VULHUB ™

Vulnerabilities exist in the Performance Copilot package, as supplied as part of IRIX 6.5. By default, IRIX will install the pmcd daemon, which is installed in /usr/etc. By default, no ACL's are present to limit access to this program. It listens on port 4321. Performance Copilot exposes a large quantity of information. From the post to Bugtraq: % pminfo -f -h sgi.victim.com filesys.mountdir lists all disks and their mount points, for instance. % pmem -h sgi.victim.com will return something looking much like a ps -efl: all processes with their owners and long argument lists. This BID entry formerly contained information about a denial of service vulnerability. This information has been moved to BID 4642.

Vulnerabilities exist in the Performance Copilot package, as supplied as part of IRIX 6.5. By default, IRIX will install the pmcd daemon, which is installed in /usr/etc. By default, no ACL's are present to limit access to this program. It listens on port 4321. Performance Copilot exposes a large quantity of information. From the post to Bugtraq: % pminfo -f -h sgi.victim.com filesys.mountdir lists all disks and their mount points, for instance. % pmem -h sgi.victim.com will return something looking much like a ps -efl: all processes with their owners and long argument lists. This BID entry formerly contained information about a denial of service vulnerability. This information has been moved to BID 4642.