[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : SGI "IRIX" /usr/sbin/fmt Vulnerability

Title: SGI "IRIX" /usr/sbin/fmt Vulnerability
Released by: CERT
Date: 26th August 1991
Printable version: Click here

Hash: SHA1



Last Revised:  September 18,1997

                Attached copyright statement

                              CERT Advisory

                               August 26, 1991

                     SGI "IRIX" /usr/sbin/fmt Vulnerability

- ---------------------------------------------------------------------------

The Computer Emergency Response Team/Coordination Center (CERT/CC) has

received information concerning a vulnerability of mail messages in Silicon

Graphics Computer Systems' IRIX versions prior to 4.0 (this includes all

3.2 and 3.3.* versions).  This problem has been fixed in version 4.0.

Information regarding the exploitation of this vulnerability is inherently 

disclosed by any discussion of the problem (including this Advisory) so 

we recommend taking immediate action. Until you are able to apply the patch, 

mail at your site is vulnerable to being read by any ordinary user logged 

in at that site.

Silicon Graphics has provided the enclosed patch instructions.

- ---------------------------------------------------------------------------


     A vulnerability exists such that IRIX pre-4.0 (e.g., 3.3.3) systems

     with the basic system software ("eoe1.sw.unix") installed can allow

     unauthorized read access to users' mail messages, by exploiting a

     configuration error in a standard system utility. Due to the ease

     of exploiting this vulnerability and the simplicity of the corrective

     action, the CERT/CC urges all sites to install the patch given below.


     Anyone who can log in on a given IRIX pre-4.0 (3.2, 3.3, 3.3.*) system

     can read mail messages which have been delivered to any other user on

     that same system.



     As "root", execute the following commands:

        chmod 755 /usr/sbin/fmt

        chown root.sys /usr/sbin/fmt

     If system software should ever be reloaded from a 3.2 or 3.3.*

     installation tape or from a backup tape created before the patch

     was applied, repeat the above procedure immediately after the software

     has been reloaded, before enabling logins by normal users.

     [Fixed in IRIX 4.0.]

- ---------------------------------------------------------------------------

The CERT/CC would like to thank Silicon Graphics for bringing this

vulnerability and solution to our attention.

- ---------------------------------------------------------------------------

If you believe that your system has been compromised, contact CERT/CC via

telephone or e-mail.

Computer Emergency Response Team/Coordination Center (CERT/CC)

Software Engineering Institute

Carnegie Mellon University

Pittsburgh, PA 15213-3890

Internet E-mail: cert@cert.org

Telephone: 412-268-7090 24-hour hotline:

           CERT/CC personnel answer 7:30a.m.-6:00p.m. EST,

           on call for emergencies during other hours.

Past advisories and other computer security related information are available

for anonymous ftp from the cert.org ( system.

- ----------------------------------------------------------------------------

Copyright 1991 Carnegie Mellon University. Conditions for use, disclaimers,

and sponsorship information can be found in

http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .

If you do not have FTP or web access, send mail to cert@cert.org with

"copyright" in the subject line.

CERT is registered in the U.S. Patent and Trademark Office.


Revision History

September 18,1997  Attached Copyright Statement


Version: PGP for Personal Privacy 5.0

Charset: noconv





(C) 1999-2000 All rights reserved.