[VulnWatch] IRIX nsd server and modules mishandle AUTH_UNIX gid list

From: SGI Security Coordinator (agent99_at_sgi.com)
Date: 07/29/03

  • Next message: Michal Zalewski: "Re: [Full-Disclosure] Avoiding being a good admin - was DCOM RPC exploit (dcom.c)"
    Date: Tue, 29 Jul 2003 14:43:23 -0700
    To: agent99@sgi.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----

    ______________________________________________________________________________
                               SGI Security Advisory

      Title : IRIX nsd server and modules mishandle AUTH_UNIX gid list
      Number : 20030704-01-P
      Date : July 29, 2003
      Reference : CVE CAN-2003-0575
      Reference : SGI BUG 873591
      Fixed in : IRIX 6.5.22 or patches 5189-5197
    ______________________________________________________________________________

    SGI provides this information freely to the SGI user community for its
    consideration, interpretation, implementation and use. SGI recommends that
    this information be acted upon as soon as possible.

    SGI provides the information in this Security Advisory on an "AS-IS" basis
    only, and disclaims all warranties with respect thereto, express, implied
    or otherwise, including, without limitation, any warranty of merchantability
    or fitness for a particular purpose. In no event shall SGI be liable for
    any loss of profits, loss of business, loss of data or for any indirect,
    special, exemplary, incidental or consequential damages of any kind arising
    from your use of, failure to use or improper use of any of the instructions
    or information in this Security Advisory.
    ______________________________________________________________________________

    - -----------------------
    - --- Issue Specifics ---
    - -----------------------

    It's been reported that the IRIX name services daemon "nsd" can be exploited
    in various ways through the AUTH_UNIX gid list. This could result in an
    attacker gaining root access.

    SGI has investigated the issue and recommends the following steps for
    neutralizing the exposure. It is HIGHLY RECOMMENDED that these measures be
    implemented on ALL vulnerable SGI systems.

    These issues have been corrected in future releases of IRIX.

    - --------------
    - --- Impact ---
    - --------------

    The /usr/etc/nsd binary is installed by default on IRIX 6.5 systems as part
    of eoe.sw.base.

    To determine the version of IRIX you are running, execute the following
    command:

      # /bin/uname -R

    That will return a result similar to the following:

      # 6.5 6.5.19f

    The first number ("6.5") is the release name, the second ("6.5.19f" in this
    case) is the extended release name. The extended release name is the
    "version" we refer to throughout this document.

    - ----------------------------
    - --- Temporary Workaround ---
    - ----------------------------

    There is no practical workaround available for these problems. SGI
    recommends either upgrading to IRIX 6.5.22 when available, or installing the
    appropriate patch from the listing below.

    - ----------------
    - --- Solution ---
    - ----------------

    SGI has provided a series of patches for these vulnerabilities. Our
    recommendation is to upgrade to IRIX 6.5.22 when available, or install the
    appropriate patch.

       OS Version Vulnerable? Patch # Other Actions
       ---------- ----------- ------- -------------
       IRIX 3.x unknown Note 1
       IRIX 4.x unknown Note 1
       IRIX 5.x unknown Note 1
       IRIX 6.0.x unknown Note 1
       IRIX 6.1 unknown Note 1
       IRIX 6.2 unknown Note 1
       IRIX 6.3 unknown Note 1
       IRIX 6.4 unknown Note 1
       IRIX 6.5 yes Notes 2 & 3
       IRIX 6.5.1 yes Notes 2 & 3
       IRIX 6.5.2 yes Notes 2 & 3
       IRIX 6.5.3 yes Notes 2 & 3
       IRIX 6.5.4 yes Notes 2 & 3
       IRIX 6.5.5 yes Notes 2 & 3
       IRIX 6.5.6 yes Notes 2 & 3
       IRIX 6.5.7 yes Notes 2 & 3
       IRIX 6.5.8 yes Notes 2 & 3
       IRIX 6.5.9 yes Notes 2 & 3
       IRIX 6.5.10 yes Notes 2 & 3
       IRIX 6.5.11 yes Notes 2 & 3
       IRIX 6.5.12 yes Notes 2 & 3
       IRIX 6.5.13 yes Notes 2 & 3
       IRIX 6.5.14 yes Notes 2 & 3
       IRIX 6.5.15 yes Notes 2 & 3
       IRIX 6.5.16 yes Notes 2 & 3
       IRIX 6.5.17m yes 5189 Notes 2 & 4
       IRIX 6.5.17f yes 5190 Notes 2 & 4
       IRIX 6.5.18m yes 5191 Notes 2 & 4
       IRIX 6.5.18f yes 5192 Notes 2 & 4
       IRIX 6.5.19m yes 5193 Notes 2 & 4
       IRIX 6.5.19f yes 5194 Notes 2 & 4
       IRIX 6.5.20m yes 5195 Notes 2 & 4
       IRIX 6.5.20f yes 5196 Notes 2 & 4
       IRIX 6.5.21m yes 5197 Notes 2 & 4
       IRIX 6.5.21f yes 5197 Notes 2 & 4

