Description
fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file.
Affected products
- sgi / freeware1.0 – 1.0
- sgi / irix6.5 – 6.5
- sgi / irix6.5.1 – 6.5.1
- sgi / irix6.5.2 – 6.5.2
- sgi / irix6.5.3 – 6.5.3
- sgi / irix6.5.4 – 6.5.4
- sgi / irix6.5.5 – 6.5.5
- sgi / irix6.5.6 – 6.5.6
- sgi / irix6.5.7 – 6.5.7
- sgi / irix6.5.8 – 6.5.8
- sgi / irix6.5.9 – 6.5.9
- sgi / irix6.5.10 – 6.5.10
- sgi / irix6.5.11 – 6.5.11
- sgi / irix6.5.12 – 6.5.12
- sgi / irix6.5.13 – 6.5.13
- sgi / irix6.5.13m – 6.5.13m
- sgi / irix6.5.14 – 6.5.14
- sgi / irix6.5.14m – 6.5.14m
- sgi / irix6.5.15 – 6.5.15
- sgi / irix6.5.15m – 6.5.15m
- sgi / irix6.5.16 – 6.5.16
- sgi / irix6.5.16m – 6.5.16m
- sgi / irix6.5.17 – 6.5.17
- sgi / irix6.5.17m – 6.5.17m
References
- VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20020903-02-P
- MISChttp://www.ciac.org/ciac/bulletins/n-004.shtml
- VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20021103-02-P
- VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20021103-01-P
- MISChttp://www.securityfocus.com/bid/5897
- MISChttp://www.osvdb.org/8579
- VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20020903-01-P
- MISChttp://www.iss.net/security_center/static/10275.php