IRIX arrayd Authentication Spoofing Remote Privilege Escalation

2005-06-22T00:00:00
ID OSVDB:17508
Type osvdb
Reporter OSVDB
Modified 2005-06-22T00:00:00

Description

Vulnerability Description

IRIX and ProPack contain a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an error in arrayd occurs during the processing of authentication requests when configured to use NONE or SIMPLE authentication. Use of the classic exploit may grant a malicious user remote root and lead to a loss of integrity.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: switch to NOREMOTE authentication.

Short Description

IRIX and ProPack contain a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an error in arrayd occurs during the processing of authentication requests when configured to use NONE or SIMPLE authentication. Use of the classic exploit may grant a malicious user remote root and lead to a loss of integrity.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1014278 Secunia Advisory ID:15785 Keyword: SGI BUG 937655 ISS X-Force ID: 21135 Generic Exploit URL: http://lsd-pl.net/code/IRIX/irx_arrayd.c CVE-1999-0692 CIAC Advisory: P-274 CIAC Advisory: J-052 CERT: CA-1999-09