[原文]Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
Performance Co-Pilot (PCP) is a set of services to support system-level performance monitoring developed by SGI. It has traditionally been an IRIX product, however SGI has made it open source and it is now available for Linux systems.
A vulnerability exists in some versions of the PCP daemon. It is possible to cause a denial of service condition by sending the daemon a large string of arbitrary data.
% perl -e 'print " a" x 92834244,"\n";'' | telnet sgi.victim.com 4321
The /usr/etc/pmcd daemon contains a flaw that may allow a remote denial of service. The issue is triggered when certain unknown parameters are sent to it.
This will make it grow in size and consume all system memory and will result in loss of availability for the system.
Upgrade IRIX to version 6.5.11 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): Uninstall the Performance Co-Pilot software, by issuing the following command: "versions remove pcp_eoe".