Tutorial - Performance Copilot Problems
Performance Copilot Problems
Impact
Vulnerabilities exist in the Performance Copilot package, as supplied as
part of IRIX 6.5. By default, IRIX will install the pmcd daemon, which is
installed in /usr/etc. By default, no ACL's are present to limit access to
this program. It listens on port 4321.
Background
Performance Copilot both exposes a large quantity of information, as well
as providing a simple denial of service. From the post to Bugtraq: %
pminfo -f -h sgi.victim.com filesys.mountdir lists all disks and their
mount points, for instance.
Resolution
Disable the pmcd daemon by de-activating it through the
chkconfig facility (i.e., /etc/chkconfig pmcd off) and then
rebooting the system.