SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Embedded Support Partner (IRIX) Vendors:   SGI (Silicon Graphics)
(CIAC Issues Bulletin) Re: SGI's IRIX Allows Remote Users to Execute Arbitrary Code on the Server with Root-Level Privileges Using the Embedded Support Partner (ESP) Application (Installed By Default on IRIX Systems)
SecurityTracker Alert ID:  1001536
SecurityTracker URL:  http://securitytracker.com/id/1001536
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 15 2001
Impact:   Execution of arbitrary code via network, Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.5.5 6.5.8
Description:   Internet Security Systems released an advisory for SGI's IRIX Embedded Support Partner application, warning that it contains a buffer overflow and can allow remote users to execute arbitrary code with root level privileges on the server.

A buffer overflow is reported in the rpc.espd component of the Embedded Support Partner (ESP) subsystem. ESP is apparently installed and enabled by default on all current SGI IRIX installations.

ESP is an application used for managing multiple SGI devices on a network.

Impact:   A remote user can execute arbitrary code with root level privileges on the server, thereby gaining root level access to the server.
Solution:   SGI recommends immediately disabling rpc.espd to prevent exposure before patches can be applied. SGI has made security patch 4123 available to address this vulnerability. See the Vendor URL for information on the patch.
Vendor URL:  www.sgi.com/support/security/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (SGI/IRIX)

Message History:   This archive entry is a follow-up to the message listed below.
May 9 2001 SGI's IRIX Allows Remote Users to Execute Arbitrary Code on the Server with Root-Level Privileges Using the Embedded Support Partner (ESP) Application (Installed By Default on IRIX Systems)



 Source Message Contents

Subject:  CIAC Bulletin L-080: SGI IRIX rpc.espd Buffer Overflow


[For Public Release]
-----BEGIN PGP SIGNED MESSAGE-----


             __________________________________________________________

                       The U.S. Department of Energy
                     Computer Incident Advisory Center
                           ___  __ __    _     ___
                          /       |     /_\   /
                          \___  __|__  /   \  \___
             __________________________________________________________

                             INFORMATION BULLETIN

                       SGI IRIX rpc.espd Buffer Overflow
                     [SGI Security Advisory 20010501-01-P]

May 12, 2001 01:00 GMT                                            Number L-080
______________________________________________________________________________
PROBLEM:       An exploitable buffer overflow has been discovered in the
               Embedded Support Partner (ESP) daemon rpc.espd.
PLATFORM:      IRIX 6.5.5 through IRIX 6.5.8 are vulnerable. 
               IRIX 6.5.7 and IRIX 6.5.8 systems with patch 4123 are not                           
               vulnerable. 
               IRIX 6.5.9 and above are not vulnerable to this issue.
DAMAGE:        root compromise.
SOLUTION:      Apply the patches described below.
______________________________________________________________________________
VULNERABILITY  VERY HIGH. This is remotely exploitable, and results in a root
ASSESSMENT:    compromise.
______________________________________________________________________________

[****** Start SGI Advisory ******]

http://www.ciac.org/ciac/bulletins/l-080.shtml

[****** End SGI Advisory ******]


-----BEGIN PGP SIGNATURE-----
Version: 4.0 Business Edition

iQCVAwUBOwB7vLnzJzdsy3QZAQG/LgQAnk1FbWIXxbAJ9Z4XCvfrGSP2lLDe2Ltx
bj2ZulB461CVat4OycEJl/kQudEBmdeHGpUPMiphC0u2SYf4bUM5xPRH+pqdxYfV
9HpTpxvQVIx+aOJ+KfPQWYaYt6XV3Hckzt6oCVp6bBQCJhXFsAJWOwAJbMCe8pYH
D5MbHkaDvGE=
=ZLGp
-----END PGP SIGNATURE-----

-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+
This message was posted through the FIRST mailing list server.  If you
wish to unsubscribe from this mailing list, send the message body of
"unsubscribe first-info" to first-majordomo@FIRST.ORG
-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC