Title: SGI IRIX IFConfig -ARP Failure To Disable ARP Functionality Vulnerability
Severity: MODERATE
Description:
SGI IRIX like many other Unix distributions and Unix variants, ship with a network interface configuration utility named ifconfig. ifconfig accepts both the "arp" and "-arp" arguments to enable and disable sending and receiving of address resolution protocol communications.
Expected functionality is that the following command sequence will disable ARP communications for the specified interface:
#ifconfig %interface% -arp
Where %interface% is the name of the network interface.
SGI IRIX ifconfig %interface% -arp fails to disable ARP handling on the specified interface. This may lead a network administrator into a false sense of security, where for example, it is believed that ARP is disabled for a specified interface, when in fact it is not. The interface may then be trusted and believed not prone to a variety of ARP based attacks.
Affected Products:
- SGI IRIX 4.0.3
- SGI IRIX 6.5.0
- SGI IRIX 6.5.1
- SGI IRIX 6.5.10
- SGI IRIX 6.5.11
- SGI IRIX 6.5.12
- SGI IRIX 6.5.13
- SGI IRIX 6.5.14
- SGI IRIX 6.5.15
- SGI IRIX 6.5.16
- SGI IRIX 6.5.17 f
- SGI IRIX 6.5.17 m
- SGI IRIX 6.5.18 f
- SGI IRIX 6.5.18 m
- SGI IRIX 6.5.19 f
- SGI IRIX 6.5.19 m
- SGI IRIX 6.5.2
- SGI IRIX 6.5.20 f
- SGI IRIX 6.5.20 m
- SGI IRIX 6.5.21 f
- SGI IRIX 6.5.21 m
- SGI IRIX 6.5.22 m
- SGI IRIX 6.5.3
- SGI IRIX 6.5.4
- SGI IRIX 6.5.5
- SGI IRIX 6.5.6
- SGI IRIX 6.5.7
- SGI IRIX 6.5.8
- SGI IRIX 6.5.9
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
