COMMAND

    fcagent

SYSTEMS AFFECTED

    IRIX

PROBLEM

    The  IRIX  fcagent(1m)  service  is  an  RPC based daemon which is
    called  to  service  requests  about  status or configuration of a
    FibreVault  enclosure.   Unfortunately,  a  vulnerability  in  the
    fcagent(1m) daemon has been discovered which can lead to a  denial
    of service that can disable the FibreVault.

    The fcagent(1m) daemon is installed by default on Origin and Onyx2
    platforms running IRIX  6.4 and higher.   A local user  account on
    the vulnerable  system is  not required  in order  to exploit  the
    fcagent(1m) daemon.  The  vulnerability can be exploited  remotely
    by  using  carefully  crafted  RPC  packets  that  are sent to the
    fcagent(1m) daemon.  The vulnerability can be used to establish  a
    denial of service rendering the FibreVault unavailable.

    This vulnerability was discovered internally by SGI and is believe
    not to have been publicly discussed outside of SGI.

SOLUTION

    Disable fcagent(1m) daemon:

        chkconfig fcagent off

Patches:

        OS Version  Patch #      Other Actions
        ----------  -------      -------------
        IRIX 6.4     3440        maintenance mode
        IRIX 6.5     6.5.2       Upgrade 6.5.2
        IRIX 6.5.1   6.5.2       Upgrade 6.5.2