    NOTES:

         1) This version of the IRIX operating has been retired. Upgrade to an
            actively supported IRIX operating system. See
            http://support.sgi.com for more information.

         2) If you have not received an IRIX 6.5.X CD for IRIX 6.5, contact your
            SGI Support Provider or URL: http://support.sgi.com

         3) Upgrade to IRIX 6.5.22 when available.

         4) Install the patch or upgrade to IRIX 6.5.22 when available.

    - ------------------------
    - --- Acknowledgments ----
    - ------------------------

    SGI wishes to thank lsd-pl.net for their assistance in this matter.

                 ##### Patch File Checksums ####

    The actual patch will be a tar file containing the following files:
    Filename: README.patch.5189
    Algorithm #1 (sum -r): 10159 11 README.patch.5189
    Algorithm #2 (sum): 27589 11 README.patch.5189
    MD5 checksum: 3F63B9BBF6B2909D3BAEC682F0E2C84F

    Filename: patchSG0005189
    Algorithm #1 (sum -r): 26813 12 patchSG0005189
    Algorithm #2 (sum): 61008 12 patchSG0005189
    MD5 checksum: 0388F4E45B333419054FBDCB0830B2A9

    Filename: patchSG0005189.dev_sw
    Algorithm #1 (sum -r): 64914 2866 patchSG0005189.dev_sw
    Algorithm #2 (sum): 49865 2866 patchSG0005189.dev_sw
    MD5 checksum: 7565712B2F570D570742360CEC075E6E

    Filename: patchSG0005189.eoe_man
    Algorithm #1 (sum -r): 50132 22 patchSG0005189.eoe_man
    Algorithm #2 (sum): 58583 22 patchSG0005189.eoe_man
    MD5 checksum: 10ED274CED785FFBB334B2D0F0E4CF98

    Filename: patchSG0005189.eoe_sw
    Algorithm #1 (sum -r): 17616 14758 patchSG0005189.eoe_sw
    Algorithm #2 (sum): 19495 14758 patchSG0005189.eoe_sw
    MD5 checksum: 85FF8F0C89ED00864D4F6AE6728C0F55

    Filename: patchSG0005189.eoe_sw64
    Algorithm #1 (sum -r): 28098 5508 patchSG0005189.eoe_sw64
    Algorithm #2 (sum): 45071 5508 patchSG0005189.eoe_sw64
    MD5 checksum: 45CCA311F2DB7DA47D36EF76D13A61D1

    Filename: patchSG0005189.idb
    Algorithm #1 (sum -r): 65460 11 patchSG0005189.idb
    Algorithm #2 (sum): 37719 11 patchSG0005189.idb
    MD5 checksum: BF408135EE9CA404743F02D98239C071

    Filename: patchSG0005189.irix_dev_sw
    Algorithm #1 (sum -r): 52170 13 patchSG0005189.irix_dev_sw
    Algorithm #2 (sum): 5809 13 patchSG0005189.irix_dev_sw
    MD5 checksum: BFD2074EF383E3D2D5B570DC953D6CE7

    Filename: patchSG0005189.nfs_sw
    Algorithm #1 (sum -r): 28459 305 patchSG0005189.nfs_sw
    Algorithm #2 (sum): 63248 305 patchSG0005189.nfs_sw
    MD5 checksum: 95FF9B4686F19BD28CA430A957F29E4B

