copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2002.444 -- SGI Security Advisory -- Sun RPC xdr_array vulnerability

Date: 19 August 2002
References: ESB-2002.394  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                   ESB-2002.444 -- SGI Security Advisory
                      Sun RPC xdr_array vulnerability
                              19 August 2002

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:                XDR/RPC library (libc)
Vendor:                 SGI
Operating System:       IRIX prior to 6.5.18
Impact:                 Execute Arbitrary Code/Commands
                        Denial of Service
                        Access Privileged Data
Access Required:        Remote

Ref:                    AL-2002.09
                        ESB-2002.394

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________
                           SGI Security Advisory

         Title:  Sun RPC xdr_array vulnerability
        Number:  20020801-01-P
          Date:  August 16, 2002
     Reference:  CERTŪ CA-2002-25
     Reference:  SGI Security Advisory 20020801-01-A
     Reference:  CAN-2002-0391

______________________________________________________________________________

- - -----------------------
- - --- Issue Specifics ---
- - -----------------------

This is a followup to SGI Security Bulletin 20020801-01-A.

It's been reported that there is a buffer overflow vulnerability in the Sun
RPC functions supplied with the IRIX 6.5 operating system.

The portmapper, NFS and NIS RPC services do NOT use the relevant RPC XDR
functions in libc in a manner that makes them vulnerable.  But other RPC
services from IRIX, third-parties, freeware, etc. might use XDR functions.

See http://www.cert.org/advisories/CA-2002-25.html and
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823
for additional details.

SGI has investigated the issue and recommends the following steps for
neutralizing the exposure.  It is HIGHLY RECOMMENDED that these measures be
implemented on ALL vulnerable SGI systems.

These issues have been corrected in future releases of IRIX and with a
series of patches.


- - --------------
- - --- Impact ---
- - --------------

The vulnerabilities exist within libc, which is installed by default on
IRIX 6.5 systems as part of eoe.sw.base.

To determine the version of IRIX you are running, execute the following
command:

  # uname -R

That will return a result similar to the following:

  # 6.5 6.5.16f

The first number ("6.5") is the release name, the second ("6.5.16f" in
this case) is the extended release name.  The extended release name is
the "version" we refer to throughout this document.

This vulnerability was assigned the following CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0391

This vulnerability was assigned the following VU:
http://www.kb.cert.org/vuls/id/192995


- - ----------------------------
- - --- Temporary Workaround ---
- - ----------------------------

There is no effective workaround available for these problems.  SGI
recommends either upgrading to a minimum of IRIX 6.5.18, or installing the
appropriate patch from the listing below.


- - ----------------
- - --- Solution ---
- - ----------------

SGI has provided a series of patches for these vulnerabilities. Our
recommendation is to upgrade to IRIX 6.5.18 when available, or install the
appropriate patch.

   OS Version     Vulnerable?     Patch #      Other Actions
   ----------     -----------     -------      -------------
   IRIX 3.x        unknown                     Note 1
   IRIX 4.x        unknown                     Note 1
   IRIX 5.x        unknown                     Note 1
   IRIX 6.0.x      unknown                     Note 1
   IRIX 6.1        unknown                     Note 1
   IRIX 6.2        unknown                     Note 1
   IRIX 6.3        unknown                     Note 1
   IRIX 6.4        unknown                     Note 1
   IRIX 6.5          yes                       Notes 2 & 3
   IRIX 6.5.1        yes                       Notes 2 & 3
   IRIX 6.5.2        yes                       Notes 2 & 3
   IRIX 6.5.3        yes                       Notes 2 & 3
   IRIX 6.5.4        yes                       Notes 2 & 3
   IRIX 6.5.5        yes                       Notes 2 & 3
   IRIX 6.5.6        yes                       Notes 2 & 3
   IRIX 6.5.7        yes                       Notes 2 & 3
   IRIX 6.5.8        yes                       Notes 2 & 3
   IRIX 6.5.9        yes                       Notes 2 & 3
   IRIX 6.5.10       yes                       Notes 2 & 3
   IRIX 6.5.11       yes                       Notes 2 & 3
   IRIX 6.5.12       yes                       Notes 2 & 3
   IRIX 6.5.13m      yes            4740       Note 2
   IRIX 6.5.13f      yes            4739       Note 2
   IRIX 6.5.14m      yes            4742       Note 2
   IRIX 6.5.14f      yes            4741       Note 2
   IRIX 6.5.15m      yes            4744       Note 2
   IRIX 6.5.15f      yes            4743       Note 2
   IRIX 6.5.16m      yes            4746       Note 2
   IRIX 6.5.16f      yes            4745       Note 2
   IRIX 6.5.17m      yes            4748       Note 2
   IRIX 6.5.17f      yes            4747       Note 2
   IRIX 6.5.18       no

