IRIX rpc.mountd Unprivileged Remote Port Mount

2003-11-21T00:00:00
ID OSVDB:8553
Type osvdb
Reporter OSVDB
Modified 2003-11-21T00:00:00

Description

Vulnerability Description

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious attacker is able to mount a file system via an unprivileged port even if rpc.mountd is started with the '-n' option. This flaw may lead to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Silicon Graphics, Inc. has released patches to address this vulnerability.

Short Description

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious attacker is able to mount a file system via an unprivileged port even if rpc.mountd is started with the '-n' option. This flaw may lead to a loss of integrity.

References:

Vendor Specific Solution URL: ftp://patches.sgi.com/support/free/security/patches/ Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1008274 ISS X-Force ID: 13807 CVE-2003-0796 Bugtraq ID: 9085