Neperos
SIGN IN
Copy Link
Add to Bookmark
Report

CERT Advisory 135

eZine's profile picture
eZine lover (@eZine)
Published in 
CERT Advisory
 · 4 years ago

  

 
-----BEGIN PGP SIGNED MESSAGE----- 

============================================================================= 
CERT(sm) Advisory CA-97.03 
Original issue date: January 8, 1997 
Last revised: May 8, 1997 
              Updated the Solution section to include URL for SGI patch 
                information. 

              A complete revision history is at the end of this file. 

Topic: Vulnerability in IRIX csetup 
- ----------------------------------------------------------------------------- 

The CERT Coordination Center has received information about a vulnerability in 
the csetup program under IRIX versions 5.x, 6.0, 6.0.1, 6.1, and 6.2. csetup is 
not available under IRIX 6.3 and 6.4. 

By exploiting this vulnerability, local users can create or overwrite 
arbitrary files on the system. With this leverage, they can ultimately gain 
root privileges. 

Exploitation information involving this vulnerability has been made publicly 
available. 

We recommend applying a vendor patch when possible. In the meantime, we urge 
sites to apply the workaround described in Section III. 

We will update this advisory as we receive additional information. 
Please check advisory files regularly for updates that relate to your site. 

Note: Development of this advisory was a joint effort of the CERT Coordination 
      Center and AUSCERT. 
- ----------------------------------------------------------------------------- 

I.   Description 

        There is a vulnerability in the csetup program under IRIX versions 
        5.x, 6.0, 6.0.1, 6.1, and 6.2. csetup is not available under IRIX 6.3 
        and 6.4. 

        csetup is part of the Desktop System Administration subsystem. The 
        program provides a graphical interface allowing privileged users, 
        as flagged in the objectserver (cpeople (1M)), or root to modify 
        system and network configuration parameters. The csetup program is 
        setuid root to allow those who are flagged as privileged users to 
        modify system critical files. 

        It is possible to configure csetup to run in DEBUG mode, creating a 
        logfile in a publicly writable directory. This file is created in an 
        insecure manner; and because csetup is running with root privileges at 
        the time the logfile is created, it is possible for local users to 
        create or overwrite arbitrary files on the system. 

        Exploit information involving this vulnerability has been made 
        publicly available. 

II.  Impact 

        Anyone with access to an account on the system can create or overwrite 
        arbitrary files on the system. With this leverage, they can ultimately 
        gain root privileges. 

III. Solution 

        Patch information for this vulnerability is available 
        in SGI"s Security Advisory 19970101-02-PX, available at 

             http://www.sgi.com/Support/Secur/security.html/ 

- ----------------------------------------------------------------------------- 
This advisory is a collaborative effort between AUSCERT and the CERT 
Coordination Center. 

The CERT Coordination Center acknowledges Yuri Volobuev for reporting the 
original problem, and Silicon Graphics, Inc. for their strong support in the 
development of the advisory. 
- ----------------------------------------------------------------------------- 

If you believe that your system has been compromised, contact the CERT 
Coordination Center or your representative in the Forum of Incident Response 
and Security Teams (see ftp://info.cert.org/pub/FIRST/first-contacts). 

 
CERT/CC Contact Information 
- ---------------------------- 
Email    cert@cert.org 

Phone    +1 412-268-7090 (24-hour hotline) 
                CERT personnel answer 8:30-5:00 p.m. EST(GMT-5) / EDT(GMT-4) 
                and are on call for emergencies during other hours. 

Fax      +1 412-268-6989 

Postal address 
         CERT Coordination Center 
         Software Engineering Institute 
         Carnegie Mellon University 
         Pittsburgh PA 15213-3890 
         USA 

Using encryption 
   We strongly urge you to encrypt sensitive information sent by email. We can 
   support a shared DES key or PGP. Contact the CERT/CC for more information. 
   Location of CERT PGP key 
         ftp://info.cert.org/pub/CERT_PGP.key 

Getting security information 
   CERT publications and other security information are available from 
        http://www.cert.org/ 
        ftp://info.cert.org/pub/ 

   CERT advisories and bulletins are also posted on the USENET newsgroup 
        comp.security.announce 

   To be added to our mailing list for advisories and bulletins, send your 
   email address to 
        cert-advisory-request@cert.org 

- --------------------------------------------------------------------------- 
Copyright 1997 Carnegie Mellon University 
This material may be reproduced and distributed without permission provided 
it is used for noncommercial purposes and the copyright statement is 
included. 

CERT is a service mark of Carnegie Mellon University. 
- --------------------------------------------------------------------------- 

This file: ftp://info.cert.org/pub/cert_advisories/CA-97.03.csetup 
           http://www.cert.org 
               click on "CERT Advisories" 

 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
Revision history 

May 8, 1997  Updated the Solution section to include URL for SGI patch 
                 information. 

-----BEGIN PGP SIGNATURE----- 
Version: 2.6.2 

iQCVAwUBM3HQYHVP+x0t4w7BAQHsCwP9FNTbUVg7O6f9Pi02OGXifD0zbP2Pjljx 
mR9qfATWl4Ti8xW5pc96rK1n68IKPS6QnlX83ruZtASqn1D/uixyfUHJ6nrzgtxK 
/yCz2lVrpMy2w9By6V2lIiKkf+DlRZ/573zzDaHPUJR7ODo5d6zWFsjX3GLR2oWq 
o2FUKbcyd50= 
=WTxZ 
-----END PGP SIGNATURE-----

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

guest's profile picture
@guest
16 Dec 2024
cool
Adelaide's profile picture
@Adelaide
16 Dec 2024
Bellissimo l' albero di natale
guest's profile picture
@guest
12 Dec 2024
Subject: IT Specialist Looking for Full-Time Remote Role with Your Company Dear [Sir/Madam], I hope this message finds you well. My na ...
guest's profile picture
@guest
11 Dec 2024
잔인해
guest's profile picture
@guest
10 Dec 2024
오우 쉣
guest's profile picture
@guest
10 Dec 2024
ㄷㄷㄷㄷㄷ /\__/\ ( .__. ) [ ] (___)
guest's profile picture
@guest
9 Dec 2024
Is there a way to play on the Dreamcast an iso file? How to do it?
lostcivilizations's profile picture
Lost Civilizations (@lostcivilizations)
8 Dec 2024
Just found this image online
lostcivilizations's profile picture
Lost Civilizations (@lostcivilizations)
8 Dec 2024
The Dogon are a population living near Mandiagara, 300 km south of Timbuktu, in Mali. Two anthropologists, Marcel Griaule and Germaine Diet ...
eZine's profile picture
eZine lover (@eZine)
8 Dec 2024
Yes, it's an excellent article. Unfortunately, not many people write such pieces anymore. Instead, it seems like everyone is focused on ...
a Francesco Arca production 2016 - 2024
Terms of Service - Privacy Policy
neperos on mastodon
Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT