[4416] in bugtraq
Re: SGI Security Advisory 19970501-01-A - Vulnerability in
daemon@ATHENA.MIT.EDU (Kari E. Hurtta)
Wed May 7 15:09:10 1997
Date: Wed, 7 May 1997 09:02:54 +0300
Reply-To: "Kari E. Hurtta" <Kari.Hurtta@OZONE.FMI.FI>
From: "Kari E. Hurtta" <Kari.Hurtta@OZONE.FMI.FI>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <9705061417.ZM10812@boytoy.csd.sgi.com> from SGI Security
Coordinator at "May 6, 97 02:17:31 pm"
SGI Security Coordinator:
> Silicon Graphics Inc. acknowledges the webdist.cgi security vulnerability
> reported by the CERT Coordination Center in their advisory CA-97:12.
I don't have seen that CERT report yet, but I suppose that this is
f 27567 4430 outbox.sw.webdist var/www/cgi-bin/webdist.cgi
on O2.
I asked some month about these *.sysadm and *.webdist susbsystems in
comp.os.sgi.* -groups, but nobody commented.
Is anybody looked these *.sysadm subsystems closer.
It looks quite suspicious:
oxygen 2% showfiles outbox | grep cgi-bin
f 37853 1197 outbox.sw.outbox var/www/cgi-bin/MachineInfo
f 35963 2434 outbox.sw.outbox var/www/cgi-bin/handler
f 59162 37700 outbox.sw.outbox var/www/cgi-bin/machine-cgi
f 51763 37700 outbox.sw.outbox var/www/cgi-bin/outbox-cgi
f 21944 703 outbox.sw.outbox var/www/cgi-bin/sgi-camera/snap
f 27567 4430 outbox.sw.webdist var/www/cgi-bin/webdist.cgi
f 18006 3040 outbox.sw.webdist var/www/cgi-bin/webdist.install.cgi
f 52607 20808 outbox.sw.outbox var/www/cgi-bin/wrap
oxygen 3% showfiles sysadmdesktop | grep cgi-bin
f 57427 6301 sysadmdesktop.sw.sysadm var/www/cgi-bin/DtConfAllDone.cgi
f 1454 14634 sysadmdesktop.sw.sysadm var/www/cgi-bin/QuitSysSetup.cgi
f 32731 7591 sysadmdesktop.sw.sysadm var/www/cgi-bin/SysSetWrapper.cgi
f 41666 3828 sysadmdesktop.sw.sysadm var/www/cgi-bin/checkProc.cgi
f 37959 54084 sysadmdesktop.sw.sysadm var/www/cgi-bin/ghinv/ghinvMain
f 51601 33604 sysadmdesktop.sw.sysadm var/www/cgi-bin/ghinv/memdetail
f 35099 22207 sysadmdesktop.sw.sysadm var/www/cgi-bin/wwwActions.cgi
f 7396 14511 sysadmdesktop.sw.sysadm var/www/cgi-bin/wwwDone.cgi
oxygen 4%
(Yes. I have disabeld access to these in
/usr/ns-home/httpd-oxygen/config/obj.conf
)
/ Kari Hurtta
