IRIX upgrade on a SGI Origin 3000 server could allow a remote attacker to bypass packet filtering
| irix-origin-bypass-filtering (9868) |  Medium Risk |
Description:
SGI Origin could allow a remote attacker to bypass packet filtering. Upgrading Origin 3000 from IRIX changes the MAC address for the base ethernet. A remote attacker could use this vulnerability to bypass access controls on the vulnerable system.
Platforms Affected:
- SGI, IRIX 6.5.13
- SGI, IRIX 6.5.14
- SGI, IRIX 6.5.15
- SGI, IRIX 6.5.16
Remedy:
Upgrade to the latest version of IRIX (6.5.17 or later), as listed in SGI Security Advisory 20020805-01-I. See References.
Consequences:
Bypass Security
References:
- SGI Security Advisory 20020805-01-I, MAC address change on SGI Origin 3000 at ftp://patches.sgi.com/support/free/security/advisories/20020805-01-I.
- SGI Web site, Welcome to SGI at http://www.sgi.com/.
- BID-5467: SGI IRIX MAC Address Changing Weakness
- CVE-2002-1419: The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.
Reported:
Aug 14, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net