COMMAND

    syserr & permissions

SYSTEMS AFFECTED

    IRIX 5.0.x, 5.1.x, 5.2, 5.3, 6.0.x, 6.1, 6.2, 6.3, 6.4

PROBLEM

    Based  on  Irix  advisory.   The  System Error Notification Broker
    (syserr)  program  is  part  of  the  Desktop System Monitor which
    monitors  the  system  for  user  defined events and then provides
    notification and/or action  when  those events occur.  As  part of
    normal operation,  the syserr program manipulates  certain history
    and  configuration   files.   A   security  issue  was   found  in
    these file operations.  Utilizing the syserr vulnerability, random
    files can be created and corrupted.

    The  IndigoMagic  Desktop  and  Desktop System Monitor subsystems,
    which  contain  syserr   programs  respectively,  are installed by
    default on  all desktop  systems.   These subsystems  may also  be
    installed  on  other  non-desktop  systems.   Both of these issues
    require a local account for these vulnerabilities to be exploited.
    With a local account, these vulnerabilities can be exploited  both
    locally and remotely.

SOLUTION

    Temporally solution:

        # /bin/chmod 500 /usr/sbin/syserr

    Patches are:

        OS Version     Vulnerable?     Patch #      Other Actions
        ----------     -----------     -------      -------------
        IRIX 3.x          no
        IRIX 4.x          no
        IRIX 5.0.x        yes          not avail    Note 1
        IRIX 5.1.x        yes          not avail    Note 1
        IRIX 5.2          yes          not avail    Note 1
        IRIX 5.3          yes          2238 & 2273
        IRIX 6.0.x        yes          not avail    Note 1
        IRIX 6.1          yes          not avail    Note 1
        IRIX 6.2          yes          2239
        IRIX 6.3          yes          2240
        IRIX 6.4          yes          2241