Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2003.0634 -- SGI Security Advisory
Denial of Service Vulnerability in NFS XDR decoding Update
10 September 2003
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: nfsd
Publisher: SGI
Operating System: IRIX prior to 6.5.20
Impact: Denial of Service
Access Required: Remote
CVE Names: CAN-2003-0576
Ref: ESB-2003.0570
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SGI Security Advisory
Title : Denial of Service Vulnerability in NFS XDR decoding Update
Number : 20030801-02-P
Date : September 9, 2003
Reference: CVE CAN-2003-0576
Reference: SGI BUGS 894659, 898951
Fixed in : IRIX 6.5.20 or patches listed below for IRIX 6.5.17-6.5.19
______________________________________________________________________________
SGI provides this information freely to the SGI user community for its
consideration, interpretation, implementation and use. SGI recommends that
this information be acted upon as soon as possible.
SGI provides the information in this Security Advisory on an "AS-IS" basis
only, and disclaims all warranties with respect thereto, express, implied
or otherwise, including, without limitation, any warranty of merchantability
or fitness for a particular purpose. In no event shall SGI be liable for
any loss of profits, loss of business, loss of data or for any indirect,
special, exemplary, incidental or consequential damages of any kind arising
from your use of, failure to use or improper use of any of the instructions
or information in this Security Advisory.
______________________________________________________________________________
- - -------------------
- - --- Update Info ---
- - -------------------
This bulletin is a followup to SGI Security Bulletin 20030801-01-P:
ftp://patches.sgi.com/support/free/security/advisories/20030801-01-P
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0576
An incomplete list of patches was referenced. Some of the patches
referenced in 20030801-01-P did not apply cleanly. New patches have
been created that will apply cleanly on current IRIX systems.
- - -----------------------
- - --- Issue Specifics ---
- - -----------------------
It's been reported that it is possible to create a Denial of Service attack
on the IRIX nfsd through the use of carefully crafted packets which cause
XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit.
SGI has investigated the issue and recommends the following steps for
neutralizing the exposure. It is HIGHLY RECOMMENDED that these measures be
implemented on ALL vulnerable SGI systems.
These issues have been corrected with patches and in future releases of IRIX.
- - --------------
- - --- Impact ---
- - --------------
nfs is installed by default on IRIX 6.5 systems.
To determine the version of IRIX you are running, execute the following
command:
# /bin/uname -R
That will return a result similar to the following:
# 6.5 6.5.19f
The first number ("6.5") is the release name, the second ("6.5.16f" in this
case) is the extended release name. The extended release name is the
"version" we refer to throughout this document.
To see if nfs is installed, execute the following command:
$ versions -b | grep nfs
I nfs 05/15/2003 Network File System, 6.5.20f
- - ----------------------------
- - --- Temporary Workaround ---
- - ----------------------------
There is no effective workaround available for these problems. SGI
recommends either upgrading to IRIX 6.5.20, or installing the appropriate
patch from the listing below.
- - ----------------
- - --- Solution ---
- - ----------------
SGI has provided a series of patches for these vulnerabilities. Our
recommendation is to upgrade to IRIX 6.5.20, or install the appropriate
patch.
OS Version Vulnerable? Patch # Other Actions
---------- ----------- ------- -------------
IRIX 3.x unknown Note 1
IRIX 4.x unknown Note 1
IRIX 5.x unknown Note 1
IRIX 6.0.x unknown Note 1
IRIX 6.1 unknown Note 1
IRIX 6.2 unknown Note 1
IRIX 6.3 unknown Note 1
IRIX 6.4 unknown Note 1
IRIX 6.5 yes Notes 2 & 3
IRIX 6.5.1 yes Notes 2 & 3
IRIX 6.5.2 yes Notes 2 & 3
IRIX 6.5.3 yes Notes 2 & 3
IRIX 6.5.4 yes Notes 2 & 3
IRIX 6.5.5 yes Notes 2 & 3
IRIX 6.5.6 yes Notes 2 & 3
IRIX 6.5.7 yes Notes 2 & 3
IRIX 6.5.8 yes Notes 2 & 3
IRIX 6.5.9 yes Notes 2 & 3
IRIX 6.5.10 yes Notes 2 & 3
IRIX 6.5.11 yes Notes 2 & 3
IRIX 6.5.12 yes Notes 2 & 3
IRIX 6.5.13 yes Notes 2 & 3
IRIX 6.5.14 yes Notes 2 & 3
IRIX 6.5.15 yes Notes 2 & 3
IRIX 6.5.16 yes Notes 2 & 3
IRIX 6.5.17m yes 5299 Notes 2, 4 & 5
IRIX 6.5.17f yes 5300 Notes 2, 4 & 5
IRIX 6.5.18m yes 5240 Notes 2, 4, 5, & 6
IRIX 6.5.18f yes 5241 Notes 2, 4, 5, & 6
IRIX 6.5.19m yes 5309+5311 Notes 2, 4, 5, & 6
IRIX 6.5.19f yes 5310+5312 Notes 2, 4, 5, & 6
IRIX 6.5.20 no
IRIX 6.5.21 no
NOTES
1) This version of the IRIX operating has been retired. Upgrade to an
actively supported IRIX operating system. See
http://support.sgi.com for more information.