   NOTES

     1) This version of the IRIX operating has been retired. Upgrade to an
        actively supported IRIX operating system.  See
        http://support.sgi.com/irix/news/index.html#policy for more
        information.

     2) If you have not received an IRIX 6.5.X CD for IRIX 6.5, contact your
        SGI Support Provider or URL: http://support.sgi.com/irix/swupdates/

     3) Upgrade to IRIX 6.5.18m or 6.5.18f.

                ##### Patch File Checksums ####

The actual patch will be a tar file containing the following files:

Filename:                 README.patch.4739
Algorithm #1 (sum -r):    17376 8 README.patch.4739
Algorithm #2 (sum):       52194 8 README.patch.4739
MD5 checksum:             FD3C0D821DF71D7F44E43FFF32D0E76A

Filename:                 patchSG0004739
Algorithm #1 (sum -r):    19705 5 patchSG0004739
Algorithm #2 (sum):       34493 5 patchSG0004739
MD5 checksum:             25417784900089D5D08F7C94CF7E8ACF

Filename:                 patchSG0004739.dev_sw
Algorithm #1 (sum -r):    38179 2866 patchSG0004739.dev_sw
Algorithm #2 (sum):       55114 2866 patchSG0004739.dev_sw
MD5 checksum:             50592422C16AC9653884CA6579B0BAE6

Filename:                 patchSG0004739.eoe_sw
Algorithm #1 (sum -r):    06410 14185 patchSG0004739.eoe_sw
Algorithm #2 (sum):       5223 14185 patchSG0004739.eoe_sw
MD5 checksum:             D4E5F744A55173CF1BB1EEE1AFE24ACB

Filename:                 patchSG0004739.eoe_sw64
Algorithm #1 (sum -r):    41610 5436 patchSG0004739.eoe_sw64
Algorithm #2 (sum):       29732 5436 patchSG0004739.eoe_sw64
MD5 checksum:             B2EF2038FFD7A4DDBE2B0ED8AD7EB424

Filename:                 patchSG0004739.idb
Algorithm #1 (sum -r):    38687 7 patchSG0004739.idb
Algorithm #2 (sum):       53498 7 patchSG0004739.idb
MD5 checksum:             C546FD1A1866DF5E9D971E2B092A01C8


Filename:                 README.patch.4740
Algorithm #1 (sum -r):    62983 8 README.patch.4740
Algorithm #2 (sum):       51976 8 README.patch.4740
MD5 checksum:             F79EF7FC534A9F788DC5F4DFA8FD38C6

Filename:                 patchSG0004740
Algorithm #1 (sum -r):    34224 4 patchSG0004740
Algorithm #2 (sum):       49244 4 patchSG0004740
MD5 checksum:             434ED9064D6A46C78F3F9C5F6FE38F3F

Filename:                 patchSG0004740.dev_sw
Algorithm #1 (sum -r):    56972 2818 patchSG0004740.dev_sw
Algorithm #2 (sum):       10979 2818 patchSG0004740.dev_sw
MD5 checksum:             1EFC8359CD1E09A215E628E0ADFF4139

