Title: IRIX Performance Copilot Information Disclosure Vulnerability
Severity: MODERATE
Description:
Vulnerabilities exist in the Performance Copilot package, as supplied as part of IRIX 6.5. By default, IRIX will install the pmcd daemon, which is installed in /usr/etc. By default, no ACL's are present to limit access to this program. It listens on port 4321.
Performance Copilot exposes a large quantity of information. From the post to Bugtraq:
% pminfo -f -h sgi.victim.com filesys.mountdir
lists all disks and their mount points, for instance.
% pmem -h sgi.victim.com
will return something looking much like a ps -efl: all processes with
their owners and long argument lists.
This BID entry formerly contained information about a denial of service vulnerability. This information has been moved to BID 4642.
Affected Products:
- SGI IRIX 6.2.0
- SGI IRIX 6.3.0
- SGI IRIX 6.4.0
- SGI IRIX 6.5.3
- SGI IRIX 6.5.3f
- SGI IRIX 6.5.3m
- SGI IRIX 6.5.4
- SGI IRIX 6.5.6
References:
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