    Filename: README.patch.5190
    Algorithm #1 (sum -r): 37045 11 README.patch.5190
    Algorithm #2 (sum): 20865 11 README.patch.5190
    MD5 checksum: 6F798BD7D46AE8C9991387EE05ABCD11

    Filename: patchSG0005190
    Algorithm #1 (sum -r): 31348 11 patchSG0005190
    Algorithm #2 (sum): 47310 11 patchSG0005190
    MD5 checksum: 8DFE64ED07CAD15AF232EF1AA099474E

    Filename: patchSG0005190.dev_sw
    Algorithm #1 (sum -r): 00993 2915 patchSG0005190.dev_sw
    Algorithm #2 (sum): 20030 2915 patchSG0005190.dev_sw
    MD5 checksum: 94C2BC7A431BBFF2D58A2B3F964659C8

    Filename: patchSG0005190.eoe_man
    Algorithm #1 (sum -r): 50132 22 patchSG0005190.eoe_man
    Algorithm #2 (sum): 58583 22 patchSG0005190.eoe_man
    MD5 checksum: 10ED274CED785FFBB334B2D0F0E4CF98

    Filename: patchSG0005190.eoe_sw
    Algorithm #1 (sum -r): 19609 14952 patchSG0005190.eoe_sw
    Algorithm #2 (sum): 38104 14952 patchSG0005190.eoe_sw
    MD5 checksum: 221B70ACC610670A47417EED3B3A6A51

    Filename: patchSG0005190.eoe_sw64
    Algorithm #1 (sum -r): 37048 5575 patchSG0005190.eoe_sw64
    Algorithm #2 (sum): 20022 5575 patchSG0005190.eoe_sw64
    MD5 checksum: 6C020AE51FDD453E7BA5E4EB36E81B10

    Filename: patchSG0005190.idb
    Algorithm #1 (sum -r): 39117 11 patchSG0005190.idb
    Algorithm #2 (sum): 37467 11 patchSG0005190.idb
    MD5 checksum: F9EF65E23CECD9BF5A02E798DECF0D1E

    Filename: patchSG0005190.irix_dev_sw
    Algorithm #1 (sum -r): 52170 13 patchSG0005190.irix_dev_sw
    Algorithm #2 (sum): 5809 13 patchSG0005190.irix_dev_sw
    MD5 checksum: BFD2074EF383E3D2D5B570DC953D6CE7

    Filename: patchSG0005190.nfs_sw
    Algorithm #1 (sum -r): 53177 305 patchSG0005190.nfs_sw
    Algorithm #2 (sum): 36788 305 patchSG0005190.nfs_sw
    MD5 checksum: 9963BF353F105A16A8056B7DCF8BC71F

    Filename: README.patch.5191
    Algorithm #1 (sum -r): 44493 10 README.patch.5191
    Algorithm #2 (sum): 33518 10 README.patch.5191
    MD5 checksum: 1E7DD9734E470255A0317FE1F177F029

    Filename: patchSG0005191
    Algorithm #1 (sum -r): 58413 9 patchSG0005191
    Algorithm #2 (sum): 17263 9 patchSG0005191
    MD5 checksum: 48BA52D30DDA800BEDAA6797E9F501D3

    Filename: patchSG0005191.dev_sw
    Algorithm #1 (sum -r): 47918 2895 patchSG0005191.dev_sw
    Algorithm #2 (sum): 38459 2895 patchSG0005191.dev_sw
    MD5 checksum: 757ED549AE4E4E67371C52940BD668F3

    Filename: patchSG0005191.eoe_man
    Algorithm #1 (sum -r): 10457 22 patchSG0005191.eoe_man
    Algorithm #2 (sum): 12877 22 patchSG0005191.eoe_man
    MD5 checksum: F724C951BAB9375863EE5927230BE2A6

    Filename: patchSG0005191.eoe_sw
    Algorithm #1 (sum -r): 58912 15208 patchSG0005191.eoe_sw
    Algorithm #2 (sum): 23893 15208 patchSG0005191.eoe_sw
    MD5 checksum: A7E87F8FAED5B14D9EE77BF244C4BD1E

    Filename: patchSG0005191.eoe_sw64
    Algorithm #1 (sum -r): 37332 5772 patchSG0005191.eoe_sw64
    Algorithm #2 (sum): 58155 5772 patchSG0005191.eoe_sw64
    MD5 checksum: F9E0BB01873805B89A93626BAFA7032C

