SGI acknowledges the network device driver vulnerability reported by AtStake
and is currently investigating:
http://www.atstake.com/research/advisor ... report.pdf
http://www.kb.cert.org/vuls/id/412115
http://cve.mitre.org/cgi-bin/cvename.cg ... -2003-0001
Our initial investigation shows that our egXX and tgXX gigabit cards and
efXX interfaces in Origins and Octanes don't appear to be vulnerable.
No further information is available at this time. As further information
becomes available, additional advisories will be issued.
For the protection of all our customers, SGI does not disclose, discuss or
confirm vulnerabilities until a full investigation has occurred and any
necessary patch(es) or release streams are available for all vulnerable and
supported Linux and IRIX operating systems.
Until SGI has more definitive information to provide, customers are
encouraged to assume all security vulnerabilities as exploitable and take
appropriate steps according to local site security policies and
requirements.
As further information becomes available, additional advisories will be
issued via the normal SGI security information distribution methods
including the wiretap mailing list.
Multiple Ethernet NIC Device Driver Information Disclosure V
Forum rules
Any posts concerning pirated software or offering to buy/sell/trade commercial software are subject to removal.
Any posts concerning pirated software or offering to buy/sell/trade commercial software are subject to removal.
Multiple Ethernet NIC Device Driver Information Disclosure V
And another (no patch)
Who is online
Users browsing this forum: No registered users and 2 guests