2) If you have not received an IRIX 6.5.X CD for IRIX 6.5, contact your
SGI Support Provider or URL: http://support.sgi.com
3) Upgrade to IRIX 6.5.20.
4) Upgrade to IRIX 6.5.20 or install the required patch(es)
based on your hardware platform.
5) Note that these patches also include other fixes that are not
security related.
6) For 6.5.18/19 IP35 platforms (O300/O3000, Fuel, Tezro),
the patch matrix is:
IRIX 6.5.18m 5213
IRIX 6.5.18f 5261
IRIX 6.5.19m 5309+5297
IRIX 6.5.19f 5310+5298
##### Patch File Checksums ####
Filename: README.patch.5213
Algorithm #1 (sum -r): 46611 15 README.patch.5213
Algorithm #2 (sum): 30482 15 README.patch.5213
MD5 checksum: 1AF19A2C8BB40FC7880E7775B93E15E0
Filename: patchSG0005213
Algorithm #1 (sum -r): 52391 7 patchSG0005213
Algorithm #2 (sum): 45391 7 patchSG0005213
MD5 checksum: 33FF031D212B8BDA7BABA1ADAC540CB8
Filename: patchSG0005213.eoe_sw
Algorithm #1 (sum -r): 32542 5557 patchSG0005213.eoe_sw
Algorithm #2 (sum): 56555 5557 patchSG0005213.eoe_sw
MD5 checksum: C711535E159EE498AFADA7A68CDF0B8D
Filename: patchSG0005213.idb
Algorithm #1 (sum -r): 44377 12 patchSG0005213.idb
Algorithm #2 (sum): 58627 12 patchSG0005213.idb
MD5 checksum: 0D5E32DD860B7E4DE9EFEBCAAB985A82
Filename: patchSG0005213.irix_dev_sw
Algorithm #1 (sum -r): 47514 10 patchSG0005213.irix_dev_sw
Algorithm #2 (sum): 17739 10 patchSG0005213.irix_dev_sw
MD5 checksum: 8419393536955E780D602B67FC25F093
Filename: patchSG0005213.nfs_sw
Algorithm #1 (sum -r): 11337 395 patchSG0005213.nfs_sw
Algorithm #2 (sum): 63096 395 patchSG0005213.nfs_sw
MD5 checksum: 1D77CDEC406FE594663156AFB64B731E
Filename: README.patch.5240
Algorithm #1 (sum -r): 49573 10 README.patch.5240
Algorithm #2 (sum): 6006 10 README.patch.5240
MD5 checksum: 35487EA3FE038B6460A592261C04EFCD
Filename: patchSG0005240
Algorithm #1 (sum -r): 07297 4 patchSG0005240
Algorithm #2 (sum): 50257 4 patchSG0005240
MD5 checksum: 256FFFFC0DD9FD4FB7AABC2016E77E76
Filename: patchSG0005240.eoe_sw
Algorithm #1 (sum -r): 47611 7496 patchSG0005240.eoe_sw
Algorithm #2 (sum): 33432 7496 patchSG0005240.eoe_sw
MD5 checksum: 694361E17A3C8147099E946EBD277A08
Filename: patchSG0005240.idb
Algorithm #1 (sum -r): 06906 26 patchSG0005240.idb
Algorithm #2 (sum): 63464 26 patchSG0005240.idb
MD5 checksum: 5B8066AEB25AE8DC988181B6318FA0FD
Filename: patchSG0005240.irix_dev_sw
Algorithm #1 (sum -r): 38535 10 patchSG0005240.irix_dev_sw
Algorithm #2 (sum): 12894 10 patchSG0005240.irix_dev_sw
MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95
Filename: patchSG0005240.nfs_sw
Algorithm #1 (sum -r): 40380 3891 patchSG0005240.nfs_sw
Algorithm #2 (sum): 34675 3891 patchSG0005240.nfs_sw
MD5 checksum: 71E454F5DF8B7B231BE5534CEFFC1EC8
Filename: README.patch.5241
Algorithm #1 (sum -r): 12584 10 README.patch.5241
Algorithm #2 (sum): 5979 10 README.patch.5241
MD5 checksum: 4C1EE3B73CDD4851D06E73BBB21D65D1
Filename: patchSG0005241
Algorithm #1 (sum -r): 05691 5 patchSG0005241
Algorithm #2 (sum): 13971 5 patchSG0005241
MD5 checksum: 5C6423A1D130E749E6644CDE3CD73FF3
Filename: patchSG0005241.eoe_sw
Algorithm #1 (sum -r): 00113 7607 patchSG0005241.eoe_sw
Algorithm #2 (sum): 34258 7607 patchSG0005241.eoe_sw
MD5 checksum: 5596F7572B50139B776BF011C70E82FC
