[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Silicon Graphics Computer Systems "IRIX" lp Vulner

Title: Silicon Graphics Computer Systems "IRIX" lp Vulner
Released by: CERT
Date: 10th April 1992
Printable version: Click here

Hash: SHA1



Last Revised:  September 19,1997

                Attached copyright statement

                              CERT Advisory

                              April 10, 1992

        Silicon Graphics Computer Systems "IRIX" lp Vulnerability

- ---------------------------------------------------------------------------

The Computer Emergency Response Team/Coordination Center (CERT/CC) has

received information concerning a method of unauthorized root access

in the lp software in Silicon Graphics Computer Systems (SGI) IRIX

operating systems.  This vulnerability is present in all current

versions of IRIX.

Silicon Graphics Computer Systems and the CERT/CC strongly recommend

that sites take immediate action to eliminate this vulnerability from

their systems.

This vulnerability will be fixed in IRIX 4.0.5 and is NOT present in any

version of the Trusted IRIX/B product.

- ---------------------------------------------------------------------------

I.   Description

     When IRIX pre-4.0.5 systems are installed or updated using either

     the basic system software ("eoe1.sw.unix") or the system manager

     software ("eoe2.sw.vadmin") media, a vulnerability is introduced

     in the lp software.

II.  Impact

     Any user logged into the system can gain root access.

III. Solution

     As root, execute the following commands:

        # cd /usr/lib

        # chmod a-s,go-w lpshut lpmove accept reject lpadmin

        # chmod go-ws lpsched vadmin/serial_ports vadmin/users vadmin/disks

        # cd /usr/bin

        # chmod a-s,go-w disable enable

        # chmod go-ws cancel lp lpstat

     If the eoe2.sw.vadmin software is not installed, you may

     ignore any warning messages from chmod such as:

       "chmod: WARNING: can't access vadmin/serial_ports"

     If system software should ever be reinstalled from pre-4.0.5

     media or restored from a backup tape created before the patch was

     applied, repeat the above procedure before enabling logins by

     normal users.

- ---------------------------------------------------------------------------

The CERT/CC would like to thank Silicon Graphics Computer Systems for 

bringing this security vulnerability to our attention and for their quick

response to this problem.

- ---------------------------------------------------------------------------

If you believe that your system has been compromised, contact CERT/CC or

your representative in FIRST (Forum of Incident Response and Security Teams).

Internet E-mail: cert@cert.org

Telephone: 412-268-7090 (24-hour hotline)

           CERT/CC personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4),

           on call for emergencies during other hours.

Computer Emergency Response Team/Coordination Center (CERT/CC)

Software Engineering Institute

Carnegie Mellon University

Pittsburgh, PA 15213-3890

Past advisories, information about FIRST representatives, and other

information related to computer security are available for anonymous ftp

from cert.org (

- ------------------------------------------------------------------------------

Copyright 1992 Carnegie Mellon University. Conditions for use, disclaimers,

and sponsorship information can be found in

http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .

If you do not have FTP or web access, send mail to cert@cert.org with

"copyright" in the subject line.

CERT is registered in the U.S. Patent and Trademark Office.


Revision History:

September 19,1997  Attached Copyright Statement


Version: PGP for Personal Privacy 5.0

Charset: noconv





(C) 1999-2000 All rights reserved.