Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0359

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-0359
Last Modified 10 Sep 2008 03:11:50
Published 03 Jul 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0359

Summary

xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.

Vulnerable Systems

Operating System

  • Sgi Irix 6.2

  • Sgi Irix 6.3

  • Sgi Irix 6.4

  • Sgi Irix 6.5

  • Sgi Irix 6.5.1

  • Sgi Irix 6.5.10

  • Sgi Irix 6.5.10f

  • Sgi Irix 6.5.10m

  • Sgi Irix 6.5.11

  • Sgi Irix 6.5.11f

  • Sgi Irix 6.5.11m

  • Sgi Irix 6.5.12

  • Sgi Irix 6.5.12f

  • Sgi Irix 6.5.12m

  • Sgi Irix 6.5.13

  • Sgi Irix 6.5.13f

  • Sgi Irix 6.5.13m

  • Sgi Irix 6.5.14

  • Sgi Irix 6.5.14f

  • Sgi Irix 6.5.14m

  • Sgi Irix 6.5.15

  • Sgi Irix 6.5.15f

  • Sgi Irix 6.5.15m

  • Sgi Irix 6.5.16

  • Sgi Irix 6.5.2

  • Sgi Irix 6.5.2f

  • Sgi Irix 6.5.2m

  • Sgi Irix 6.5.3

  • Sgi Irix 6.5.3f

  • Sgi Irix 6.5.3m

  • Sgi Irix 6.5.4

  • Sgi Irix 6.5.4f

  • Sgi Irix 6.5.4m

  • Sgi Irix 6.5.5

  • Sgi Irix 6.5.5f

  • Sgi Irix 6.5.5m

  • Sgi Irix 6.5.6

  • Sgi Irix 6.5.6f

  • Sgi Irix 6.5.6m

  • Sgi Irix 6.5.7

  • Sgi Irix 6.5.7f

  • Sgi Irix 6.5.7m

  • Sgi Irix 6.5.8

  • Sgi Irix 6.5.8f

  • Sgi Irix 6.5.8m

  • Sgi Irix 6.5.9

  • Sgi Irix 6.5.9f

  • Sgi Irix 6.5.9m


References

CERT-VN - VU#521147

SGI - 20020606-01-I

BUGTRAQ - 20020620 [LSD] IRIX rpc.xfsmd multiple remote root vulnerabilities

BID - 5072

XF - irix-xfsmd-bypass-authentication(9401)


Last Updated: 27 May 2016 10:36:53