Performance Copilot Problems
Impact
Vulnerabilities exist in the Performance Copilot package, as supplied as
part of IRIX 6.5. By default, IRIX will install the pmcd daemon, which is
installed in /usr/etc. By default, no ACL's are present to limit access to
this program. It listens on port 4321.
Background
Performance Copilot both exposes a large quantity of information, as well
as providing a simple denial of service. From the post to Bugtraq: %
pminfo -f -h sgi.victim.com filesys.mountdir lists all disks and their
mount points, for instance.
Resolution
Disable the pmcd daemon by de-activating it through the
chkconfig facility (i.e., /etc/chkconfig pmcd off) and then
rebooting the system.