Filename:                 patchSG0004740.eoe_sw
Algorithm #1 (sum -r):    32948 13964 patchSG0004740.eoe_sw
Algorithm #2 (sum):       48417 13964 patchSG0004740.eoe_sw
MD5 checksum:             DE6845D0909AA11ACA7FD11B976A55D0

Filename:                 patchSG0004740.eoe_sw64
Algorithm #1 (sum -r):    01071 5364 patchSG0004740.eoe_sw64
Algorithm #2 (sum):       33961 5364 patchSG0004740.eoe_sw64
MD5 checksum:             EB913551876A45D56F07767131E7F592

Filename:                 patchSG0004740.idb
Algorithm #1 (sum -r):    41640 7 patchSG0004740.idb
Algorithm #2 (sum):       53351 7 patchSG0004740.idb
MD5 checksum:             FE6B18A2AA32639D8D1E2C0659E43A90


Filename:                 README.patch.4741
Algorithm #1 (sum -r):    46292 9 README.patch.4741
Algorithm #2 (sum):       58428 9 README.patch.4741
MD5 checksum:             5BD40F294334AC167243F86FF9AB0244

Filename:                 patchSG0004741
Algorithm #1 (sum -r):    35746 4 patchSG0004741
Algorithm #2 (sum):       63296 4 patchSG0004741
MD5 checksum:             3D2AEECD36495798CB6D8A26C1FF821D

Filename:                 patchSG0004741.dev_sw
Algorithm #1 (sum -r):    35551 2861 patchSG0004741.dev_sw
Algorithm #2 (sum):       11028 2861 patchSG0004741.dev_sw
MD5 checksum:             63C3BCBBB2F16E83A6CE138C6E0B0C90

Filename:                 patchSG0004741.eoe_sw
Algorithm #1 (sum -r):    47290 14241 patchSG0004741.eoe_sw
Algorithm #2 (sum):       20959 14241 patchSG0004741.eoe_sw
MD5 checksum:             906B2552ECAD0BD4F03730C1E6DA80A3

Filename:                 patchSG0004741.eoe_sw64
Algorithm #1 (sum -r):    51758 5454 patchSG0004741.eoe_sw64
Algorithm #2 (sum):       1612 5454 patchSG0004741.eoe_sw64
MD5 checksum:             C796DD1711D14CBFD500AA70412C6C8A

Filename:                 patchSG0004741.idb
Algorithm #1 (sum -r):    11787 6 patchSG0004741.idb
Algorithm #2 (sum):       43916 6 patchSG0004741.idb
MD5 checksum:             6840C4B819339F639D09CB1895A1DF19


Filename:                 README.patch.4742
Algorithm #1 (sum -r):    50773 9 README.patch.4742
Algorithm #2 (sum):       58461 9 README.patch.4742
MD5 checksum:             4C5EB29413762291C461B6F5560A29F6

Filename:                 patchSG0004742
Algorithm #1 (sum -r):    36972 4 patchSG0004742
Algorithm #2 (sum):       63162 4 patchSG0004742
MD5 checksum:             7EF5D0DFA0C75A9537B67AC5412ECECD

Filename:                 patchSG0004742.dev_sw
Algorithm #1 (sum -r):    21521 2829 patchSG0004742.dev_sw
Algorithm #2 (sum):       57073 2829 patchSG0004742.dev_sw
MD5 checksum:             6B70E50307D06EFDAE3A5FC8D73A50A5

Filename:                 patchSG0004742.eoe_sw
Algorithm #1 (sum -r):    38562 14004 patchSG0004742.eoe_sw
Algorithm #2 (sum):       22516 14004 patchSG0004742.eoe_sw
MD5 checksum:             78452CABCE7569EFB73FA0E47C65FC03

