TUCoPS :: SGI :: irixrpcs.txt

SGI bulletin on rpc.statd security vulnerability 

______________________________________________________________________________
                Silicon Graphics Inc. Security Advisory

        Title:   Security vulnerabilities in rpc.statd program
        Number:  19960301-01-P
        Date:    February 29, 1996
______________________________________________________________________________

Silicon Graphics provides this information freely to the SGI user community
for its consideration, interpretation, implementation and use.   Silicon
Graphics recommends that this information be acted upon as soon as possible.

Silicon Graphics  will  not  be  liable  for any  indirect, special, or
consequential damages arising from the use of, failure to use or improper
use of any of the instructions or information in this Security Advisory.
______________________________________________________________________________


It has been found that there are some security vulnerabilities within the
/usr/etc/rpc.statd program.  After further investigation, SGI recommends
the following steps for neutralizing this possible means of exploit.   It
is HIGHLY RECOMMENDED that these measures be done on ALL SGI systems
running IRIX 3.x, 4.x, 5.x and 6.x.  The issue will be permanently
corrected in a future release of IRIX.


- --------------
- --- Impact ---
- --------------


The vulnerabilities found within the rpc.statd program could be used
in several including removal of files and denial of service attacks.
An existing account on the target system is not necessary.


- ----------------
- --- Solution ---
- ----------------


**** IRIX 3.x ****

Silicon Graphics Inc, no longer supports the IRIX 3.x operating system
and therefore has no patches or binaries to provide.

If possible, it is recommended that the system be upgrade to a
supported version of IRIX (see below) and then install the patch
for that particular IRIX version.


**** IRIX 4.x ****

As of the date of this document, SGI does not have a IRIX 4.x binary
replacement that addresses this particular issue.   If in the future,
a replacement binary is generated, additional advisory information will
be provided.

If possible, it is recommended that the system be upgrade to a
supported version of IRIX (see below) and then install the patch
for that particular IRIX version.


**** IRIX 5.0.x, 5.1.x ****

For the IRIX operating systems versions 5.0.x and 5.1.x, an upgrade
to 5.2 or better is required first.  When the upgrade is completed,
then the patches described in the following sections can be applied
depending on the final version of the upgrade.


**** IRIX 5.2 ****

For the IRIX operating system version 5.2, an inst-able patch has been
generated and made available via anonymous FTP and your service/support
provider.  The patch is number 1145 and will install on IRIX 5.2 only.

The SGI anonymous FTP site is sgigate.sgi.com (204.94.209.1) or its
mirror, ftp.sgi.com.   Patch 1145 can be found in the following
directories on the FTP server:

        ~ftp/Security

                or

        ~ftp/Patches/5.2

                        ##### Checksums ####

The actual patch will be a tar file containing the following files:


Filename:                 patchSG0001145
Algorithm #1 (sum -r):    44131 2 patchSG0001145
Algorithm #2 (sum):       6431 2 patchSG0001145
MD5 checksum:             21AA35CB9907CE65E7E9F2CED4C5911A

Filename:                 patchSG0001145.eoe1_sw
Algorithm #1 (sum -r):    00315 35 patchSG0001145.eoe1_sw
Algorithm #2 (sum):       33929 35 patchSG0001145.eoe1_sw
MD5 checksum:             40B85524141352FA8EE027230BE6322C

Filename:                 patchSG0001145.idb
Algorithm #1 (sum -r):    45044 2 patchSG0001145.idb
Algorithm #2 (sum):       60514 2 patchSG0001145.idb
MD5 checksum:             784C192324E1D4CEAD0866CCE279EBC2

Filename:                 patchSG0001145.nfs_man
Algorithm #1 (sum -r):    54026 6 patchSG0001145.nfs_man
Algorithm #2 (sum):       4258 6 patchSG0001145.nfs_man
MD5 checksum:             8B9266952D84D7B86386674FBEDDFC57

Filename:                 patchSG0001145.nfs_sw
Algorithm #1 (sum -r):    11017 111 patchSG0001145.nfs_sw
Algorithm #2 (sum):       29091 111 patchSG0001145.nfs_sw
MD5 checksum:             F52AC0B723600A408A3F3FF1AF637E95





**** IRIX 5.3, 6.0, 6.0.1, 6.1 ****

For the IRIX operating system versions 5.3, 6.0, 6.0.1, and 6.1
an inst-able patch has been generated and made available via anonymous
FTP and your service/support provider.  The patch is number 1128
and will install on IRIX 5.3, 6.0 and 6.0.1 only.


The SGI anonymous FTP site is sgigate.sgi.com (204.94.209.1) or its
mirror, ftp.sgi.com.   Patch 1128 can be found in the following
directories on the FTP server:

        ~ftp/Security

                or

        ~ftp/Patches/5.3
        ~ftp/Patches/6.0
        ~ftp/Patches/6.0.1
        ~ftp/Patches/6.1

                        ##### Checksums ####

The actual patch will be a tar file containing the following files:


Filename:                 patchSG0001128
Algorithm #1 (sum -r):    20931 3 patchSG0001128
Algorithm #2 (sum):       29192 3 patchSG0001128
MD5 checksum:             133D5686F71C291FBFB03826171E6C74

Filename:                 patchSG0001128.eoe1_sw
Algorithm #1 (sum -r):    61563 23 patchSG0001128.eoe1_sw
Algorithm #2 (sum):       36962 23 patchSG0001128.eoe1_sw
MD5 checksum:             CECD51825804C10EFC91AB21E64608A7

Filename:                 patchSG0001128.idb
Algorithm #1 (sum -r):    27583 2 patchSG0001128.idb
Algorithm #2 (sum):       59737 2 patchSG0001128.idb
MD5 checksum:             0F242B0EEACF2F1A3C97B67C1924C887

Filename:                 patchSG0001128.nfs_man
Algorithm #1 (sum -r):    55436 5 patchSG0001128.nfs_man
Algorithm #2 (sum):       39750 5 patchSG0001128.nfs_man
MD5 checksum:             2D902C2D245E370CA3747762075B4AFD

Filename:                 patchSG0001128.nfs_sw
Algorithm #1 (sum -r):    16238 124 patchSG0001128.nfs_sw
Algorithm #2 (sum):       57740 124 patchSG0001128.nfs_sw
MD5 checksum:             2DEC03983024A7583D6B94431048014E



- -----------------------------------------
- --- SGI Security Information/Contacts ---
- -----------------------------------------


Past SGI Advisories and security patches can be obtained via
anonymous FTP from sgigate.sgi.com or its mirror, ftp.sgi.com.
These security patches and advisories are provided freely to
all interested parties.   For issues with the patches on the
FTP sites, email can be sent to cse-security-alert@csd.sgi.com.

For assistance obtaining or working with security patches, please
contact your SGI support provider.

If there are questions about this document, email can be sent to
cse-security-alert@csd.sgi.com.

For reporting *NEW* SGI security issues, email can be sent to
security-alert@sgi.com or contact your SGI support provider.  A
support contract is not required for submitting a security report.



-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBMTZBErQ4cFApAP75AQGZ/wP+Na2rwJNtfLjTb+r62Qqql3/X8dJKDhKu
c75INm4OA24HJP8ICGucUhrrr7phTWx7OkkkepDpPHySyES8gyXfJ5XF+aWGkVMN
hgOuVYMnPJUnA+qiAyyGiYDJQRtaNpaDHifbOSWg2CCv30Hi5aTTy3FsJKSNpn6V
mCQZ5l7bnGI=
=pCex
-----END PGP SIGNATURE-----

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH