Lucene search

K

182 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.34 views

CVE-1999-1410

addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.

6.2CVSS7.5AI score0.00375EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.34 views

CVE-1999-1485

nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.

6.4CVSS7AI score0.04852EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.34 views

CVE-1999-1492

Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges.

7.2CVSS7.2AI score0.00047EPSS
CVE
CVE
added 2000/10/20 4:0 a.m.34 views

CVE-2000-0733

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

10CVSS8AI score0.0561EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.34 views

CVE-2002-0042

Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.

2.1CVSS6.2AI score0.00144EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.34 views

CVE-2002-1787

Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors.

4.6CVSS7.9AI score0.00099EPSS
CVE
CVE
added 2003/11/03 5:0 a.m.34 views

CVE-2003-0683

NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions.

7.5CVSS6.6AI score0.00489EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.33 views

CVE-1999-1040

Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable.

7.2CVSS7.4AI score0.0005EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.33 views

CVE-1999-1232

Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program.

7.2CVSS7.9AI score0.00096EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.33 views

CVE-1999-1272

Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges.

7.2CVSS7.4AI score0.00049EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.33 views

CVE-1999-1409

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

2.1CVSS7.1AI score0.00306EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.33 views

CVE-1999-1494

colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.

2.1CVSS7.2AI score0.00343EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.33 views

CVE-2002-0173

Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

7.2CVSS6.9AI score0.0005EPSS
CVE
CVE
added 2003/08/27 4:0 a.m.33 views

CVE-2003-0679

Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.

2.1CVSS6.3AI score0.00112EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.32 views

CVE-1999-1120

netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.

4.6CVSS7.4AI score0.00373EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.32 views

CVE-1999-1399

spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.

7.2CVSS7.8AI score0.00123EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.32 views

CVE-2002-0038

Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.

5CVSS7AI score0.00911EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.32 views

CVE-2002-1516

rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack.

4.6CVSS6.9AI score0.00068EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.32 views

CVE-2002-1518

mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.

3.6CVSS6.8AI score0.00054EPSS
CVE
CVE
added 2005/09/21 8:3 p.m.32 views

CVE-2005-0138

rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE def...

7.5CVSS7AI score0.00489EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.31 views

CVE-1999-1039

Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.

7.2CVSS7.1AI score0.00046EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.31 views

CVE-1999-1461

inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.

7.2CVSS7.3AI score0.00375EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.31 views

CVE-2000-0799

inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.

3.7CVSS6.5AI score0.00182EPSS
CVE
CVE
added 2004/03/29 5:0 a.m.31 views

CVE-2003-0796

Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled.

7.5CVSS6.7AI score0.00741EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.30 views

CVE-1999-1384

Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.

7.2CVSS7.4AI score0.00212EPSS
CVE
CVE
added 2003/08/07 4:0 a.m.30 views

CVE-2003-0472

The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning.

5CVSS7AI score0.00928EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.29 views

CVE-1999-1022

serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

6.2CVSS7AI score0.0014EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.29 views

CVE-1999-1501

(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.

4.6CVSS7.7AI score0.00059EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.29 views

CVE-2002-0631

Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.

7.2CVSS6.8AI score0.00151EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.28 views

CVE-1999-1181

Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.

7.2CVSS7.3AI score0.0005EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.28 views

CVE-1999-1183

System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type.

7.6CVSS8.1AI score0.02124EPSS
CVE
CVE
added 2002/09/05 4:0 a.m.28 views

CVE-2002-0632

Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.

5CVSS6.5AI score0.00711EPSS
Total number of security vulnerabilities182