchSG0001516.desktop_eoe_sw

Algorithm #2 (sum):       17346 100 patchSG0001516.desktop_eoe_sw

MD5 checksum:             BCC29CC468C1848908A683E641CFFB38



Filename:                 patchSG0001516.idb

Algorithm #1 (sum -r):    08987 11 patchSG0001516.idb

Algorithm #2 (sum):       25696 11 patchSG0001516.idb

MD5 checksum:             93BCFCB015BA81D0E3B0FDDA7D9D69C9



Filename:                 patchSG0001516.sysadmdesktop_sw

Algorithm #1 (sum -r):    41089 2887 patchSG0001516.sysadmdesktop_sw

Algorithm #2 (sum):       30127 2887 patchSG0001516.sysadmdesktop_sw

MD5 checksum:             BB84B9065C6A678A821920BEC17D2506









- ------------------------

- --- Acknowledgments ---

- ------------------------



Silicon Graphics wishes to thank Paul Walmsley, FIRST members and

CERT organizations worldwide for their assistance in this matter.







- -----------------------------------------

- --- SGI Security Information/Contacts ---

- -----------------------------------------



Past SGI Advisories and security patches can be obtained via

anonymous FTP from sgigate.sgi.com or its mirror, ftp.sgi.com.

These security patches and advisories are provided freely to

all interested parties.   For issues with the patches on the

FTP sites, email can be sent to cse-security-alert@csd.sgi.com.



For assistance obtaining or working with security patches, please

contact your SGI support provider.



If there are questions about this document, email can be sent to

cse-security-alert@csd.sgi.com.



Silicon Graphics provides a free security mailing list service. The

wiretap service allows interested parties to self-subscribe to receive

(via email) all SGI Security Advisories when released.



     mail wiretap-request@sgi.com



     [BODY of

             "subscribe wiretap YourEmailAddress"

             "end"

     ]



For reporting *NEW* SGI security issues, email can be sent to

security-alert@sgi.com or contact your SGI support provider.  A

support contract is not required for submitting a security report.










(C) 1999-2000 All rights reserved.