SGI IRIX sets insecure permissions on "/dev/ipfilter"

Overview

A locally exploitable denial-of-service vulnerability in SGI IRIX may allow a local attacker to disrupt network traffic.

Description

SGI IRIX contains a locally exploitable denial-of-service vulnerability. For more information, please see SGI Security Advisory 20020408-01-I.

---

Impact

A local attacker can disrupt network traffic.

---

Solution

SGI has not provided patches for this vulnerability. Their recommendation is to upgrade to IRIX 6.5.11 or later.

---

Vendor Information

770891

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

SGI __ Affected

Updated: March 21, 2003

Status

Affected

Vendor Statement

Please see <ftp://patches.sgi.com/support/free/security/advisories/20020408-01-I/&gt;.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23770891 Feedback>).

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://www.securityfocus.com/bid/4648&gt;
• <ftp://patches.sgi.com/support/free/security/advisories/20020408-01-I/&gt;

Acknowledgements

This document was written by Ian A. Finlay.

Other Information

CVE IDs:	CVE-2002-0172
Severity Metric:	1.97 Date Public: