From agent99@sgi.com Tue Sep 9 14:59:29 2003 From: SGI Security Coordinator To: agent99@sgi.com Cc: bugtraq@securityfocus.com, full-disclosure@lists.netsys.com, vulnwatch@vulnwatch.org Date: Tue, 9 Sep 2003 11:18:12 -0700 Subject: [Full-Disclosure] Denial of Service Vulnerability in NFS XDR decoding Update -----BEGIN PGP SIGNED MESSAGE----- ______________________________________________________________________________ SGI Security Advisory Title : Denial of Service Vulnerability in NFS XDR decoding Update Number : 20030801-02-P Date : September 9, 2003 Reference: CVE CAN-2003-0576 Reference: SGI BUGS 894659, 898951 Fixed in : IRIX 6.5.20 or patches listed below for IRIX 6.5.17-6.5.19 ______________________________________________________________________________ SGI provides this information freely to the SGI user community for its consideration, interpretation, implementation and use. SGI recommends that this information be acted upon as soon as possible. SGI provides the information in this Security Advisory on an "AS-IS" basis only, and disclaims all warranties with respect thereto, express, implied or otherwise, including, without limitation, any warranty of merchantability or fitness for a particular purpose. In no event shall SGI be liable for any loss of profits, loss of business, loss of data or for any indirect, special, exemplary, incidental or consequential damages of any kind arising from your use of, failure to use or improper use of any of the instructions or information in this Security Advisory. ______________________________________________________________________________ - ------------------- - --- Update Info --- - ------------------- This bulletin is a followup to SGI Security Bulletin 20030801-01-P: ftp://patches.sgi.com/support/free/security/advisories/20030801-01-P http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0576 An incomplete list of patches was referenced. Some of the patches referenced in 20030801-01-P did not apply cleanly. New patches have been created that will apply cleanly on current IRIX systems. - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that it is possible to create a Denial of Service attack on the IRIX nfsd through the use of carefully crafted packets which cause XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit. SGI has investigated the issue and recommends the following steps for neutralizing the exposure. It is HIGHLY RECOMMENDED that these measures be implemented on ALL vulnerable SGI systems. These issues have been corrected with patches and in future releases of IRIX. - -------------- - --- Impact --- - -------------- nfs is installed by default on IRIX 6.5 systems. To determine the version of IRIX you are running, execute the following command: # /bin/uname -R That will return a result similar to the following: # 6.5 6.5.19f The first number ("6.5") is the release name, the second ("6.5.16f" in this case) is the extended release name. The extended release name is the "version" we refer to throughout this document. To see if nfs is installed, execute the following command: $ versions -b | grep nfs I nfs 05/15/2003 Network File System, 6.5.20f - ---------------------------- - --- Temporary Workaround --- - ---------------------------- There is no effective workaround available for these problems. SGI recommends either upgrading to IRIX 6.5.20, or installing the appropriate patch from the listing below. - ---------------- - --- Solution --- - ---------------- SGI has provided a series of patches for these vulnerabilities. Our recommendation is to upgrade to IRIX 6.5.20, or install the appropriate patch. OS Version Vulnerable? Patch # Other Actions ---------- ----------- ------- ------------- IRIX 3.x unknown Note 1 IRIX 4.x unknown Note 1 IRIX 5.x unknown Note 1 IRIX 6.0.x unknown Note 1 IRIX 6.1 unknown Note 1 IRIX 6.2 unknown Note 1 IRIX 6.3 unknown Note 1 IRIX 6.4 unknown Note 1 IRIX 6.5 yes Notes 2 & 3 IRIX 6.5.1 yes Notes 2 & 3 IRIX 6.5.2 yes Notes 2 & 3 IRIX 6.5.3 yes Notes 2 & 3 IRIX 6.5.4 yes Notes 2 & 3 IRIX 6.5.5 yes Notes 2 & 3 IRIX 6.5.6 yes Notes 2 & 3 IRIX 6.5.7 yes Notes 2 & 3 IRIX 6.5.8 yes Notes 2 & 3 IRIX 6.5.9 yes Notes 2 & 3 IRIX 6.5.10 yes Notes 2 & 3 IRIX 6.5.11 yes Notes 2 & 3 IRIX 6.5.12 yes Notes 2 & 3 IRIX 6.5.13 yes Notes 2 & 3 IRIX 6.5.14 yes Notes 2 & 3 IRIX 6.5.15 yes Notes 2 & 3 IRIX 6.5.16 yes Notes 2 & 3 IRIX 6.5.17m yes 5299 Notes 2, 4 & 5 IRIX 6.5.17f yes 5300 Notes 2, 4 & 5 IRIX 6.5.18m yes 5240 Notes 2, 4, 5, & 6 IRIX 6.5.18f yes 5241 Notes 2, 4, 5, & 6 IRIX 6.5.19m yes 5309+5311 Notes 2, 4, 5, & 6 IRIX 6.5.19f yes 5310+5312 Notes 2, 4, 5, & 6 IRIX 6.5.20 no IRIX 6.5.21 no NOTES 1) This version of the IRIX operating has been retired. Upgrade to an actively supported IRIX operating system. See http://support.sgi.com for more information. 2) If you have not received an IRIX 6.5.X CD for IRIX 6.5, contact your SGI Support Provider or URL: http://support.sgi.com 3) Upgrade to IRIX 6.5.20. 4) Upgrade to IRIX 6.5.20 or install the required patch(es) based on your hardware platform. 5) Note that these patches also include other fixes that are not security related. 6) For 6.5.18/19 IP35 platforms (O300/O3000, Fuel, Tezro), the patch matrix is: IRIX 6.5.18m 5213 IRIX 6.5.18f 5261 IRIX 6.5.19m 5309+5297 IRIX 6.5.19f 5310+5298 ##### Patch File Checksums #### Filename: README.patch.5213 Algorithm #1 (sum -r): 46611 15 README.patch.5213 Algorithm #2 (sum): 30482 15 README.patch.5213 MD5 checksum: 1AF19A2C8BB40FC7880E7775B93E15E0 Filename: patchSG0005213 Algorithm #1 (sum -r): 52391 7 patchSG0005213 Algorithm #2 (sum): 45391 7 patchSG0005213 MD5 checksum: 33FF031D212B8BDA7BABA1ADAC540CB8 Filename: patchSG0005213.eoe_sw Algorithm #1 (sum -r): 32542 5557 patchSG0005213.eoe_sw Algorithm #2 (sum): 56555 5557 patchSG0005213.eoe_sw MD5 checksum: C711535E159EE498AFADA7A68CDF0B8D Filename: patchSG0005213.idb Algorithm #1 (sum -r): 44377 12 patchSG0005213.idb Algorithm #2 (sum): 58627 12 patchSG0005213.idb MD5 checksum: 0D5E32DD860B7E4DE9EFEBCAAB985A82 Filename: patchSG0005213.irix_dev_sw Algorithm #1 (sum -r): 47514 10 patchSG0005213.irix_dev_sw Algorithm #2 (sum): 17739 10 patchSG0005213.irix_dev_sw MD5 checksum: 8419393536955E780D602B67FC25F093 Filename: patchSG0005213.nfs_sw Algorithm #1 (sum -r): 11337 395 patchSG0005213.nfs_sw Algorithm #2 (sum): 63096 395 patchSG0005213.nfs_sw MD5 checksum: 1D77CDEC406FE594663156AFB64B731E Filename: README.patch.5240 Algorithm #1 (sum -r): 49573 10 README.patch.5240 Algorithm #2 (sum): 6006 10 README.patch.5240 MD5 checksum: 35487EA3FE038B6460A592261C04EFCD Filename: patchSG0005240 Algorithm #1 (sum -r): 07297 4 patchSG0005240 Algorithm #2 (sum): 50257 4 patchSG0005240 MD5 checksum: 256FFFFC0DD9FD4FB7AABC2016E77E76 Filename: patchSG0005240.eoe_sw Algorithm #1 (sum -r): 47611 7496 patchSG0005240.eoe_sw Algorithm #2 (sum): 33432 7496 patchSG0005240.eoe_sw MD5 checksum: 694361E17A3C8147099E946EBD277A08 Filename: patchSG0005240.idb Algorithm #1 (sum -r): 06906 26 patchSG0005240.idb Algorithm #2 (sum): 63464 26 patchSG0005240.idb MD5 checksum: 5B8066AEB25AE8DC988181B6318FA0FD Filename: patchSG0005240.irix_dev_sw Algorithm #1 (sum -r): 38535 10 patchSG0005240.irix_dev_sw Algorithm #2 (sum): 12894 10 patchSG0005240.irix_dev_sw MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95 Filename: patchSG0005240.nfs_sw Algorithm #1 (sum -r): 40380 3891 patchSG0005240.nfs_sw Algorithm #2 (sum): 34675 3891 patchSG0005240.nfs_sw MD5 checksum: 71E454F5DF8B7B231BE5534CEFFC1EC8 Filename: README.patch.5241 Algorithm #1 (sum -r): 12584 10 README.patch.5241 Algorithm #2 (sum): 5979 10 README.patch.5241 MD5 checksum: 4C1EE3B73CDD4851D06E73BBB21D65D1 Filename: patchSG0005241 Algorithm #1 (sum -r): 05691 5 patchSG0005241 Algorithm #2 (sum): 13971 5 patchSG0005241 MD5 checksum: 5C6423A1D130E749E6644CDE3CD73FF3 Filename: patchSG0005241.eoe_sw Algorithm #1 (sum -r): 00113 7607 patchSG0005241.eoe_sw Algorithm #2 (sum): 34258 7607 patchSG0005241.eoe_sw MD5 checksum: 5596F7572B50139B776BF011C70E82FC Filename: patchSG0005241.idb Algorithm #1 (sum -r): 22072 26 patchSG0005241.idb Algorithm #2 (sum): 63480 26 patchSG0005241.idb MD5 checksum: 3CC8B8E45D008D213B8CB84034675509 Filename: patchSG0005241.irix_dev_sw Algorithm #1 (sum -r): 38535 10 patchSG0005241.irix_dev_sw Algorithm #2 (sum): 12894 10 patchSG0005241.irix_dev_sw MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95 Filename: patchSG0005241.nfs_sw Algorithm #1 (sum -r): 09049 3954 patchSG0005241.nfs_sw Algorithm #2 (sum): 32772 3954 patchSG0005241.nfs_sw MD5 checksum: B28A5B503F0B5C85D62C76A666667685 Filename: README.patch.5261 Algorithm #1 (sum -r): 49730 16 README.patch.5261 Algorithm #2 (sum): 12479 16 README.patch.5261 MD5 checksum: 1E0425C87FC8E70F17F8DBCA2045B9A0 Filename: patchSG0005261 Algorithm #1 (sum -r): 51002 8 patchSG0005261 Algorithm #2 (sum): 17205 8 patchSG0005261 MD5 checksum: F4A379CB4B2D7EF2D856F341E10D55E3 Filename: patchSG0005261.eoe_sw Algorithm #1 (sum -r): 23283 5593 patchSG0005261.eoe_sw Algorithm #2 (sum): 53331 5593 patchSG0005261.eoe_sw MD5 checksum: A31456714875F2DF221B30AFF675E69E Filename: patchSG0005261.idb Algorithm #1 (sum -r): 50233 11 patchSG0005261.idb Algorithm #2 (sum): 41910 11 patchSG0005261.idb MD5 checksum: B3AD01892954B22E7F68127B59087CA2 Filename: patchSG0005261.irix_dev_sw Algorithm #1 (sum -r): 38535 10 patchSG0005261.irix_dev_sw Algorithm #2 (sum): 12894 10 patchSG0005261.irix_dev_sw MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95 Filename: patchSG0005261.nfs_sw Algorithm #1 (sum -r): 31956 422 patchSG0005261.nfs_sw Algorithm #2 (sum): 11414 422 patchSG0005261.nfs_sw MD5 checksum: 12B70352F402174FFD6B033869D7E024 Filename: README.patch.5297 Algorithm #1 (sum -r): 48845 23 README.patch.5297 Algorithm #2 (sum): 32300 23 README.patch.5297 MD5 checksum: 2090A1E436E3F0E8DB64715AEB95818C Filename: patchSG0005297 Algorithm #1 (sum -r): 43330 9 patchSG0005297 Algorithm #2 (sum): 20967 9 patchSG0005297 MD5 checksum: 18F9918E3EF373AD85C64386AEC0D4E1 Filename: patchSG0005297.eoe_man Algorithm #1 (sum -r): 58730 28 patchSG0005297.eoe_man Algorithm #2 (sum): 53579 28 patchSG0005297.eoe_man MD5 checksum: C45CFA5847A4A277933B66E7BC75270B Filename: patchSG0005297.eoe_sw Algorithm #1 (sum -r): 19297 11239 