IRIX Systour and OutOfBox Vulnerabilities

Solution:
Removal of this subsystem is recommended. To remove:
/usr/sbin/versions -v remove systour OutOfBox

Alternatively, the affected binaries can have their setuid bits removed.
# /bin/chmod u-s /usr/lib/tour/bin/RemoveSystemTour
# /bin/chmod u-s /usr/people/tour/oob/bin/oobversion

Documentation on this problem is available from SGI at http://support.sgi.com



 

Privacy Statement
Copyright 2010, SecurityFocus