Filename:                 patchSG0004742.eoe_sw64
Algorithm #1 (sum -r):    31249 5378 patchSG0004742.eoe_sw64
Algorithm #2 (sum):       1826 5378 patchSG0004742.eoe_sw64
MD5 checksum:             DF82029A99D74908CA24065A2D35552E

Filename:                 patchSG0004742.idb
Algorithm #1 (sum -r):    54786 6 patchSG0004742.idb
Algorithm #2 (sum):       44002 6 patchSG0004742.idb
MD5 checksum:             EEAC01E3BCDF632EB515DA3697FDC109


Filename:                 README.patch.4743
Algorithm #1 (sum -r):    15948 8 README.patch.4743
Algorithm #2 (sum):       45429 8 README.patch.4743
MD5 checksum:             3E15972E0AF21A717B45A698A9890BA7

Filename:                 patchSG0004743
Algorithm #1 (sum -r):    51688 4 patchSG0004743
Algorithm #2 (sum):       50416 4 patchSG0004743
MD5 checksum:             ED38340DD8FAC5C86F743878AE1728D1

Filename:                 patchSG0004743.dev_sw
Algorithm #1 (sum -r):    40350 2861 patchSG0004743.dev_sw
Algorithm #2 (sum):       97 2861 patchSG0004743.dev_sw
MD5 checksum:             8EBC7CAAD1142B5566B976380364A37E

Filename:                 patchSG0004743.eoe_sw
Algorithm #1 (sum -r):    44069 14162 patchSG0004743.eoe_sw
Algorithm #2 (sum):       34540 14162 patchSG0004743.eoe_sw
MD5 checksum:             DDF3BE55CB5F1EAE93B62BBD3FEF55A6

Filename:                 patchSG0004743.eoe_sw64
Algorithm #1 (sum -r):    30426 5440 patchSG0004743.eoe_sw64
Algorithm #2 (sum):       59672 5440 patchSG0004743.eoe_sw64
MD5 checksum:             6D0D872F815DA621B0992A9FD9324671

Filename:                 patchSG0004743.idb
Algorithm #1 (sum -r):    01715 7 patchSG0004743.idb
Algorithm #2 (sum):       55881 7 patchSG0004743.idb
MD5 checksum:             5CE041BDAB7430DBDF87511754D28CCA


Filename:                 README.patch.4744
Algorithm #1 (sum -r):    44285 8 README.patch.4744
Algorithm #2 (sum):       45488 8 README.patch.4744
MD5 checksum:             D438FE6315E0F332108225D165D2EFB7

Filename:                 patchSG0004744
Algorithm #1 (sum -r):    00653 4 patchSG0004744
Algorithm #2 (sum):       47744 4 patchSG0004744
MD5 checksum:             C19320CF91D7677290FF736E56C9FED5

Filename:                 patchSG0004744.dev_sw
Algorithm #1 (sum -r):    28428 2811 patchSG0004744.dev_sw
Algorithm #2 (sum):       5201 2811 patchSG0004744.dev_sw
MD5 checksum:             60A77A0A373EEC1EBF3EB9AF5FC79F3B

Filename:                 patchSG0004744.eoe_sw
Algorithm #1 (sum -r):    18899 13870 patchSG0004744.eoe_sw
Algorithm #2 (sum):       21781 13870 patchSG0004744.eoe_sw
MD5 checksum:             EA1848F5C8B67056F05A9FE9B57CA9E2

Filename:                 patchSG0004744.eoe_sw64
Algorithm #1 (sum -r):    58911 5361 patchSG0004744.eoe_sw64
Algorithm #2 (sum):       50085 5361 patchSG0004744.eoe_sw64
MD5 checksum:             130FF3A636C961FB3954C16E442C0B6F

Filename:                 patchSG0004744.idb
Algorithm #1 (sum -r):    13486 7 patchSG0004744.idb
Algorithm #2 (sum):       55824 7 patchSG0004744.idb
MD5 checksum:             0CEBC15BCF39EA355446255A5D75D805