Filename: patchSG0005241.idb
Algorithm #1 (sum -r): 22072 26 patchSG0005241.idb
Algorithm #2 (sum): 63480 26 patchSG0005241.idb
MD5 checksum: 3CC8B8E45D008D213B8CB84034675509
Filename: patchSG0005241.irix_dev_sw
Algorithm #1 (sum -r): 38535 10 patchSG0005241.irix_dev_sw
Algorithm #2 (sum): 12894 10 patchSG0005241.irix_dev_sw
MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95
Filename: patchSG0005241.nfs_sw
Algorithm #1 (sum -r): 09049 3954 patchSG0005241.nfs_sw
Algorithm #2 (sum): 32772 3954 patchSG0005241.nfs_sw
MD5 checksum: B28A5B503F0B5C85D62C76A666667685
Filename: README.patch.5261
Algorithm #1 (sum -r): 49730 16 README.patch.5261
Algorithm #2 (sum): 12479 16 README.patch.5261
MD5 checksum: 1E0425C87FC8E70F17F8DBCA2045B9A0
Filename: patchSG0005261
Algorithm #1 (sum -r): 51002 8 patchSG0005261
Algorithm #2 (sum): 17205 8 patchSG0005261
MD5 checksum: F4A379CB4B2D7EF2D856F341E10D55E3
Filename: patchSG0005261.eoe_sw
Algorithm #1 (sum -r): 23283 5593 patchSG0005261.eoe_sw
Algorithm #2 (sum): 53331 5593 patchSG0005261.eoe_sw
MD5 checksum: A31456714875F2DF221B30AFF675E69E
Filename: patchSG0005261.idb
Algorithm #1 (sum -r): 50233 11 patchSG0005261.idb
Algorithm #2 (sum): 41910 11 patchSG0005261.idb
MD5 checksum: B3AD01892954B22E7F68127B59087CA2
Filename: patchSG0005261.irix_dev_sw
Algorithm #1 (sum -r): 38535 10 patchSG0005261.irix_dev_sw
Algorithm #2 (sum): 12894 10 patchSG0005261.irix_dev_sw
MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95
Filename: patchSG0005261.nfs_sw
Algorithm #1 (sum -r): 31956 422 patchSG0005261.nfs_sw
Algorithm #2 (sum): 11414 422 patchSG0005261.nfs_sw
MD5 checksum: 12B70352F402174FFD6B033869D7E024
Filename: README.patch.5297
Algorithm #1 (sum -r): 48845 23 README.patch.5297
Algorithm #2 (sum): 32300 23 README.patch.5297
MD5 checksum: 2090A1E436E3F0E8DB64715AEB95818C
Filename: patchSG0005297
Algorithm #1 (sum -r): 43330 9 patchSG0005297
Algorithm #2 (sum): 20967 9 patchSG0005297
MD5 checksum: 18F9918E3EF373AD85C64386AEC0D4E1
Filename: patchSG0005297.eoe_man
Algorithm #1 (sum -r): 58730 28 patchSG0005297.eoe_man
Algorithm #2 (sum): 53579 28 patchSG0005297.eoe_man
MD5 checksum: C45CFA5847A4A277933B66E7BC75270B
Filename: patchSG0005297.eoe_sw
Algorithm #1 (sum -r): 19297 11239 patchSG0005297.eoe_sw
Algorithm #2 (sum): 37563 11239 patchSG0005297.eoe_sw
MD5 checksum: A4BDB4CA50EC789CBEF6E695776AFD62
Filename: patchSG0005297.idb
Algorithm #1 (sum -r): 15626 25 patchSG0005297.idb
Algorithm #2 (sum): 5136 25 patchSG0005297.idb
MD5 checksum: B37753F599C603576842E1C250FC20C4
Filename: patchSG0005298
Algorithm #1 (sum -r): 06814 9 patchSG0005298
Algorithm #2 (sum): 48368 9 patchSG0005298
MD5 checksum: C707E122F202CCB1348D04859D0CF857
Filename: patchSG0005298.eoe_man
Algorithm #1 (sum -r): 58730 28 patchSG0005298.eoe_man
Algorithm #2 (sum): 53579 28 patchSG0005298.eoe_man
MD5 checksum: C45CFA5847A4A277933B66E7BC75270B
Filename: patchSG0005298.eoe_sw
Algorithm #1 (sum -r): 56962 11439 patchSG0005298.eoe_sw
Algorithm #2 (sum): 25923 11439 patchSG0005298.eoe_sw
MD5 checksum: 2F30C016B2F1D630F0F0C319981E8D8B
Filename: patchSG0005298.idb
Algorithm #1 (sum -r): 22626 25 patchSG0005298.idb
