| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| Command execution in Sun systems via buffer overflow in the at program. |
| IRIX fam service allows an attacker to obtain a list of all files on the server. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| getcwd() file descriptor leak in FTP. |
| mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| root privileges via buffer overflow in ordist command on SGI IRIX systems. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |
| SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. |
| The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. |
| The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference. |
| Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. |
| OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. |
| Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. |
| Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. |