    Filename: patchSG0005191.idb
    Algorithm #1 (sum -r): 56753 8 patchSG0005191.idb
    Algorithm #2 (sum): 52581 8 patchSG0005191.idb
    MD5 checksum: EF8A1A8C60A55A9458DB5B6570072E9E

    Filename: patchSG0005191.irix_dev_sw
    Algorithm #1 (sum -r): 52170 13 patchSG0005191.irix_dev_sw
    Algorithm #2 (sum): 5809 13 patchSG0005191.irix_dev_sw
    MD5 checksum: BFD2074EF383E3D2D5B570DC953D6CE7

    Filename: patchSG0005191.nfs_sw
    Algorithm #1 (sum -r): 08578 191 patchSG0005191.nfs_sw
    Algorithm #2 (sum): 42979 191 patchSG0005191.nfs_sw
    MD5 checksum: 353304ACB0E469ABC2366A2AE4B02A92

    Filename: README.patch.5192
    Algorithm #1 (sum -r): 56928 10 README.patch.5192
    Algorithm #2 (sum): 33597 10 README.patch.5192
    MD5 checksum: 4222566EECA54D82E5C7DD524C73F0D5

    Filename: patchSG0005192
    Algorithm #1 (sum -r): 16338 10 patchSG0005192
    Algorithm #2 (sum): 7867 10 patchSG0005192
    MD5 checksum: 9BB92A712A749D92310FDB27D6213C2C

    Filename: patchSG0005192.dev_sw
    Algorithm #1 (sum -r): 00797 2954 patchSG0005192.dev_sw
    Algorithm #2 (sum): 26374 2954 patchSG0005192.dev_sw
    MD5 checksum: A712851C76471540007A2372637F1AE5

    Filename: patchSG0005192.eoe_man
    Algorithm #1 (sum -r): 10457 22 patchSG0005192.eoe_man
    Algorithm #2 (sum): 12877 22 patchSG0005192.eoe_man
    MD5 checksum: F724C951BAB9375863EE5927230BE2A6

    Filename: patchSG0005192.eoe_sw
    Algorithm #1 (sum -r): 19001 15432 patchSG0005192.eoe_sw
    Algorithm #2 (sum): 34293 15432 patchSG0005192.eoe_sw
    MD5 checksum: BC8AF2735CF1F2071FA9DC4BB6D33BAB

    Filename: patchSG0005192.eoe_sw64
    Algorithm #1 (sum -r): 20276 5848 patchSG0005192.eoe_sw64
    Algorithm #2 (sum): 57563 5848 patchSG0005192.eoe_sw64
    MD5 checksum: 7C95292E49974B002B73E128B8DB6F40

    Filename: patchSG0005192.idb
    Algorithm #1 (sum -r): 11998 8 patchSG0005192.idb
    Algorithm #2 (sum): 53351 8 patchSG0005192.idb
    MD5 checksum: 17BDE9A7DA8E56A52DCE506341A66D7C

    Filename: patchSG0005192.irix_dev_sw
    Algorithm #1 (sum -r): 52170 13 patchSG0005192.irix_dev_sw
    Algorithm #2 (sum): 5809 13 patchSG0005192.irix_dev_sw
    MD5 checksum: BFD2074EF383E3D2D5B570DC953D6CE7

    Filename: patchSG0005192.nfs_sw
    Algorithm #1 (sum -r): 48792 191 patchSG0005192.nfs_sw
    Algorithm #2 (sum): 12907 191 patchSG0005192.nfs_sw
    MD5 checksum: 6955C79C266D90FF264A57B244D4C814

    Filename: README.patch.5193
    Algorithm #1 (sum -r): 46648 10 README.patch.5193
    Algorithm #2 (sum): 46269 10 README.patch.5193
    MD5 checksum: E5EEFDC8DF3ED7415B2807764B5A51F5

    Filename: patchSG0005193
    Algorithm #1 (sum -r): 18001 11 patchSG0005193
    Algorithm #2 (sum): 32840 11 patchSG0005193
    MD5 checksum: 7C02A14A9CB4F0DA5E96D6E4B224A2EA

