COMMAND

    diskperf/diskalign

SYSTEMS AFFECTED

    IRIX 6.4

PROBLEM

    IRIX  6.4  Patch  2291  and  its successors introduced several new
    tools for  the Digital  Media Community.   Two of  these new tools
    introduced  are  diskalign(1)  and  diskperf(1)  which are used to
    assist in configuring IRIX  for data streaming applications,  like
    uncompressed digital video, to/from an XLV volume set of  stripped
    disks.  Unfortunately, a security hole was discovered that  allows
    diskalign(1) and diskperf(1) to create arbitrary root-owned  files
    which can lead to a root compromise.

    The  diskalign(1)/diskperf(1)  programs  are  installed by default
    from  the  January  Recommended/Required  Patch  Set for IRIX 6.4.
    Patch  2291  and  2848  are  vulnerable  to  this exploit.  A user
    account on the vulnerable system  is required in order to  exploit
    diskalign(1)/diskperf(1) locally and remotely.

SOLUTION

    Change the permissions on the vulnerable diskalign(1)/diskperf(1)
    programs:

        # /bin/chmod 500 /usr/sbin/diskalign
        # /bin/chmod 500 /usr/sbin/diskperf

    or apply patches:

        OS Version     Patch #
        ----------     -------
        IRIX 6.4        3030