patchSG0005297.eoe_sw Algorithm #2 (sum): 37563 11239 patchSG0005297.eoe_sw MD5 checksum: A4BDB4CA50EC789CBEF6E695776AFD62 Filename: patchSG0005297.idb Algorithm #1 (sum -r): 15626 25 patchSG0005297.idb Algorithm #2 (sum): 5136 25 patchSG0005297.idb MD5 checksum: B37753F599C603576842E1C250FC20C4 Filename: patchSG0005298 Algorithm #1 (sum -r): 06814 9 patchSG0005298 Algorithm #2 (sum): 48368 9 patchSG0005298 MD5 checksum: C707E122F202CCB1348D04859D0CF857 Filename: patchSG0005298.eoe_man Algorithm #1 (sum -r): 58730 28 patchSG0005298.eoe_man Algorithm #2 (sum): 53579 28 patchSG0005298.eoe_man MD5 checksum: C45CFA5847A4A277933B66E7BC75270B Filename: patchSG0005298.eoe_sw Algorithm #1 (sum -r): 56962 11439 patchSG0005298.eoe_sw Algorithm #2 (sum): 25923 11439 patchSG0005298.eoe_sw MD5 checksum: 2F30C016B2F1D630F0F0C319981E8D8B Filename: patchSG0005298.idb Algorithm #1 (sum -r): 22626 25 patchSG0005298.idb Algorithm #2 (sum): 5212 25 patchSG0005298.idb MD5 checksum: 64F1BB609FEDE5E5627F46E04B3F4F6C Filename: README.patch.5299 Algorithm #1 (sum -r): 41188 9 README.patch.5299 Algorithm #2 (sum): 16169 9 README.patch.5299 MD5 checksum: FBFE8A19BDDE01B495E057C8D7D83A16 Filename: patchSG0005299 Algorithm #1 (sum -r): 24857 3 patchSG0005299 Algorithm #2 (sum): 7486 3 patchSG0005299 MD5 checksum: 4FEDDE7DE982AF27EC67586043FF74E7 Filename: patchSG0005299.eoe_sw Algorithm #1 (sum -r): 38270 5940 patchSG0005299.eoe_sw Algorithm #2 (sum): 12579 5940 patchSG0005299.eoe_sw MD5 checksum: E667C1503149945361387176FDC6BB8E Filename: patchSG0005299.idb Algorithm #1 (sum -r): 57317 26 patchSG0005299.idb Algorithm #2 (sum): 7987 26 patchSG0005299.idb MD5 checksum: 344E65F22D98E89429810659D357EE7C Filename: patchSG0005299.nfs_sw Algorithm #1 (sum -r): 27292 4243 patchSG0005299.nfs_sw Algorithm #2 (sum): 58793 4243 patchSG0005299.nfs_sw MD5 checksum: 18CAF7A608FF6296B7A42B43C40CF8F8 Filename: README.patch.5300 Algorithm #1 (sum -r): 06846 9 README.patch.5300 Algorithm #2 (sum): 15937 9 README.patch.5300 MD5 checksum: 45D2022C2E6C5DEB75E1E75426885EC9 Filename: patchSG0005300 Algorithm #1 (sum -r): 40652 3 patchSG0005300 Algorithm #2 (sum): 8768 3 patchSG0005300 MD5 checksum: 3DF9A0C6897F90A75E33B84633D4FCF9 Filename: patchSG0005300.eoe_sw Algorithm #1 (sum -r): 42290 6009 patchSG0005300.eoe_sw Algorithm #2 (sum): 64689 6009 patchSG0005300.eoe_sw MD5 checksum: 3C03BA7FEA9E884E5342FC91C88AA0CA Filename: patchSG0005300.idb Algorithm #1 (sum -r): 32996 26 patchSG0005300.idb Algorithm #2 (sum): 6747 26 patchSG0005300.idb MD5 checksum: 2BB25A6121E2E300FF82EE976A26ED20 Filename: patchSG0005300.nfs_sw Algorithm #1 (sum -r): 08280 4336 patchSG0005300.nfs_sw Algorithm #2 (sum): 30132 4336 patchSG0005300.nfs_sw MD5 checksum: EC9DD6232C07823F730D54A38B4DC9D7 Filename: README.patch.5309 Algorithm #1 (sum -r): 11500 10 README.patch.5309 Algorithm #2 (sum): 742 10 README.patch.5309 MD5 checksum: 5164FD409D4C8B1326CFD67A64AF14B2 Filename: patchSG0005309 Algorithm #1 (sum -r): 07818 4 patchSG0005309 Algorithm #2 (sum): 60955 4 patchSG0005309 MD5 checksum: 29C3301F93CB738852F4BAE5554C12DD Filename: patchSG0005309.eoe_sw Algorithm #1 (sum -r): 52087 5971 patchSG0005309.eoe_sw Algorithm #2 (sum): 20255 5971 patchSG0005309.eoe_sw MD5 checksum: E72EBE5CEBDD39D817BA2DA18B0CD610 Filename: patchSG0005309.idb Algorithm #1 (sum -r): 63839 34 patchSG0005309.idb Algorithm #2 (sum): 52011 34 patchSG0005309.idb MD5 checksum: 