[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[irix-security] IRIX XFS filesystem denial of service attack
- To: irix-security@sfu.ca
- Subject: [irix-security] IRIX XFS filesystem denial of service attack
- From: Martin Siegert <siegert@sfu.ca>
- Date: Wed, 5 Jun 2002 19:19:29 -0700
- User-Agent: Mutt/1.2.5.1i
Topic
=====
A bug in Irix's XFS file system can lead to a DoS attack.
Problem Description
====================
There is a vulnerability in IRIX's XFS filesystem such that under some
circumstances, a user can create a file that would hang any
application that would try to access it. This has the potential to be used
to create a Denial of Service attack.
This vulnerability may be not exploited by a remote user, a local account is
required.
Affected Systems
================
The XFS filesystem is the default filesystem in IRIX 6.5, therefore all IRIX
6.5 systems are potentially vulnerable to this problem.
This issue has been corrected in IRIX 6.5.12 and later versions.
Solution
========
SGI has released patches to address this problem. SGI recommends
to upgrade to IRIX 6.5.12 or later.
OS Version Vulnerable? Patch #
---------- ----------- -------
IRIX 6.5 yes
IRIX 6.5.1 yes
IRIX 6.5.2 yes
IRIX 6.5.3 yes
IRIX 6.5.4 yes
IRIX 6.5.5 yes
IRIX 6.5.6 yes
IRIX 6.5.7 yes
IRIX 6.5.8 yes
IRIX 6.5.9 yes
IRIX 6.5.10m yes 4286
IRIX 6.5.10f yes 4253
IRIX 6.5.11m yes
IRIX 6.5.11f yes 4254
IRIX 6.5.12 no
IRIX 6.5.13 no
IRIX 6.5.14 no
IRIX 6.5.15 no
Remarks
=======
If your version of Irix is vulnerable but not patch is listed your must
upgrade to Irix 6.5.x, x > 11 first.
Patch 4254 is available from
http://www.sfu.ca/acs/security/irix/irix-patches.html
All Irix patches are available from
ftp://patches.sgi.com/support/free/security/patches/