    Filename: patchSG0005193.dev_man
    Algorithm #1 (sum -r): 28629 12 patchSG0005193.dev_man
    Algorithm #2 (sum): 65088 12 patchSG0005193.dev_man
    MD5 checksum: 76770F3C5AB120AF55F739DA42C99A40

    Filename: patchSG0005193.dev_sw
    Algorithm #1 (sum -r): 18837 2909 patchSG0005193.dev_sw
    Algorithm #2 (sum): 61870 2909 patchSG0005193.dev_sw
    MD5 checksum: 595A5C1C853FDBE68648CD307A227586

    Filename: patchSG0005193.eoe_man
    Algorithm #1 (sum -r): 10457 22 patchSG0005193.eoe_man
    Algorithm #2 (sum): 12877 22 patchSG0005193.eoe_man
    MD5 checksum: F724C951BAB9375863EE5927230BE2A6

    Filename: patchSG0005193.eoe_sw
    Algorithm #1 (sum -r): 62454 15489 patchSG0005193.eoe_sw
    Algorithm #2 (sum): 32449 15489 patchSG0005193.eoe_sw
    MD5 checksum: 6CF12946EBF53F3C45FDDA08F8C76071

    Filename: patchSG0005193.eoe_sw64
    Algorithm #1 (sum -r): 24295 5821 patchSG0005193.eoe_sw64
    Algorithm #2 (sum): 58234 5821 patchSG0005193.eoe_sw64
    MD5 checksum: 8D9905C1674BCE79697B8879C981645E

    Filename: patchSG0005193.idb
    Algorithm #1 (sum -r): 61329 11 patchSG0005193.idb
    Algorithm #2 (sum): 60693 11 patchSG0005193.idb
    MD5 checksum: 3982AF12D0DA7A14FE37DBEC9E801CEB

    Filename: patchSG0005193.irix_dev_sw
    Algorithm #1 (sum -r): 29446 15 patchSG0005193.irix_dev_sw
    Algorithm #2 (sum): 30495 15 patchSG0005193.irix_dev_sw
    MD5 checksum: 0A0118E17B525C4D059CD36C2BAB5590

    Filename: patchSG0005193.nfs_sw
    Algorithm #1 (sum -r): 48750 306 patchSG0005193.nfs_sw
    Algorithm #2 (sum): 31501 306 patchSG0005193.nfs_sw
    MD5 checksum: 4DF1F879D1EC091BE3FB94C4D80985D1

    Filename: README.patch.5194
    Algorithm #1 (sum -r): 18094 10 README.patch.5194
    Algorithm #2 (sum): 49892 10 README.patch.5194
    MD5 checksum: AE6EFB88EDF108155FFAD631D1223459

    Filename: patchSG0005194
    Algorithm #1 (sum -r): 12609 12 patchSG0005194
    Algorithm #2 (sum): 424 12 patchSG0005194
    MD5 checksum: D151149958AEB786A26316007EBA3D9E

    Filename: patchSG0005194.dev_man
    Algorithm #1 (sum -r): 28629 12 patchSG0005194.dev_man
    Algorithm #2 (sum): 65088 12 patchSG0005194.dev_man
    MD5 checksum: 76770F3C5AB120AF55F739DA42C99A40

    Filename: patchSG0005194.dev_sw
    Algorithm #1 (sum -r): 15419 2966 patchSG0005194.dev_sw
    Algorithm #2 (sum): 58302 2966 patchSG0005194.dev_sw
    MD5 checksum: 18A94E9D2ABA9D54B301839D7E941F71

    Filename: patchSG0005194.eoe_man
    Algorithm #1 (sum -r): 10457 22 patchSG0005194.eoe_man
    Algorithm #2 (sum): 12877 22 patchSG0005194.eoe_man
    MD5 checksum: F724C951BAB9375863EE5927230BE2A6

    Filename: patchSG0005194.eoe_sw
    Algorithm #1 (sum -r): 58918 15645 patchSG0005194.eoe_sw
    Algorithm #2 (sum): 18869 15645 patchSG0005194.eoe_sw
    MD5 checksum: 00ECAE460EDC3F76FB6A91826B915132

