Irix Security Vulnerabilities and Issues — Page 3 of Irix CVE List

Lucene search

SgiIrix

182 matches found

CVE•added 2005/06/28 4:0 a.m.•42 views

CVE-2002-1786

SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.

2.1CVSS6.6AI score0.00069EPSS

CVE•added 2003/08/18 4:0 a.m.•42 views

CVE-2003-0572

Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption).

5CVSS6.6AI score0.00543EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0765

SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.

10CVSS6.4AI score0.01021EPSS

CVE•added 2002/03/09 5:0 a.m.•41 views

CVE-2000-0796

Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.

7.2CVSS7.3AI score0.00157EPSS

CVE•added 2004/09/01 4:0 a.m.•41 views

CVE-2001-0485

Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.

7.2CVSS7.3AI score0.00128EPSS

CVE•added 2002/06/25 4:0 a.m.•41 views

CVE-2002-0040

Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.

2.1CVSS6.5AI score0.00065EPSS

CVE•added 2005/01/10 5:0 a.m.•41 views

CVE-2004-0139

Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors.

10CVSS6.9AI score0.00432EPSS

CVE•added 2004/07/07 4:0 a.m.•41 views

CVE-2004-0483

Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests.

5CVSS7AI score0.01271EPSS

CVE•added 2005/05/10 4:0 a.m.•41 views

CVE-2004-2001

ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.

4.6CVSS7.1AI score0.0006EPSS

CVE•added 2005/05/02 4:0 a.m.•41 views

CVE-2005-0464

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

2.1CVSS6.5AI score0.00337EPSS

CVE•added 2001/09/12 4:0 a.m.•40 views

CVE-1999-1398

Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.

6.2CVSS7.1AI score0.0014EPSS

CVE•added 2001/12/06 5:0 a.m.•40 views

CVE-2001-0800

lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.

10CVSS7.7AI score0.78029EPSS

CVE•added 1999/09/29 4:0 a.m.•39 views

CVE-1999-0327

SGI syserr program allows local users to corrupt files.

2.1CVSS7.1AI score0.00116EPSS

CVE•added 1999/09/29 4:0 a.m.•39 views

CVE-1999-0413

A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.

7.2CVSS7.4AI score0.00063EPSS

CVE•added 2001/01/22 5:0 a.m.•39 views

CVE-2000-0283

The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon.

6.4CVSS6.4AI score0.00685EPSS

CVE•added 2004/09/01 4:0 a.m.•39 views

CVE-2000-0797

Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option.

7.2CVSS7.2AI score0.00157EPSS

CVE•added 2003/04/02 5:0 a.m.•39 views

CVE-2002-0356

Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.

7.2CVSS6.6AI score0.00151EPSS

CVE•added 2004/02/03 5:0 a.m.•39 views

CVE-2003-0175

SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.

2.1CVSS6.2AI score0.00097EPSS

CVE•added 2003/08/18 4:0 a.m.•39 views

CVE-2003-0177

SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.

4.6CVSS6.6AI score0.00069EPSS

CVE•added 2003/08/07 4:0 a.m.•39 views

CVE-2003-0473

Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications.

10CVSS6.9AI score0.00487EPSS

CVE•added 2002/03/09 5:0 a.m.•38 views

CVE-1999-1243

SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.

4.6CVSS7.4AI score0.00327EPSS

CVE•added 2000/07/12 4:0 a.m.•38 views

CVE-2000-0013

IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.

7.2CVSS7AI score0.00148EPSS

CVE•added 2002/06/25 4:0 a.m.•38 views

CVE-2000-1193

Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.

5CVSS6.6AI score0.04186EPSS

CVE•added 2005/05/10 4:0 a.m.•38 views

CVE-2004-1891

The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.

5CVSS7.1AI score0.00333EPSS

CVE•added 2001/09/12 4:0 a.m.•37 views

CVE-1999-1286

addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.

7.2CVSS7.4AI score0.00146EPSS

CVE•added 2001/09/12 4:0 a.m.•37 views

CVE-1999-1319

Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations.

10CVSS7.8AI score0.00702EPSS

CVE•added 2001/12/06 5:0 a.m.•37 views

CVE-2001-0799

Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

10CVSS8AI score0.02232EPSS

CVE•added 2002/03/09 5:0 a.m.•37 views

CVE-2001-0801

lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.

7.2CVSS7AI score0.0005EPSS

CVE•added 2003/08/18 4:0 a.m.•37 views

CVE-2003-0176

The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan.

5CVSS6.8AI score0.00655EPSS

CVE•added 2005/05/02 4:0 a.m.•37 views

CVE-2005-0465

gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.

2.1CVSS6.4AI score0.00237EPSS

CVE•added 2002/03/09 5:0 a.m.•36 views

CVE-1999-1131

Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.

5CVSS7.6AI score0.00511EPSS

CVE•added 2001/09/12 4:0 a.m.•36 views

CVE-1999-1219

Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.

7.2CVSS7.4AI score0.00212EPSS

CVE•added 2000/10/13 4:0 a.m.•36 views

CVE-2000-0579

IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.

3.7CVSS6.7AI score0.00084EPSS

CVE•added 2000/10/20 4:0 a.m.•36 views

CVE-2000-0798

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

10CVSS6.8AI score0.01165EPSS

CVE•added 2002/04/22 4:0 a.m.•36 views

CVE-2002-0041

Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.

5CVSS7AI score0.01099EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0172

/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).

2.1CVSS6.4AI score0.00223EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0355

netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.

2.1CVSS6.2AI score0.00157EPSS

CVE•added 2005/08/05 4:0 a.m.•36 views

CVE-2002-2093

The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.

2.1CVSS6.9AI score0.00078EPSS

CVE•added 2000/01/04 5:0 a.m.•35 views

CVE-1999-0960

IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.

7.2CVSS7.2AI score0.00148EPSS

CVE•added 2002/03/09 5:0 a.m.•35 views

CVE-1999-1143

Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.

7.2CVSS7.3AI score0.0005EPSS

CVE•added 2001/09/12 4:0 a.m.•35 views

CVE-1999-1401

Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook).

4.6CVSS7.4AI score0.00058EPSS

CVE•added 2002/03/09 5:0 a.m.•35 views

CVE-2000-0795

Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.

7.2CVSS7.2AI score0.00197EPSS

CVE•added 2003/04/02 5:0 a.m.•35 views

CVE-2002-0174

nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.

7.2CVSS6.6AI score0.00151EPSS

CVE•added 2004/09/01 4:0 a.m.•35 views

CVE-2002-1419

The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.

7.5CVSS6.9AI score0.00527EPSS

CVE•added 2004/09/01 4:0 a.m.•35 views

CVE-2002-1517

fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file.

4.6CVSS6.7AI score0.00077EPSS

CVE•added 2003/05/12 4:0 a.m.•35 views

CVE-2003-0174

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

9.8CVSS6.5AI score0.00363EPSS

CVE•added 2003/08/27 4:0 a.m.•35 views

CVE-2003-0575

Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.

10CVSS7.4AI score0.03453EPSS

CVE•added 2003/10/06 4:0 a.m.•35 views

CVE-2003-0680

Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.

7.5CVSS7AI score0.00489EPSS

CVE•added 2001/09/12 4:0 a.m.•34 views

CVE-1999-1067

SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.

5CVSS7.2AI score0.00559EPSS

CVE•added 2002/03/09 5:0 a.m.•34 views

CVE-1999-1114

Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.

7.2CVSS7.7AI score0.00228EPSS

Total number of security vulnerabilities182