IRIX runpriv Unspecified Local Privilege Escalation

1997-05-14T00:00:00
ID OSVDB:1009
Type osvdb
Reporter Quay Ly(), Joe Bester()
Modified 1997-05-14T00:00:00

Description

Vulnerability Description

IRIX contains a flaw related to the runpriv program of the Indigo Magic System Administration subsystem that may allow unprivileged users to run selected privileged commands. No further details have been provided.

Solution Description

IRIX has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround:

chkconfig privileges off

Short Description

IRIX contains a flaw related to the runpriv program of the Indigo Magic System Administration subsystem that may allow unprivileged users to run selected privileged commands. No further details have been provided.

References:

Vendor URL: http://www.sgi.com Vendor Specific Solution URL: ftp://patches.sgi.com/support/free/security/patches Vendor Specific Advisory URL ISS X-Force ID: 2108 CVE-1999-1116 Bugtraq ID: 462