IRIX ipxlink Vulnerability

SGI O2 systems running IRIX 6.3 come with support
for the IPX protocol. The software is installed by default,
and lives under /usr/etc/netware. The binary ipxlink is
part of this subsystem.

Among many vulnerabilities in this binary it calls other
programs via system() without reseting the enviroment
(e.g. IFS).

This is SGI bug number 498565.


 

Privacy Statement
Copyright 2010, SecurityFocus