COMMAND

    mediad

SYSTEMS AFFECTED

    IRIX 5.1...6.4

PROBLEM

    The  IRIX  mediad(1M)  daemon  is  used to monitor removable media
    devices on Silicon Graphics Inc. (SGI) platforms.   Unfortunately,
    a vulnerability has been discovered in the default behavior of the
    mediad(1M)  program  that  can  lead  to  a root compromise of the
    system.   Physical access  to the  removable media  devices on the
    system and  a local  account is  required in  order to exploit the
    mediad(1M) vulnerability locally and remotely.

SOLUTION

    Before you get chance to apply patch, secure your system with:

        # /etc/init.d/mediad stop
        # chkconfig mediad off

    Patches are:

        OS Version     Patch #
        ----------     -------
        IRIX 5.1.x     upgrade
        IRIX 5.2       upgrade
        IRIX 5.3      3191 & 3189 (Both patches must be installed to
                                   fix this vulnerability).
        IRIX 6.0.x     upgrade
        IRIX 6.1       upgrade
        IRIX 6.2      3192 & 3190 (Both patches must be installed to
                                   fix this vulnerability).
        IRIX 6.3         3109
        IRIX 6.4         2891