Algorithm #2 (sum): 5212 25 patchSG0005298.idb
MD5 checksum: 64F1BB609FEDE5E5627F46E04B3F4F6C
Filename: README.patch.5299
Algorithm #1 (sum -r): 41188 9 README.patch.5299
Algorithm #2 (sum): 16169 9 README.patch.5299
MD5 checksum: FBFE8A19BDDE01B495E057C8D7D83A16
Filename: patchSG0005299
Algorithm #1 (sum -r): 24857 3 patchSG0005299
Algorithm #2 (sum): 7486 3 patchSG0005299
MD5 checksum: 4FEDDE7DE982AF27EC67586043FF74E7
Filename: patchSG0005299.eoe_sw
Algorithm #1 (sum -r): 38270 5940 patchSG0005299.eoe_sw
Algorithm #2 (sum): 12579 5940 patchSG0005299.eoe_sw
MD5 checksum: E667C1503149945361387176FDC6BB8E
Filename: patchSG0005299.idb
Algorithm #1 (sum -r): 57317 26 patchSG0005299.idb
Algorithm #2 (sum): 7987 26 patchSG0005299.idb
MD5 checksum: 344E65F22D98E89429810659D357EE7C
Filename: patchSG0005299.nfs_sw
Algorithm #1 (sum -r): 27292 4243 patchSG0005299.nfs_sw
Algorithm #2 (sum): 58793 4243 patchSG0005299.nfs_sw
MD5 checksum: 18CAF7A608FF6296B7A42B43C40CF8F8
Filename: README.patch.5300
Algorithm #1 (sum -r): 06846 9 README.patch.5300
Algorithm #2 (sum): 15937 9 README.patch.5300
MD5 checksum: 45D2022C2E6C5DEB75E1E75426885EC9
Filename: patchSG0005300
Algorithm #1 (sum -r): 40652 3 patchSG0005300
Algorithm #2 (sum): 8768 3 patchSG0005300
MD5 checksum: 3DF9A0C6897F90A75E33B84633D4FCF9
Filename: patchSG0005300.eoe_sw
Algorithm #1 (sum -r): 42290 6009 patchSG0005300.eoe_sw
Algorithm #2 (sum): 64689 6009 patchSG0005300.eoe_sw
MD5 checksum: 3C03BA7FEA9E884E5342FC91C88AA0CA
Filename: patchSG0005300.idb
Algorithm #1 (sum -r): 32996 26 patchSG0005300.idb
Algorithm #2 (sum): 6747 26 patchSG0005300.idb
MD5 checksum: 2BB25A6121E2E300FF82EE976A26ED20
Filename: patchSG0005300.nfs_sw
Algorithm #1 (sum -r): 08280 4336 patchSG0005300.nfs_sw
Algorithm #2 (sum): 30132 4336 patchSG0005300.nfs_sw
MD5 checksum: EC9DD6232C07823F730D54A38B4DC9D7
Filename: README.patch.5309
Algorithm #1 (sum -r): 11500 10 README.patch.5309
Algorithm #2 (sum): 742 10 README.patch.5309
MD5 checksum: 5164FD409D4C8B1326CFD67A64AF14B2
Filename: patchSG0005309
Algorithm #1 (sum -r): 07818 4 patchSG0005309
Algorithm #2 (sum): 60955 4 patchSG0005309
MD5 checksum: 29C3301F93CB738852F4BAE5554C12DD
Filename: patchSG0005309.eoe_sw
Algorithm #1 (sum -r): 52087 5971 patchSG0005309.eoe_sw
Algorithm #2 (sum): 20255 5971 patchSG0005309.eoe_sw
MD5 checksum: E72EBE5CEBDD39D817BA2DA18B0CD610
Filename: patchSG0005309.idb
Algorithm #1 (sum -r): 63839 34 patchSG0005309.idb
Algorithm #2 (sum): 52011 34 patchSG0005309.idb
MD5 checksum: 78D51E7C53D4B26F62FB8B8EAFBAA445
Filename: patchSG0005309.irix_dev_sw
Algorithm #1 (sum -r): 38535 10 patchSG0005309.irix_dev_sw
Algorithm #2 (sum): 12894 10 patchSG0005309.irix_dev_sw
MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95
Filename: patchSG0005309.nfs_sw
Algorithm #1 (sum -r): 14652 5170 patchSG0005309.nfs_sw
Algorithm #2 (sum): 41929 5170 patchSG0005309.nfs_sw
MD5 checksum: B5FFC917B141C12B4B6B9E1E9A73FB61
Filename: README.patch.5310
Algorithm #1 (sum -r): 16402 10 README.patch.5310
Algorithm #2 (sum): 581 10 README.patch.5310
MD5 checksum: B3D5DAAE37BA3F8230C10F1BB9C157AE
Filename: patchSG0005310
Algorithm #1 (sum -r): 32169 4 patchSG0005310
Algorithm #2 (sum): 11453 4 patchSG0005310
