Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » IRIX Remote Buffer Overflow

IRIX Remote Buffer Overflow

by phiber on May 15th, 2001 ISS X-Force has discovered a buffer overflow in the "rpc.espd" component of the Embedded Support Partner (ESP) subsystem. ESP is installed and enabled by default on all current SGI IRIX installations.




Impact:




There is a buffer overflow in "rpc.espd" that may allow remote attackers to execute arbitrary commands on a vulnerable host. A local account is not required to exploit this vulnerability.



Affected Versions:



IRIX 6.5.5 , 6.5.8



Description:



ESP was developed by SGI to address the concerns of many system
administrators who needed to manage large-scale SGI environments. ESP allows administrators better access to information regarding the state of all SGI devices on a network. It integrates and correlates system configuration management, event management, resource management, reporting, statistics generation and analysis as well as many other features.



ESP was first introduced in IRIX version 6.5.5. The ESP daemon,
rpc.espd, contains a buffer overflow condition that may allow remote
attackers to execute arbitrary commands with super user privileges on
the target server.



Recommendations:



SGI recommends immediately disabling rpc.espd to prevent exposure before patches can be applied. To disable rpc.espd:



1. Become the root user on the system.



% /bin/su -

Password:

#



2. Change the permissions on the rpc.espd daemon.



# /bin/chmod -x /usr/etc/rpc.espd



3. Restart inetd to kill any vulnerable running daemons.



# /etc/killall -HUP inetd



4. Return to previous level.



# exit

%



SGI has made security patch 4123 available to address this
vulnerability. SGI security patches can be found here.



This vulnerability was posted on a bt mailing list by X-Force. It was discovered and researched by Mark Dowd of ISS
X-Force. Internet Security Systems would like to thank SGI for their response and handling of this vulnerability.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »