SGI_FAM Version
Summary
sgi_fam: A Silicon Graphics daemon that is an RPC server that tracks
changes to the filesystem under the IRIX operating system.
Impact
The vulnerability can be exploited remotely by using carefully crafted RPC
packets that are sent to the fam daemon. It can lead to unauthorized access
to the names of files and directories on an IRIX system.
The problem
The sgi_fam daemon on IRIX 5.x and 6.x systems can be compromised which
can reveal the names of files and directories on the system. Apparently,
the contents of the files can not be read or modified. SGI is currently
working on a solution. IRIX 6.5.8 and above will not be effected
Fix
- As a temporary measure, disable sgi_fam in the inetd.conf file.
- Where appropriate, download updated software from
http://oss.sgi.com/projects/fam/.
This update will have to be compiled and installed.
- Install the patch from SGI when it becomes available.
Reference(s):
CVE Reference(s):