This deserves passing on. SGI has a patch for the problem, but apparently hasn't publicized the details. ------- Subject: irix-6.2 "at -f" vulnerability The irix-6.2 "at -f" vulnerability was mentioned on BUGTRAQ a while back. [1] Unfortunately SGI has not issued an advisory on this, nor does it appear in their security patches list at www.sgi.com as of Aug 4, although a patch *has* been made available. The patch number is 3184 and those with SGI Surfzone IDs can get it by searching for "3184" at SGI's web site. The top-level description says it is for 6.4, but the patch README mentions 6.2 bugs which are patched. ------- [1] <http://www.geek-girl.com/bugtraq/1998_3/0042.html> <http://www.geek-girl.com/bugtraq/1998_2/0626.html>
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:21 PDT