78D51E7C53D4B26F62FB8B8EAFBAA445 Filename: patchSG0005309.irix_dev_sw Algorithm #1 (sum -r): 38535 10 patchSG0005309.irix_dev_sw Algorithm #2 (sum): 12894 10 patchSG0005309.irix_dev_sw MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95 Filename: patchSG0005309.nfs_sw Algorithm #1 (sum -r): 14652 5170 patchSG0005309.nfs_sw Algorithm #2 (sum): 41929 5170 patchSG0005309.nfs_sw MD5 checksum: B5FFC917B141C12B4B6B9E1E9A73FB61 Filename: README.patch.5310 Algorithm #1 (sum -r): 16402 10 README.patch.5310 Algorithm #2 (sum): 581 10 README.patch.5310 MD5 checksum: B3D5DAAE37BA3F8230C10F1BB9C157AE Filename: patchSG0005310 Algorithm #1 (sum -r): 32169 4 patchSG0005310 Algorithm #2 (sum): 11453 4 patchSG0005310 MD5 checksum: 4C155180E5AAB848D4257746CE8C5048 Filename: patchSG0005310.eoe_sw Algorithm #1 (sum -r): 43234 6044 patchSG0005310.eoe_sw Algorithm #2 (sum): 11695 6044 patchSG0005310.eoe_sw MD5 checksum: 752CAF5C030D0B8E3B803E689BCB06CB Filename: patchSG0005310.idb Algorithm #1 (sum -r): 15281 34 patchSG0005310.idb Algorithm #2 (sum): 14811 34 patchSG0005310.idb MD5 checksum: 71E057493CC5765D56D7A5861E92128B Filename: patchSG0005310.irix_dev_sw Algorithm #1 (sum -r): 38535 10 patchSG0005310.irix_dev_sw Algorithm #2 (sum): 12894 10 patchSG0005310.irix_dev_sw MD5 checksum: D53D8B75C2D7B3A3C925ADCFB35F8B95 Filename: patchSG0005310.nfs_sw Algorithm #1 (sum -r): 27775 5280 patchSG0005310.nfs_sw Algorithm #2 (sum): 35689 5280 patchSG0005310.nfs_sw MD5 checksum: 8F7105F9A5435A7ACFDCF86DBE41EF89 Filename: README.patch.5311 Algorithm #1 (sum -r): 19622 8 README.patch.5311 Algorithm #2 (sum): 25666 8 README.patch.5311 MD5 checksum: 078931C0D7F784B73FB18824C2198C54 Filename: patchSG0005311 Algorithm #1 (sum -r): 48525 2 patchSG0005311 Algorithm #2 (sum): 52212 2 patchSG0005311 MD5 checksum: 4C0E07A13937B4980DE914461FA67807 Filename: patchSG0005311.eoe_sw Algorithm #1 (sum -r): 01791 2100 patchSG0005311.eoe_sw Algorithm #2 (sum): 47098 2100 patchSG0005311.eoe_sw MD5 checksum: 62B1D0038E9DC46B049756F6A2A08418 Filename: patchSG0005311.idb Algorithm #1 (sum -r): 19509 7 patchSG0005311.idb Algorithm #2 (sum): 14158 7 patchSG0005311.idb MD5 checksum: 61E20566BCC33D33268A3860D4A03CD0 Filename: README.patch.5312 Algorithm #1 (sum -r): 52694 8 README.patch.5312 Algorithm #2 (sum): 25656 8 README.patch.5312 MD5 checksum: BE3EC49081DB0B38D43A02124E72EBD2 Filename: patchSG0005312 Algorithm #1 (sum -r): 53019 2 patchSG0005312 Algorithm #2 (sum): 53505 2 patchSG0005312 MD5 checksum: 1661EAD503FB30D030BA3248359C023C Filename: patchSG0005312.eoe_sw Algorithm #1 (sum -r): 26414 2163 patchSG0005312.eoe_sw Algorithm #2 (sum): 37755 2163 patchSG0005312.eoe_sw MD5 checksum: ACC64E74152BAE2844A5E5FA0CCA7A91 Filename: patchSG0005312.idb Algorithm #1 (sum -r): 19471 7 patchSG0005312.idb Algorithm #2 (sum): 14196 7 patchSG0005312.idb MD5 checksum: FBA8CB90ADC53FB0BAFBECD33899C93E - ------------- - --- Links --- - ------------- SGI Security Advisories can be found at: http://www.sgi.com/support/security/ and ftp://patches.sgi.com/support/free/security/advisories/ SGI Security Patches can be found at: http://www.sgi.com/support/security/ and ftp://patches.sgi.com/support/free/security/patches/ SGI patches for IRIX can be found at the following patch servers: http://support.sgi.com/ and ftp://patches.sgi.com/ SGI freeware updates for IRIX can be found at: http://freeware.sgi.com/ SGI patches and RPMs for Linux can be found at: