Performance Copilot Problems


Vulnerabilities exist in the Performance Copilot package, as supplied as part of IRIX 6.5. By default, IRIX will install the pmcd daemon, which is installed in /usr/etc. By default, no ACL's are present to limit access to this program. It listens on port 4321.


Performance Copilot both exposes a large quantity of information, as well as providing a simple denial of service. From the post to Bugtraq: % pminfo -f -h filesys.mountdir lists all disks and their mount points, for instance.


Disable the pmcd daemon by de-activating it through the chkconfig facility (i.e., /etc/chkconfig pmcd off) and then rebooting the system.