    Filename: patchSG0005194.eoe_sw64
    Algorithm #1 (sum -r): 51671 5934 patchSG0005194.eoe_sw64
    Algorithm #2 (sum): 11268 5934 patchSG0005194.eoe_sw64
    MD5 checksum: 125C54A6D1509A9E982C88AA089DE58A

    Filename: patchSG0005194.idb
    Algorithm #1 (sum -r): 11835 12 patchSG0005194.idb
    Algorithm #2 (sum): 6113 12 patchSG0005194.idb
    MD5 checksum: D7C06A9A49D35B521FD13FCCE14CBB6A

    Filename: patchSG0005194.irix_dev_sw
    Algorithm #1 (sum -r): 42515 20 patchSG0005194.irix_dev_sw
    Algorithm #2 (sum): 61566 20 patchSG0005194.irix_dev_sw
    MD5 checksum: 20307991B48867256113BBA4E5A36109

    Filename: patchSG0005194.nfs_sw
    Algorithm #1 (sum -r): 58592 307 patchSG0005194.nfs_sw
    Algorithm #2 (sum): 53662 307 patchSG0005194.nfs_sw
    MD5 checksum: F53D5CE3FCE94F270728271F3BB6DFA5

    Filename: README.patch.5195
    Algorithm #1 (sum -r): 53740 9 README.patch.5195
    Algorithm #2 (sum): 2479 9 README.patch.5195
    MD5 checksum: 7D659CDA188F1EDCC90F0D98741AF57F

    Filename: patchSG0005195
    Algorithm #1 (sum -r): 15487 8 patchSG0005195
    Algorithm #2 (sum): 47255 8 patchSG0005195
    MD5 checksum: 2C7F0183007573F4FBD64BE39B45924C

    Filename: patchSG0005195.dev_man
    Algorithm #1 (sum -r): 28629 12 patchSG0005195.dev_man
    Algorithm #2 (sum): 65088 12 patchSG0005195.dev_man
    MD5 checksum: 76770F3C5AB120AF55F739DA42C99A40

    Filename: patchSG0005195.dev_sw
    Algorithm #1 (sum -r): 22946 2270 patchSG0005195.dev_sw
    Algorithm #2 (sum): 48297 2270 patchSG0005195.dev_sw
    MD5 checksum: 7132A545C45C38F8FBB387CF165D5509

    Filename: patchSG0005195.eoe_man
    Algorithm #1 (sum -r): 10457 22 patchSG0005195.eoe_man
    Algorithm #2 (sum): 12877 22 patchSG0005195.eoe_man
    MD5 checksum: F724C951BAB9375863EE5927230BE2A6

    Filename: patchSG0005195.eoe_sw
    Algorithm #1 (sum -r): 34125 14237 patchSG0005195.eoe_sw
    Algorithm #2 (sum): 34152 14237 patchSG0005195.eoe_sw
    MD5 checksum: 68C5F343DB6F9CB77C9551C6C0EADBC9

    Filename: patchSG0005195.eoe_sw64
    Algorithm #1 (sum -r): 58484 5981 patchSG0005195.eoe_sw64
    Algorithm #2 (sum): 24268 5981 patchSG0005195.eoe_sw64
    MD5 checksum: 7A15570F574A2C8852A73FB240D388CC

    Filename: patchSG0005195.idb
    Algorithm #1 (sum -r): 52657 7 patchSG0005195.idb
    Algorithm #2 (sum): 57861 7 patchSG0005195.idb
    MD5 checksum: E2408A3AE0B9B06605E8EB20448D1856

    Filename: patchSG0005195.irix_dev_sw
    Algorithm #1 (sum -r): 17463 14 patchSG0005195.irix_dev_sw
    Algorithm #2 (sum): 9159 14 patchSG0005195.irix_dev_sw
    MD5 checksum: 8A43E189CBC080C59C8E4CBC39E53B5F

    Filename: patchSG0005195.nfs_sw
    Algorithm #1 (sum -r): 42234 192 patchSG0005195.nfs_sw
    Algorithm #2 (sum): 61070 192 patchSG0005195.nfs_sw
    MD5 checksum: B2404F1C9E87B29AFDA3F9F8C9CB7E76