MD5 checksum: 4C155180E5AAB848D4257746CE8C5048
Filename: patchSG0005310.eoe_sw
Algorithm #1 (sum -r): 43234 6044 patchSG0005310.eoe_sw
Algorithm #2 (sum): 11695 6044 patchSG0005310.eoe_sw
MD5 checksum: 752CAF5C030D0B8E3B803E689BCB06CB
Filename: patchSG0005310.idb
Algorithm #1 (sum -r): 15281 34 patchSG0005310.idb
Algorithm #2 (sum): 14811 34 patchSG0005310.idb
MD5 checksum: 71E057493CC5765D56D7A5861E92128B
Filename: patchSG0005310.irix_dev_sw
Algorithm #1 (sum -r): 38535 10 patchSG0005310.irix_dev_sw
Algorithm #2 (sum): 12894 10 patchSG0005310.irix_dev_sw
MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95
Filename: patchSG0005310.nfs_sw
Algorithm #1 (sum -r): 27775 5280 patchSG0005310.nfs_sw
Algorithm #2 (sum): 35689 5280 patchSG0005310.nfs_sw
MD5 checksum: 8F7105F9A5435A7ACFDCF86DBE41EF89
Filename: README.patch.5311
Algorithm #1 (sum -r): 19622 8 README.patch.5311
Algorithm #2 (sum): 25666 8 README.patch.5311
MD5 checksum: 078931C0D7F784B73FB18824C2198C54
Filename: patchSG0005311
Algorithm #1 (sum -r): 48525 2 patchSG0005311
Algorithm #2 (sum): 52212 2 patchSG0005311
MD5 checksum: 4C0E07A13937B4980DE914461FA67807
Filename: patchSG0005311.eoe_sw
Algorithm #1 (sum -r): 01791 2100 patchSG0005311.eoe_sw
Algorithm #2 (sum): 47098 2100 patchSG0005311.eoe_sw
MD5 checksum: 62B1D0038E9DC46B049756F6A2A08418
Filename: patchSG0005311.idb
Algorithm #1 (sum -r): 19509 7 patchSG0005311.idb
Algorithm #2 (sum): 14158 7 patchSG0005311.idb
MD5 checksum: 61E20566BCC33D33268A3860D4A03CD0
Filename: README.patch.5312
Algorithm #1 (sum -r): 52694 8 README.patch.5312
Algorithm #2 (sum): 25656 8 README.patch.5312
MD5 checksum: BE3EC49081DB0B38D43A02124E72EBD2
Filename: patchSG0005312
Algorithm #1 (sum -r): 53019 2 patchSG0005312
Algorithm #2 (sum): 53505 2 patchSG0005312
MD5 checksum: 1661EAD503FB30D030BA3248359C023C
Filename: patchSG0005312.eoe_sw
Algorithm #1 (sum -r): 26414 2163 patchSG0005312.eoe_sw
Algorithm #2 (sum): 37755 2163 patchSG0005312.eoe_sw
MD5 checksum: ACC64E74152BAE2844A5E5FA0CCA7A91
Filename: patchSG0005312.idb
Algorithm #1 (sum -r): 19471 7 patchSG0005312.idb
Algorithm #2 (sum): 14196 7 patchSG0005312.idb
MD5 checksum: FBA8CB90ADC53FB0BAFBECD33899C93E
- - -------------
- - --- Links ---
- - -------------
SGI Security Advisories can be found at:
http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/advisories/
SGI Security Patches can be found at:
http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/patches/
SGI patches for IRIX can be found at the following patch servers:
http://support.sgi.com/ and ftp://patches.sgi.com/
SGI freeware updates for IRIX can be found at:
http://freeware.sgi.com/
SGI patches and RPMs for Linux can be found at:
http://support.sgi.com
SGI patches for Windows NT or 2000 can be found at:
http://support.sgi.com/
IRIX 5.2-6.4 Recommended/Required Patch Sets can be found at:
http://support.sgi.com/ and ftp://patches.sgi.com/support/patchset/
IRIX 6.5 Maintenance Release Streams can be found at:
http://support.sgi.com/
IRIX 6.5 Software Update CDs can be obtained from:
http://support.sgi.com/
The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com. Security advisories and patches are located under the URL
