COMMAND

    /usr/X11/bin/seyon

SYSTEMS AFFECTED

    IRIX

PROBLEM

    Bruno Morisson gave some info about seyon vulnerability.  The  bug
    is in a command line argument to seyon.  If you do:

        root:~# seyon -noemulator <very long string (approximately 200 bytes)>

    it will overflow.  Getting  a shell is trivial (although  it needs
    to regain  previleges through  a setreuid(0,0)  for example, since
    seyon drops previleges).  It seems  that in redhat 5.1 it is  sgid
    uucp.

SOLUTION

    Silicon Graphics  distributes the  Seyon package  as an  IRIX inst
    image called "fw_MSSeyon" on the SGI Freeware 1.0 and 2.0  CDROMs.
    IRIX customers  who have  installed "fw_MSSeyon"  IRIX inst images
    from any source prior to and including v2.14c are vulnerable.  You
    can:

        I)  Remove the vulnerable seyon package.
        II) Remove the set-uid bit of the seyon program.