Lucene search

[email protected]CVE-2005-0464

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0464

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0464

sgi irix

privilege escalation

local file access

debug mode

6.6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

CPENameOperatorVersion
sgi:irixsgi irixeq6.5.22

CPE	Name	Operator	Version
sgi:irix	sgi irix	eq	6.5.22

References

ftp://patches.sgi.com/support/free/security/advisories/20050402-01-P

secunia.com/advisories/14875

securitytracker.com/id?1013662

www.idefense.com/application/poi/display?id=226&type=vulnerabilities

www.osvdb.org/15351

6.6 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2005-0464

securityvulns1