    Filename: README.patch.5196
    Algorithm #1 (sum -r): 03828 9 README.patch.5196
    Algorithm #2 (sum): 13617 9 README.patch.5196
    MD5 checksum: 4C33F99312773DBA5CBD4580E900BFB9

    Filename: patchSG0005196
    Algorithm #1 (sum -r): 49364 9 patchSG0005196
    Algorithm #2 (sum): 26233 9 patchSG0005196
    MD5 checksum: 1F25A6AB083320F418987B91E1F6E246

    Filename: patchSG0005196.dev_man
    Algorithm #1 (sum -r): 28629 12 patchSG0005196.dev_man
    Algorithm #2 (sum): 65088 12 patchSG0005196.dev_man
    MD5 checksum: 76770F3C5AB120AF55F739DA42C99A40

    Filename: patchSG0005196.dev_sw
    Algorithm #1 (sum -r): 41278 1243 patchSG0005196.dev_sw
    Algorithm #2 (sum): 7957 1243 patchSG0005196.dev_sw
    MD5 checksum: 230BBC90032988DBB9F7DC013E09A5FF

    Filename: patchSG0005196.eoe_man
    Algorithm #1 (sum -r): 10457 22 patchSG0005196.eoe_man
    Algorithm #2 (sum): 12877 22 patchSG0005196.eoe_man
    MD5 checksum: F724C951BAB9375863EE5927230BE2A6

    Filename: patchSG0005196.eoe_sw
    Algorithm #1 (sum -r): 44227 14328 patchSG0005196.eoe_sw
    Algorithm #2 (sum): 9582 14328 patchSG0005196.eoe_sw
    MD5 checksum: 9F6BA09C7C15B164A7C18E754C0560BA

    Filename: patchSG0005196.eoe_sw64
    Algorithm #1 (sum -r): 14959 6010 patchSG0005196.eoe_sw64
    Algorithm #2 (sum): 1503 6010 patchSG0005196.eoe_sw64
    MD5 checksum: 09B6A878F5120EBECA4EC917D56608A4

    Filename: patchSG0005196.idb
    Algorithm #1 (sum -r): 51152 7 patchSG0005196.idb
    Algorithm #2 (sum): 56906 7 patchSG0005196.idb
    MD5 checksum: 5C48BF388B1D80D0DB97F56B8976DD2C

    Filename: patchSG0005196.irix_dev_sw
    Algorithm #1 (sum -r): 64228 19 patchSG0005196.irix_dev_sw
    Algorithm #2 (sum): 40230 19 patchSG0005196.irix_dev_sw
    MD5 checksum: 7D9ACBBA7A89043F1EFFC6D9781B3CB3

    Filename: patchSG0005196.nfs_sw
    Algorithm #1 (sum -r): 07219 192 patchSG0005196.nfs_sw
    Algorithm #2 (sum): 42988 192 patchSG0005196.nfs_sw
    MD5 checksum: 3C1716878E076E4257C6416C7D358086

    Filename: README.patch.5197
    Algorithm #1 (sum -r): 05441 8 README.patch.5197
    Algorithm #2 (sum): 24264 8 README.patch.5197
    MD5 checksum: 674D446C38AD05D01F04710E2617D669

    Filename: patchSG0005197
    Algorithm #1 (sum -r): 19120 2 patchSG0005197
    Algorithm #2 (sum): 63398 2 patchSG0005197
    MD5 checksum: D38922CC2814154A7C202A98AF547ABB

    Filename: patchSG0005197.eoe_sw
    Algorithm #1 (sum -r): 17115 234 patchSG0005197.eoe_sw
    Algorithm #2 (sum): 35213 234 patchSG0005197.eoe_sw
    MD5 checksum: C56A15C7D300F152D41075483E12EDE5

    Filename: patchSG0005197.idb
    Algorithm #1 (sum -r): 63456 2 patchSG0005197.idb
    Algorithm #2 (sum): 60951 2 patchSG0005197.idb
    MD5 checksum: B3BEBEC7C0DF2221774A061664E04B08

    Filename: patchSG0005197.nfs_sw
    Algorithm #1 (sum -r): 26511 192 patchSG0005197.nfs_sw
    Algorithm #2 (sum): 27157 192 patchSG0005197.nfs_sw
    MD5 checksum: CB05E116F4F22E5E80C741C393B530EB

