6.5.21 NFS Unauthorized File Access Vulnerability

Open forum for security issues and info.
Forum rules
Any posts concerning pirated software or offering to buy/sell/trade commercial software are subject to removal.
User avatar
squeen
Moderator
Moderator
Posts: 2933
Joined: Fri May 09, 2003 6:10 am
Location: Maryland, USA

6.5.21 NFS Unauthorized File Access Vulnerability

Unread postby squeen » Thu Oct 30, 2003 4:16 am

SGI IRIX 6.5.21 systems running NFS server may contain a vulnerability that allows a local attacker to gain unauthorized access to files available over the NFS share.

The vulnerability exists because NFS server does not properly apply access checks under certain conditions where wildcards and other configuration settings are present.

Workarounds are available.

Systems running the NFS server on the following IRIX versions may be vulnerable:

SGI IRIX 6.5.21f
SGI IRIX 6.5.21m

The vulnerability can be exploited when the root, rw or access configuration options in /etc/exports are only assigned wildcards with no specific hostnames or netgroups.

Administrators can prevent exploitation by placing localhost at the beginning of the /etc/exports host list, and then listing wildcards.

As a workaround, IRIX users can add localhost at the beginning of the list of hosts in /etc/exports, as indicated in the following:


/filesystem -access=localhost:{wildcard}

Administrators are advised to only operate the NFS server on a protected internal network.

Administrators are advised to restrict untrusted user access to the NFS server.

SGI has released a security advisory at the following FTP link: ftp://patches.sgi.com/support/free/secu ... 4-01-P.asc

SGI has released patches for IRIX for registered users at the following FTP link: ftp://patches.sgi.com/support/free/secu ... 4-01-P.asc

Return to “SGI: Security”

Who is online

Users browsing this forum: No registered users and 1 guest