| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files. |
| Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. |
| Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. |
| ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. |
| The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin. |
| The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning. |
| NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions. |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. |
| spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed. |
| inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges. |
| rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack. |
| fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file. |
| Delete or create a file via rpc.statd, due to invalid information. |
| root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
| root privileges via buffer overflow in pset command on SGI IRIX systems. |
| Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. |
| Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges. |
