IRIX nsd server and modules mishandle AUTH_UNIX gid list

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : IRIX nsd server and modules mishandle AUTHUNIX gid list Number : 20030704-01-P Date : July 29, 2003 Reference : CVE CAN-2003-0575 Reference : SGI BUG 873591 Fixed in : IRIX 6.5.22 or patches 5189-5197 SGI provides this information...

WorldView vulnerability on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: WorldView vulnerability Number: 20000803-01-P Date: August 21, 2002 Reference: SGI Security Advisory 20000803-01-A Reference: CVE CAN-2000-0704 - ----------------------- - --- Issue Specifics --- - ----------------------- This bullet...

SGI IRIX rpc.xfsmd does not filter shell metacharacters from user input before invoking popen() function

Overview The XFS journaling filesystem daemon uses a call to popen3 with unfiltered client-controlled input. This will lead to arbitrary command execution on remote systems. Description XFS is a 64-bit compliant journaling file system. The XFS journaling filesystem daemon xfsmd on SGI systems use...

IRIX netstat vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: netstat vulnerability Number: 20020503-01-I Date: May 7, 2002 Reference: CAN-2002-0355 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that /usr/etc/netstat allows detection of whether...

IRIX cpr vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX cpr vulnerability Number: 20020409-01-I Date: April 30, 2002 Reference: CAN-2002-0173 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that there is a potential buffer overflow...

IRIX Xlib vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: Xlib vulnerability Number: 20020502-01-I Date: May 1, 2002 Reference: CAN-2000-0976 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported on BugTraq that programs that are setuid and linked...

IRIX syslogd vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX syslogd vulnerability Number: 20020405-01-I Date: April 24, 2002 Reference: CAN-1999-0171 Reference: CVE-1999-0566 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that under certa...

SGI systems may execute commands embedded in mail messages

Overview Some SGI systems produced circa 1998 allowed an intruder to send mail that would execute commands when the reader opened the message. Description On some SGI systems, Netscape is bundled with IRIX 6.3 and 6.4 and is used as the default web browser and mail reader. On these systems, the...

CVE-2000-0893

The presence of the Distributed GL Daemon dgld service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system...

Vulnerability in infosrch.cgi

SGI Security Advisory Title: Vulnerability in infosrch.cgi Number: 20000501-01-P Date: May 22, 2000 SGI provides this information freely to the SGI user community for its consideration, interpretation, implementation and use. SGI recommends that this information be acted upon as soon as possible...