|
SGI IRIX update for XFS
|
|
Secunia Advisory:
|
SA8574
|
|
|
Release Date:
|
2003-04-11
|
|
Popularity:
|
5,062 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Exposure of system information
Privilege escalation
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | SGI IRIX 6.5.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2003-0173
|
|
Description:
SGI has issued an update for XFS. This fixes a vulnerability allowing local users to read quota information.
The problem is that the file containing the information is created with insecure permissions.
According to SGI this can be exploited to escalate privileges. Other vendors however, state that it only may be used to read quota information.
Solution:
Version 6.5.20 is not vulnerable.
For versions 6.15.16m to 6.5.19f apply patch number 5059 from:
ftp://patches.sgi.com/support/free/security/patches/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
