92 lines
3.3 KiB
Plaintext
92 lines
3.3 KiB
Plaintext
|
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|
|
|
===========================================================================
|
|
CA-92:08 CERT Advisory
|
|
April 10, 1992
|
|
Silicon Graphics Computer Systems "IRIX" lp Vulnerability
|
|
|
|
- ---------------------------------------------------------------------------
|
|
|
|
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
|
|
received information concerning a method of unauthorized root access
|
|
in the lp software in Silicon Graphics Computer Systems (SGI) IRIX
|
|
operating systems. This vulnerability is present in all current
|
|
versions of IRIX.
|
|
|
|
Silicon Graphics Computer Systems and the CERT/CC strongly recommend
|
|
that sites take immediate action to eliminate this vulnerability from
|
|
their systems.
|
|
|
|
This vulnerability will be fixed in IRIX 4.0.5 and is NOT present in any
|
|
version of the Trusted IRIX/B product.
|
|
|
|
- ---------------------------------------------------------------------------
|
|
|
|
I. Description
|
|
|
|
When IRIX pre-4.0.5 systems are installed or updated using either
|
|
the basic system software ("eoe1.sw.unix") or the system manager
|
|
software ("eoe2.sw.vadmin") media, a vulnerability is introduced
|
|
in the lp software.
|
|
|
|
II. Impact
|
|
|
|
Any user logged into the system can gain root access.
|
|
|
|
III. Solution
|
|
|
|
As root, execute the following commands:
|
|
|
|
# cd /usr/lib
|
|
# chmod a-s,go-w lpshut lpmove accept reject lpadmin
|
|
# chmod go-ws lpsched vadmin/serial_ports vadmin/users vadmin/disks
|
|
# cd /usr/bin
|
|
# chmod a-s,go-w disable enable
|
|
# chmod go-ws cancel lp lpstat
|
|
|
|
If the eoe2.sw.vadmin software is not installed, you may
|
|
ignore any warning messages from chmod such as:
|
|
|
|
"chmod: WARNING: can't access vadmin/serial_ports"
|
|
|
|
If system software should ever be reinstalled from pre-4.0.5
|
|
media or restored from a backup tape created before the patch was
|
|
applied, repeat the above procedure before enabling logins by
|
|
normal users.
|
|
|
|
- ---------------------------------------------------------------------------
|
|
The CERT/CC would like to thank Silicon Graphics Computer Systems for
|
|
bringing this security vulnerability to our attention and for their quick
|
|
response to this problem.
|
|
- ---------------------------------------------------------------------------
|
|
|
|
If you believe that your system has been compromised, contact CERT/CC or
|
|
your representative in FIRST (Forum of Incident Response and Security Teams).
|
|
|
|
Internet E-mail: cert@cert.org
|
|
Telephone: 412-268-7090 (24-hour hotline)
|
|
CERT/CC personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4),
|
|
on call for emergencies during other hours.
|
|
|
|
Computer Emergency Response Team/Coordination Center (CERT/CC)
|
|
Software Engineering Institute
|
|
Carnegie Mellon University
|
|
Pittsburgh, PA 15213-3890
|
|
|
|
Past advisories, information about FIRST representatives, and other
|
|
information related to computer security are available for anonymous ftp
|
|
from cert.org (192.88.209.5).
|
|
|
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: 2.6.2
|
|
|
|
iQCVAwUBMaMw8nVP+x0t4w7BAQF9xwQA0YGTb7oSvoEFtGEYX1gqZdDNX2N+3k8c
|
|
2vPle9JmuYwfvOmcyrXSP+Gf53UtV6qbNNmt4qaPaTvV8AWx49eveMW2VCj2xaHU
|
|
jXs9F1JxicGBUjd+XektuNBSSU+NK/myV40lGBw7eoWEisqU1rptz7tJOHSrrG4M
|
|
S4AzoOUGzVY=
|
|
=mZkQ
|
|
-----END PGP SIGNATURE-----
|
|
|