I have IRIX 6.4,6.2 and 5.3. Only one system was vulnerable and that was because I had not installed the reccomended patch set. Go to "http://support.sgi.com:80/surfzone/patches/patchset/index.html" to get the current patch sets. To do so will requre a surfzone membership. It is also noteworthy that I do not have patch 3184 installed on any systems. So some other patch must fix it as well as patch 3184. > The irix-6.2 "at -f" vulnerability was mentioned on BUGTRAQ a while back. [1] > Unfortunately SGI has not issued an advisory on this, nor does it appear > in their security patches list at www.sgi.com as of Aug 4, although a > patch *has* been made available. > > The patch number is 3184 and those with SGI Surfzone IDs can get it > by searching for "3184" at SGI's web site. The top-level description > says it is for 6.4, but the patch README mentions 6.2 bugs which are > patched. > ------- > > [1] <http://www.geek-girl.com/bugtraq/1998_3/0042.html> > <http://www.geek-girl.com/bugtraq/1998_2/0626.html> >-- End of excerpt from Richard Johnson
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:42 PDT