Filename:                 README.patch.4745
Algorithm #1 (sum -r):    15799 8 README.patch.4745
Algorithm #2 (sum):       35275 8 README.patch.4745
MD5 checksum:             D6B712256A62F8E6B2ACD0976763DCCA

Filename:                 patchSG0004745
Algorithm #1 (sum -r):    58964 3 patchSG0004745
Algorithm #2 (sum):       34473 3 patchSG0004745
MD5 checksum:             37DD6BFA2D081654929172C5FFA85D03

Filename:                 patchSG0004745.dev_sw
Algorithm #1 (sum -r):    43608 2865 patchSG0004745.dev_sw
Algorithm #2 (sum):       26907 2865 patchSG0004745.dev_sw
MD5 checksum:             9CC4426260A13DD11D8787A75616B533

Filename:                 patchSG0004745.eoe_sw
Algorithm #1 (sum -r):    46222 14145 patchSG0004745.eoe_sw
Algorithm #2 (sum):       2014 14145 patchSG0004745.eoe_sw
MD5 checksum:             05732207843259769B88ACB5086F0E9D

Filename:                 patchSG0004745.eoe_sw64
Algorithm #1 (sum -r):    28294 5432 patchSG0004745.eoe_sw64
Algorithm #2 (sum):       35373 5432 patchSG0004745.eoe_sw64
MD5 checksum:             E315BF430F7F55705EBB9059B618615C

Filename:                 patchSG0004745.idb
Algorithm #1 (sum -r):    08259 7 patchSG0004745.idb
Algorithm #2 (sum):       55819 7 patchSG0004745.idb
MD5 checksum:             9C00336D9796E94A5EECB18E032835BC


Filename:                 README.patch.4746
Algorithm #1 (sum -r):    32906 8 README.patch.4746
Algorithm #2 (sum):       35306 8 README.patch.4746
MD5 checksum:             875BAC2CC2801F9CA4B7C7C5DBD1D747

Filename:                 patchSG0004746
Algorithm #1 (sum -r):    38467 3 patchSG0004746
Algorithm #2 (sum):       31867 3 patchSG0004746
MD5 checksum:             E7E3FB06A6133FB036B9E798959B3205

Filename:                 patchSG0004746.dev_sw
Algorithm #1 (sum -r):    02250 2814 patchSG0004746.dev_sw
Algorithm #2 (sum):       8724 2814 patchSG0004746.dev_sw
MD5 checksum:             6EE1AE6822CFCC275BF92BAEE44C6102

Filename:                 patchSG0004746.eoe_sw
Algorithm #1 (sum -r):    42525 13917 patchSG0004746.eoe_sw
Algorithm #2 (sum):       56304 13917 patchSG0004746.eoe_sw
MD5 checksum:             B119365083193E8EFDB4D4EA06BD90B8

Filename:                 patchSG0004746.eoe_sw64
Algorithm #1 (sum -r):    47973 5358 patchSG0004746.eoe_sw64
Algorithm #2 (sum):       48931 5358 patchSG0004746.eoe_sw64
MD5 checksum:             E5A80390E8E1017A559ACBCB6C64D2EE

Filename:                 patchSG0004746.idb
Algorithm #1 (sum -r):    21733 7 patchSG0004746.idb
Algorithm #2 (sum):       55840 7 patchSG0004746.idb
MD5 checksum:             23784F6416174D2794CA958A5FD27C5A


Filename:                 README.patch.4747
Algorithm #1 (sum -r):    40141 8 README.patch.4747
Algorithm #2 (sum):       28747 8 README.patch.4747
MD5 checksum:             5E6CD892484FAFF3DED05366F2F5EA89

Filename:                 patchSG0004747
Algorithm #1 (sum -r):    37009 3 patchSG0004747
Algorithm #2 (sum):       35605 3 patchSG0004747
MD5 checksum:             0109A515389D8C94EFBBE15043B08557

