Title: XInet K-AShare XKAS Program World Writable Icon Directory Vulnerability
Severity: MODERATE
Description:
K-AShare is a file sharing system designed to allow Apple Macintosh and Unix systems to share resources. It is maintained and distributed by Xinet.
A default installation of K-AShare installs an icon directory used by the system with insecure permissions. The /var/adm/appletalk/icons/ directory is created with world read and write permissions.
One of the files in this directory, 'VOLICON', is copied to a directory being shared by an administrator throgh the xkas GUI utility. As a result of the icon directory permissions, a local user could remove the VOLICON file and create a symbolic link to an unreadable file such as /etc/shadow. When the superuser executes the xkas program and shares a directory, the /etc/shadow file would be copied to the shared directory as file '.HSicon' with world-readable permissions.
The attacker may then proceed to read the file, gaining possibly sensitive information (such as password hashes).
Affected Products:
- SGI IRIX 6.5.0
- SGI IRIX 6.5.1
- SGI IRIX 6.5.10
- SGI IRIX 6.5.11
- SGI IRIX 6.5.12
- SGI IRIX 6.5.13
- SGI IRIX 6.5.14
- SGI IRIX 6.5.15
- SGI IRIX 6.5.2
- SGI IRIX 6.5.3
- SGI IRIX 6.5.4
- SGI IRIX 6.5.5
- SGI IRIX 6.5.6
- SGI IRIX 6.5.7
- SGI IRIX 6.5.8
- SGI IRIX 6.5.9
- Xinet K-AShare for IRIX 11.1.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
