[security] Security Advisories
Lorenzo Iannuzzi
nakis a libero.it
Dom 4 Apr 2004 00:30:12 CEST
http://www.sgi.com/support/security/
AtStake and CERT reported a network device driver vulnerability
called EtherLeak:
http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
http://www.kb.cert.org/vuls/id/412115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001
The gXX and tgXX gigabit network interfaces, and efXX network interface
on
SGI systems are not vulnerable to this issue.
However, older SGI network interfaces are potentially vulnerable, but
they are in legacy support mode with no new fixes/patches provided.
It has been reported thru various channel that there are several
security issues affecting ftpd on IRIX.
* win2k -> irix ftpd hangs indefinitely on link failure (SGI BUG
893718)
* ftpd DoS possible involving PORT mode (SGI BUG
899364)
* ftpd's ftp_syslog() doesn't work with anonymous FTP (SGI BUG
909172)
--
Ciao e alla prossima!
Lorenzo
-------------- parte successiva --------------
Un allegato non testuale è stato rimosso....
Nome: non disponibile
Tipo: application/pgp-signature
Dimensione: 244 bytes
Descrizione: non disponibile
Url: http://itlists.org/pipermail/security/attachments/20040404/628193f7/attachment.pgp
Maggiori informazioni sulla lista
security