ftp://patches.sgi.com/support/free/security/
For security and patch management reasons, ftp.sgi.com (mirrors
patches.sgi.com security FTP repository) lags behind and does not do a
real-time update.
- - -----------------------------------------
- - --- SGI Security Information/Contacts ---
- - -----------------------------------------
If there are questions about this document, email can be sent to
security-info@sgi.com.
------oOo------
SGI provides security information and patches for use by the entire SGI
community. This information is freely available to any person needing the
information and is available via anonymous FTP and the Web.
The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com. Security advisories and patches are located under the URL
ftp://patches.sgi.com/support/free/security/
The SGI Security Headquarters Web page is accessible at the URL:
http://www.sgi.com/support/security/
For issues with the patches on the FTP sites, email can be sent to
security-info@sgi.com.
For assistance obtaining or working with security patches, please
contact your SGI support provider.
------oOo------
SGI provides a free security mailing list service called wiretap and
encourages interested parties to self-subscribe to receive (via email) all
SGI Security Advisories when they are released. Subscribing to the mailing
list can be done via the Web
(http://www.sgi.com/support/security/wiretap.html) or by sending email to
SGI as outlined below.
% mail wiretap-request@sgi.com
subscribe wiretap <YourEmailAddress such as midwatch@sgi.com >
end
^d
In the example above, <YourEmailAddress> is the email address that you wish
the mailing list information sent to. The word end must be on a separate
line to indicate the end of the body of the message. The control-d (^d) is
used to indicate to the mail program that you are finished composing the
mail message.
------oOo------
SGI provides a comprehensive customer World Wide Web site. This site is
located at http://www.sgi.com/support/security/ .
------oOo------
If there are general security questions on SGI systems, email can be sent to
security-info@sgi.com.
For reporting *NEW* SGI security issues, email can be sent to
security-alert@sgi.com or contact your SGI support provider. A support
contract is not required for submitting a security report.
______________________________________________________________________________
This information is provided freely to all interested parties
and may be redistributed provided that it is not altered in any
way, SGI is appropriately credited and the document retains and
includes its valid PGP signature.
- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBP14QPLQ4cFApAP75AQEBwQP+Oltoqn5q+sioN2tAfeCLBK0yXqcWCtn9
2z3qSk+ecbJjAvjI2qL6BehfxDPUJaS3SmYXwhFuIzx7/+9Ur8bOFa2Z1MKFlPW1
0zkRGJf96AMmXUau3tLYOZjZxpuIx7hgBMDSFwDsM7bniSx42IdTB6DMdy3RiHYU
Eqfi0gBVB4k=
=vA7X
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBP17AQih9+71yA2DNAQGqGQQAkrX6RBd5lwVo5QugF1FkEj9ijuKeuk3X
Y7+9huPYBDaMRW4/ZEivK3HxGdO2EvEqRma/wJfe5H7iZEs1tkoLSwiNb/6JqmBr
NyKH9mpcDtPu4ObZJ3jmO9frhGSNB38se5+GOOqGYqIuKaJ3zwuE12qleRD2wLnk
QADKN63KDgM=
=hELS
-----END PGP SIGNATURE-----