http://support.sgi.com SGI patches for Windows NT or 2000 can be found at: http://support.sgi.com/ IRIX 5.2-6.4 Recommended/Required Patch Sets can be found at: http://support.sgi.com/ and ftp://patches.sgi.com/support/patchset/ IRIX 6.5 Maintenance Release Streams can be found at: http://support.sgi.com/ IRIX 6.5 Software Update CDs can be obtained from: http://support.sgi.com/ The primary SGI anonymous FTP site for security advisories and patches is patches.sgi.com. Security advisories and patches are located under the URL ftp://patches.sgi.com/support/free/security/ For security and patch management reasons, ftp.sgi.com (mirrors patches.sgi.com security FTP repository) lags behind and does not do a real-time update. - ----------------------------------------- - --- SGI Security Information/Contacts --- - ----------------------------------------- If there are questions about this document, email can be sent to security-info@sgi.com. ------oOo------ SGI provides security information and patches for use by the entire SGI community. This information is freely available to any person needing the information and is available via anonymous FTP and the Web. The primary SGI anonymous FTP site for security advisories and patches is patches.sgi.com. Security advisories and patches are located under the URL ftp://patches.sgi.com/support/free/security/ The SGI Security Headquarters Web page is accessible at the URL: http://www.sgi.com/support/security/ For issues with the patches on the FTP sites, email can be sent to security-info@sgi.com. For assistance obtaining or working with security patches, please contact your SGI support provider. ------oOo------ SGI provides a free security mailing list service called wiretap and encourages interested parties to self-subscribe to receive (via email) all SGI Security Advisories when they are released. Subscribing to the mailing list can be done via the Web (http://www.sgi.com/support/security/wiretap.html) or by sending email to SGI as outlined below. % mail wiretap-request@sgi.com subscribe wiretap end ^d In the example above, is the email address that you wish the mailing list information sent to. The word end must be on a separate line to indicate the end of the body of the message. The control-d (^d) is used to indicate to the mail program that you are finished composing the mail message. ------oOo------ SGI provides a comprehensive customer World Wide Web site. This site is located at http://www.sgi.com/support/security/ . ------oOo------ If there are general security questions on SGI systems, email can be sent to security-info@sgi.com. For reporting *NEW* SGI security issues, email can be sent to security-alert@sgi.com or contact your SGI support provider. A support contract is not required for submitting a security report. ______________________________________________________________________________ This information is provided freely to all interested parties and may be redistributed provided that it is not altered in any way, SGI is appropriately credited and the document retains and includes its valid PGP signature. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBP14QPLQ4cFApAP75AQEBwQP+Oltoqn5q+sioN2tAfeCLBK0yXqcWCtn9 2z3qSk+ecbJjAvjI2qL6BehfxDPUJaS3SmYXwhFuIzx7/+9Ur8bOFa2Z1MKFlPW1 0zkRGJf96AMmXUau3tLYOZjZxpuIx7hgBMDSFwDsM7bniSx42IdTB6DMdy3RiHYU Eqfi0gBVB4k= =vA7X -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html