Irix Security Vulnerabilities

CVE-1999-1286

addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary...

CVE-1999-1410

addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary...

CVE-1999-1398

Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink...

CVE-1999-1461

inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession...

CVE-1999-1067

SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering...

CVE-1999-0039

webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc...

CVE-1999-1116

Vulnerability in runpriv in Indigo Magic System Administration subsystem of SGI IRIX 6.3 and 6.4 allows local users to gain root...

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root...

CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as...

CVE-1999-0149

The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot)...

CVE-1999-0959

IRIX startmidi program allows local users to modify arbitrary files via a symlink...

CVE-1999-0049

Csetup under IRIX allows arbitrary file creation or...

CVE-1999-0051

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in...

CVE-1999-1120

netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain...

CVE-1999-1401

Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and...

CVE-1999-0044

fsdump command in IRIX allows local users to obtain root access by modifying sensitive...

CVE-1999-1384

Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour...

CVE-1999-0032

Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line...

CVE-1999-0234

Bash treats any character with a value of 255 as a command...

CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr()...

CVE-1999-0019

Delete or create a file via rpc.statd, due to invalid...

CVE-1999-0078

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC...

CVE-1999-1319

Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain...

CVE-1999-0208

rpc.ypupdated (NIS) allows remote users to execute arbitrary...

CVE-1999-0241

Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through...

CVE-1999-0073

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root...

CVE-1999-1243

SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain...

CVE-1999-1022

serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls...

CVE-1999-1219

Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin...

CVE-1999-1494

colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text...

CVE-1999-1468

rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator)...

CVE-1999-1554

/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other...