GEN:SID | 1:2084 |
Message | RPC rpc.xfsmd xfs_export attempt TCP |
Summary | xfsmd
|
Impact | Possible root access and code execution.
|
Detailed Information | It is possible for an attacker to exploit some versions of the xfsmd daemon.
Due to a programming error, the service does not correctly check for certain meta-characters and they are not stripped from the request.
The xfsmd daemon is not installed by default on IRIX systems but it is part of an optional package.
|
Affected Systems | IRIX 6.2 IRIX 6.3 IRIX 6.4 IRIX 6.5.x
|
Attack Scenarios | Exploits are widely available.
|
Ease of Attack | Simple
|
Corrective Action | Patches are NOT available for this issue.
Disable and remove the xfsmd daemon.
Uprade to the latest non affected version of the operating system
|
Additional References | Bugtraq: http://www.securityfocus.com/bid/5075
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0359
SGI IRIX: ftp://patches.sgi.com/support/free/security/advisories/20020606-01-I
|
Rule References | bugtraq: 5072
bugtraq: 5075
cve: 2002-0359
|