Filename:                 patchSG0004747.dev_sw
Algorithm #1 (sum -r):    60690 2915 patchSG0004747.dev_sw
Algorithm #2 (sum):       7035 2915 patchSG0004747.dev_sw
MD5 checksum:             128FD717AEBA71B8993DC3E9DC880F79

Filename:                 patchSG0004747.eoe_sw
Algorithm #1 (sum -r):    53956 14492 patchSG0004747.eoe_sw
Algorithm #2 (sum):       27214 14492 patchSG0004747.eoe_sw
MD5 checksum:             9590837AF84D5A0D6EFC916C851F0AD6

Filename:                 patchSG0004747.eoe_sw64
Algorithm #1 (sum -r):    28387 5585 patchSG0004747.eoe_sw64
Algorithm #2 (sum):       29573 5585 patchSG0004747.eoe_sw64
MD5 checksum:             6AFBDD4D8D5915613AB86DC690DB2F4D

Filename:                 patchSG0004747.idb
Algorithm #1 (sum -r):    13314 7 patchSG0004747.idb
Algorithm #2 (sum):       55955 7 patchSG0004747.idb
MD5 checksum:             FDFFBD812D3964D9AC3C16D5BDAAF82D


Filename:                 README.patch.4748
Algorithm #1 (sum -r):    17856 8 README.patch.4748
Algorithm #2 (sum):       28761 8 README.patch.4748
MD5 checksum:             77CC00A1EE9DCD4FB02F8B9F1540BB20

Filename:                 patchSG0004748
Algorithm #1 (sum -r):    64080 3 patchSG0004748
Algorithm #2 (sum):       33271 3 patchSG0004748
MD5 checksum:             1DC2039E57A656D89D34D219A863B9AA

Filename:                 patchSG0004748.dev_sw
Algorithm #1 (sum -r):    57598 2867 patchSG0004748.dev_sw
Algorithm #2 (sum):       6373 2867 patchSG0004748.dev_sw
MD5 checksum:             7FEC56E9DF6C7F9E957E33C78B62B2B3

Filename:                 patchSG0004748.eoe_sw
Algorithm #1 (sum -r):    44400 14293 patchSG0004748.eoe_sw
Algorithm #2 (sum):       12872 14293 patchSG0004748.eoe_sw
MD5 checksum:             660F5D22F3F897C50DD2649DFA990122

Filename:                 patchSG0004748.eoe_sw64
Algorithm #1 (sum -r):    02612 5505 patchSG0004748.eoe_sw64
Algorithm #2 (sum):       61325 5505 patchSG0004748.eoe_sw64
MD5 checksum:             2A6D329F8D1E4469E524A85EEF6E157D

Filename:                 patchSG0004748.idb
Algorithm #1 (sum -r):    61381 7 patchSG0004748.idb
Algorithm #2 (sum):       56061 7 patchSG0004748.idb
MD5 checksum:             5F8AD4C318190D8316A7D406DAC8BBA1


- - ------------------------
- - --- Acknowledgments ----
- - ------------------------

SGI wishes to thank CERT, ISS, FIRST and the users of the Internet Community
at large for their assistance in this matter.


- - -------------
- - --- Links ---
- - -------------

SGI Security Advisories can be found at:
http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/advisories/

SGI Security Patches can be found at:
http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/patches/

SGI patches for IRIX can be found at the following patch servers:
http://support.sgi.com/irix/ and ftp://patches.sgi.com/

SGI freeware updates for IRIX can be found at:
http://freeware.sgi.com/

SGI fixes for SGI open sourced code can be found on:
http://oss.sgi.com/projects/

SGI patches and RPMs for Linux can be found at:
http://support.sgi.com/linux/ or
http://oss.sgi.com/projects/sgilinux-combined/download/security-fixes/

