CVE-2002-0359

Summary of the CVE-2002-0359 (IRIX xfsmd): The SGI XFS journaling file-system daemon (xfsmd), part of the optional eoe.sw.xfsmserv package on IRIX 6.5, uses a weak (default) AUTH_UNIX RPC authentication mechanism. This allows remote, unauthenticated attackers to invoke privileged RPC functions (i...

CVE-2002-0359

xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges...

CVE-2002-0652

xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen function, such as exportfs...

CVE-2002-0652

CVE-2002-0652 affects xfsmd for IRIX 6.5 through 6.5.16. The vulnerability allows remote attackers to execute arbitrary code by supplying shell metacharacters that are not properly filtered in multiple calls to popen(), e.g., through export_fs(). The description and connected records confirm the ...

SGI IRIX 6.x - rpc.xfsmd Remote Command Execution

SGI IRIX 6.x - rpc.xfsmd Remote Command Execution // source: https://www.securityfocus.com/bid/5075/info Throghout the implementation of the supported remote procedure calls, the server uses the popen libc function. When popen is used, arguments passed to the RPC are included in the command strin...

IRIX xfsmd vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: xfsmd vulnerability Number: 20020605-01-I Date: June 20, 2002 Reference: CAN-2002-0359 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that the /usr/etc/xfsmd daemon has security...