Tutorial - xfsmd vulnerability

xfsmd vulnerability

Created 6/28/02
CVE 2002-0359
CAN 2002-0652

Impact

A vulnerability in SGI's xfsmd could allow a remote attacker to execute arbitrary commands with root privileges.

Background

xfsmd is part of the optional xfsmserv package for the SGI IRIX operating system. It is used by the graphical user interface for making xfs file systems.

The Problem

CVE 2002-0359
CAN 2002-0652
Due to weak RPC authentication, a remote attacker could call any of several potentially dangerous RPC functions offered by xfsmd. There is also a vulnerability in xfsmd in the use of the popen() library function call. Either of these vulnerabilities could allow a remote attacker to execute arbitrary commands with root privileges.

Resolution

Since the xfsmserv package is no longer supported, there are no vendor patches available for this vulnerability. The xfsmd service should be disabled. This is done as follows:

In /etc/inetd.conf, find the line which begins with sgi_xfsmd.
Place a comment sign (#) at the beginning of the line.
killall -HUP inetd
killall /usr/etc/xfsmd

Where can I read more about this?

This vulnerability was reported in SGI Security Advisory 20020606-02-I.