| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error. |
| runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin. |
| Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. |
| IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. |
| SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. |
| IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. |
| System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type. |
| The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. |
| Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook). |
| The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. |
| inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program. |
| rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. |
| The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan. |
| Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| root privileges via buffer overflow in eject command on SGI IRIX systems. |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| Command execution in Sun systems via buffer overflow in the at program. |