    - -------------
    - --- Links ---
    - -------------

    SGI Security Advisories can be found at:
    http://www.sgi.com/support/security/ and
    ftp://patches.sgi.com/support/free/security/advisories/

    SGI Security Patches can be found at:
    http://www.sgi.com/support/security/ and
    ftp://patches.sgi.com/support/free/security/patches/

    SGI patches for IRIX can be found at the following patch servers:
    http://support.sgi.com/ and ftp://patches.sgi.com/

    SGI freeware updates for IRIX can be found at:
    http://freeware.sgi.com/

    SGI patches and RPMs for Linux can be found at:
    http://support.sgi.com

    SGI patches for Windows NT or 2000 can be found at:
    http://support.sgi.com/

    IRIX 5.2-6.4 Recommended/Required Patch Sets can be found at:
    http://support.sgi.com/ and ftp://patches.sgi.com/support/patchset/

    IRIX 6.5 Maintenance Release Streams can be found at:
    http://support.sgi.com/

    IRIX 6.5 Software Update CDs can be obtained from:
    http://support.sgi.com/

    The primary SGI anonymous FTP site for security advisories and patches is
    patches.sgi.com. Security advisories and patches are located under the URL
    ftp://patches.sgi.com/support/free/security/

    For security and patch management reasons, ftp.sgi.com (mirrors
    patches.sgi.com security FTP repository) lags behind and does not do a
    real-time update.

    - -----------------------------------------
    - --- SGI Security Information/Contacts ---
    - -----------------------------------------

    If there are questions about this document, email can be sent to
    security-info@sgi.com.

                          ------oOo------

    SGI provides security information and patches for use by the entire SGI
    community. This information is freely available to any person needing the
    information and is available via anonymous FTP and the Web.

    The primary SGI anonymous FTP site for security advisories and patches is
    patches.sgi.com. Security advisories and patches are located under the URL
    ftp://patches.sgi.com/support/free/security/

    The SGI Security Headquarters Web page is accessible at the URL:
    http://www.sgi.com/support/security/

    For issues with the patches on the FTP sites, email can be sent to
    security-info@sgi.com.

    For assistance obtaining or working with security patches, please
    contact your SGI support provider.

                          ------oOo------

    SGI provides a free security mailing list service called wiretap and
    encourages interested parties to self-subscribe to receive (via email) all
    SGI Security Advisories when they are released. Subscribing to the mailing
    list can be done via the Web
    (http://www.sgi.com/support/security/wiretap.html) or by sending email to
    SGI as outlined below.

    % mail wiretap-request@sgi.com
    subscribe wiretap <YourEmailAddress such as midwatch@sgi.com >
    end
    ^d

    In the example above, <YourEmailAddress> is the email address that you wish
    the mailing list information sent to. The word end must be on a separate
    line to indicate the end of the body of the message. The control-d (^d) is
    used to indicate to the mail program that you are finished composing the
    mail message.

                          ------oOo------

    SGI provides a comprehensive customer World Wide Web site. This site is
    located at http://www.sgi.com/support/security/ .

                          ------oOo------

    If there are general security questions on SGI systems, email can be sent to
    security-info@sgi.com.

    For reporting *NEW* SGI security issues, email can be sent to
    security-alert@sgi.com or contact your SGI support provider. A support
    contract is not required for submitting a security report.

    ______________________________________________________________________________
          This information is provided freely to all interested parties
          and may be redistributed provided that it is not altered in any
          way, SGI is appropriately credited and the document retains and
          includes its valid PGP signature.

    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.2

    iQCVAwUBPybn/LQ4cFApAP75AQHZBgP/WG75VEP0yMIRRLH2LW8lDIAXc59ugS7H
    uz52BbxnvckNo3lX6ObhHjfLZ8EYGdN2srClHXdJyGTKTzhJvrQaeqP+DgyRz6t4
    eceRBAOzaQYYfgk1c4IHCcjUwUCpkZDO0YhP0YaWD1tUXTdff4ordP2lSr07Q687
    vN0Cd11SasA=
    =rnDN
    -----END PGP SIGNATURE-----


  • Next message: Michal Zalewski: "Re: [Full-Disclosure] Avoiding being a good admin - was DCOM RPC exploit (dcom.c)"

    Relevant Pages