VULHUB ™

A vulnerability exists in the ioconfig program, as shipping with IRIX 6.4 S2MP from Silicon Graphics, Inc. This program is only available on Irix 6.4 for the Origin/Onyx2. Other machines running IRIX are not vulnerable. This vulnerability will allow a local user to obtain root priveledges. The ioconfig program will make calls to the system() call without setting the path to be used; this allows an attacker to alter their path to cause ioconfig to execute arbitrary programs.

A vulnerability exists in the ioconfig program, as shipping with IRIX 6.4 S2MP from Silicon Graphics, Inc. This program is only available on Irix 6.4 for the Origin/Onyx2. Other machines running IRIX are not vulnerable. This vulnerability will allow a local user to obtain root priveledges. The ioconfig program will make calls to the system() call without setting the path to be used; this allows an attacker to alter their path to cause ioconfig to execute arbitrary programs.