[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[irix-security] IRIX IGMP vulnerability
- To: irix-security@sfu.ca
- Subject: [irix-security] IRIX IGMP vulnerability
- From: Martin Siegert <siegert@sfu.ca>
- Date: Thu, 17 Jan 2002 18:43:31 -0800
- User-Agent: Mutt/1.2.5.1i
Topic
=====
IRIX IGMP vulnerability: DoS attack possible
Problem Description
===================
A malformed IGMP multicast packet under specific conditions can cause
SGI systems running the IRIX operating system to panic.
A local user account on the vulnerable system is not required
in order to exploit this issue.
The vulnerability can be exploited remotely over an untrusted network.
The vulnerability can lead to a denial of service attack.
This network kernel vulnerability has been publicly discussed in
Usenet newsgroups and security mailing lists.
Affected Systems
================
SGI systems running the IRIX operating system with versions < 6.5.13
that are connected to a network are vulnerable.
Solution
========
OS Version Vulnerable? Patch #
---------- ----------- -------
IRIX 6.5 yes
IRIX 6.5.1 yes
IRIX 6.5.2 yes
IRIX 6.5.3 yes
IRIX 6.5.4 yes
IRIX 6.5.5 yes
IRIX 6.5.6 yes
IRIX 6.5.7 yes
IRIX 6.5.8 yes
IRIX 6.5.9 yes
IRIX 6.5.10m yes 4335
IRIX 6.5.10f yes 4336
IRIX 6.5.11m yes 4344
IRIX 6.5.11f yes 4345
IRIX 6.5.12m yes 4346
IRIX 6.5.12f yes 4347
IRIX 6.5.13 no
SGI Security Patches can be found at:
http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/patches/
The actual patch will be a tar file patch<patch#>.tar
Untar that file in an appropriate directory (I am using /usr/local/src/dist),
start swmgr and enter that directory name in the "Available Software" box.