SGI patches for Windows NT or 2000 can be found at:
http://support.sgi.com/nt/

IRIX 5.2-6.4 Recommended/Required Patch Sets can be found at:
http://support.sgi.com/irix/ and ftp://patches.sgi.com/support/patchset/

IRIX 6.5 Maintenance Release Streams can be found at:
http://support.sgi.com/colls/patches/tools/relstream/index.html

IRIX 6.5 Software Update CDs can be obtained from:
http://support.sgi.com/irix/swupdates/

The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com (216.32.174.211).  Security advisories and patches are
located under the URL ftp://patches.sgi.com/support/free/security/

For security and patch management reasons, ftp.sgi.com (mirrors
patches.sgi.com security FTP repository) lags behind and does not do a
real-time update.


- - -----------------------------------------
- - --- SGI Security Information/Contacts ---
- - -----------------------------------------

If there are questions about this document, email can be sent to
security-info@sgi.com.

                      ------oOo------

SGI provides security information and patches for use by the entire SGI
community.  This information is freely available to any person needing the
information and is available via anonymous FTP and the Web.

The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com (216.32.174.211).  Security advisories and patches are
located under the URL ftp://patches.sgi.com/support/free/security/

The SGI Security Headquarters Web page is accessible at the URL:
http://www.sgi.com/support/security/

For issues with the patches on the FTP sites, email can be sent to
security-info@sgi.com.

For assistance obtaining or working with security patches, please
contact your SGI support provider.

                      ------oOo------

SGI provides a free security mailing list service called wiretap and
encourages interested parties to self-subscribe to receive (via email) all
SGI Security Advisories when they are released. Subscribing to the mailing
list can be done via the Web
(http://www.sgi.com/support/security/wiretap.html) or by sending email to
SGI as outlined below.

% mail wiretap-request@sgi.com
subscribe wiretap < YourEmailAddress such as aaanalyst@sgi.com >
end
^d

In the example above, <YourEmailAddress> is the email address that you wish
the mailing list information sent to.  The word end must be on a separate
line to indicate the end of the body of the message. The control-d (^d) is
used to indicate to the mail program that you are finished composing the
mail message.


                      ------oOo------

SGI provides a comprehensive customer World Wide Web site. This site is
located at http://www.sgi.com/support/security/ .

                      ------oOo------

If there are general security questions on SGI systems, email can be sent to
security-info@sgi.com.

For reporting *NEW* SGI security issues, email can be sent to
security-alert@sgi.com or contact your SGI support provider.  A support
contract is not required for submitting a security report.

______________________________________________________________________________
      This information is provided freely to all interested parties
      and may be redistributed provided that it is not altered in any
      way, SGI is appropriately credited and the document retains and
      includes its valid PGP signature.

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBPV0oS7Q4cFApAP75AQGhDwQAkku0E5iUbcsge/axWgiBaocSYKnLL1iU
Fpd+5XmMN/7ADLDub8PU3N9Wfb9AtK69XNHUvnWaJZBGGfOu5ibfJCd0liJcma9x
xlsIkCW3LKM7BhprI8lUxfvuAPTVFo7JvyDiUvv/NJ2pJf9JTUHTBPAaSOVKsGbq
yi56nsVrNew=
=xbac
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content.  The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/Information/advisories.html

If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business 
                hours which are GMT+10:00 (AEST).  On call after hours 
                for member emergencies only.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key

iQCVAwUBPWEB1yh9+71yA2DNAQE9cwP+KClZ3rcZHSeQI4fcOLYGX8/vsOuW9pzw
q8+wEESbe6Fw6BM3yBa0hwC6XzspJ/lv87qDF/t03TnGmUuM68ifKVLaVTfGM9G7
WB+Otyc+KkZsg1XBuV3KrUXdavTHS+tdYUNP6rlEsEcseiYicg57fO5Ywwik0irK
ndoMBl2MTec=
=GBBZ
-----END PGP SIGNATURE-----