Irix Security Vulnerabilities and Issues — Irix CVE List

Lucene search

SgiIrix

182 matches found

CVE•added 2002/03/09 5:0 a.m.•6366 views

CVE-2001-0554

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

10CVSS7.4AI score0.27436EPSS

CVE•added 2000/02/04 5:0 a.m.•447 views

CVE-1999-0524

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

2.1CVSS6.5AI score0.00475EPSS

CVE•added 1999/09/29 4:0 a.m.•162 views

CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as root.

8.4CVSS7.9AI score0.00114EPSS

CVE•added 2002/06/25 4:0 a.m.•153 views

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

10CVSS7.4AI score0.88625EPSS

CVE•added 1999/09/29 4:0 a.m.•113 views

CVE-1999-0003

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

10CVSS7.5AI score0.90339EPSS

CVE•added 1999/09/29 4:0 a.m.•104 views

CVE-1999-0028

root privileges via buffer overflow in login/scheme command on SGI IRIX systems.

7.2CVSS7.4AI score0.00075EPSS

CVE•added 2003/10/06 4:0 a.m.•92 views

CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

10CVSS7.7AI score0.7608EPSS

CVE•added 2003/03/25 5:0 a.m.•89 views

CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a differ...

7.5CVSS9.8AI score0.56051EPSS

CVE•added 2001/01/22 5:0 a.m.•86 views

CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

10CVSS7.7AI score0.00891EPSS

CVE•added 2004/09/01 4:0 a.m.•84 views

CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5CVSS8AI score0.42484EPSS

CVE•added 2002/07/03 4:0 a.m.•80 views

CVE-2002-0652

xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().

7.5CVSS8.2AI score0.06841EPSS

CVE•added 2005/11/16 9:17 p.m.•79 views

CVE-2002-2185

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from ...

4.9CVSS4.5AI score0.00377EPSS

CVE•added 1999/09/29 4:0 a.m.•77 views

CVE-1999-0009

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

10CVSS7.3AI score0.8048EPSS

CVE•added 1999/09/29 4:0 a.m.•77 views

CVE-1999-0019

Delete or create a file via rpc.statd, due to invalid information.

5CVSS7.3AI score0.01078EPSS

CVE•added 2002/03/30 5:0 a.m.•76 views

CVE-2002-0039

rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.

5CVSS6.8AI score0.00655EPSS

CVE•added 1999/09/29 4:0 a.m.•74 views

CVE-1999-0018

Buffer overflow in statd allows root privileges.

10CVSS7.7AI score0.10302EPSS

CVE•added 1999/09/29 4:0 a.m.•72 views

CVE-1999-0039

webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.

7.5CVSS7.9AI score0.32132EPSS

CVE•added 2002/07/23 4:0 a.m.•68 views

CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

7.5CVSS6.8AI score0.19026EPSS

CVE•added 2000/02/04 5:0 a.m.•67 views

CVE-1999-0078

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.

1.9CVSS7.3AI score0.00139EPSS

CVE•added 2000/01/18 5:0 a.m.•66 views

CVE-1999-0270

Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.

5CVSS9.3AI score0.01531EPSS

CVE•added 2004/09/01 4:0 a.m.•64 views

CVE-2002-1265

The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).

5CVSS6.2AI score0.02369EPSS

CVE•added 1999/09/29 4:0 a.m.•63 views

CVE-1999-0025

root privileges via buffer overflow in df command on SGI IRIX systems.

7.2CVSS7.5AI score0.0144EPSS

CVE•added 1999/09/29 4:0 a.m.•62 views

CVE-1999-0208

rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.

10CVSS7.1AI score0.60187EPSS

CVE•added 1999/09/29 4:0 a.m.•61 views

CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

7.8CVSS7.4AI score0.00254EPSS

CVE•added 1999/09/29 4:0 a.m.•61 views

CVE-1999-0149

The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.

7.5CVSS7AI score0.0371EPSS

CVE•added 2003/04/02 5:0 a.m.•61 views

CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

7.2CVSS6.2AI score0.0043EPSS

CVE•added 1999/09/29 4:0 a.m.•59 views

CVE-1999-0029

root privileges via buffer overflow in ordist command on SGI IRIX systems.

8.4CVSS8.1AI score0.0038EPSS

CVE•added 1999/09/29 4:0 a.m.•58 views

CVE-1999-0026

root privileges via buffer overflow in pset command on SGI IRIX systems.

4.6CVSS8.1AI score0.00502EPSS

CVE•added 1999/09/29 4:0 a.m.•58 views

CVE-1999-0059

IRIX fam service allows an attacker to obtain a list of all files on the server.

7.3CVSS7.2AI score0.00721EPSS

CVE•added 2004/09/01 4:0 a.m.•58 views

CVE-2002-1318

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.

10CVSS7.9AI score0.73412EPSS

CVE•added 2004/08/06 4:0 a.m.•58 views

CVE-2004-0136

The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."

2.1CVSS6AI score0.0007EPSS

CVE•added 1999/09/29 4:0 a.m.•57 views

CVE-1999-0125

Buffer overflow in SGI IRIX mailx program.

4.6CVSS7.7AI score0.00634EPSS

CVE•added 2001/06/18 4:0 a.m.•57 views

CVE-2001-0247

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

10CVSS7.7AI score0.3517EPSS

CVE•added 2005/10/12 1:4 p.m.•57 views

CVE-2005-2925

runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.

7.2CVSS7.3AI score0.00199EPSS

CVE•added 1999/09/29 4:0 a.m.•56 views

CVE-1999-0234

Bash treats any character with a value of 255 as a command separator.

4.6CVSS7.5AI score0.00082EPSS

CVE•added 2000/04/10 4:0 a.m.•56 views

CVE-2000-0207

SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters.

7.5CVSS7.3AI score0.05383EPSS

CVE•added 2005/04/21 4:0 a.m.•56 views

CVE-2000-1221

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modi...

10CVSS6.7AI score0.1218EPSS

CVE•added 1999/09/29 4:0 a.m.•55 views

CVE-1999-0027

root privileges via buffer overflow in eject command on SGI IRIX systems.

7.2CVSS8.1AI score0.00455EPSS

CVE•added 2000/02/04 5:0 a.m.•54 views

CVE-1999-0241

Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.

10CVSS7.9AI score0.05132EPSS

CVE•added 2002/03/09 5:0 a.m.•54 views

CVE-1999-1102

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.

2.1CVSS6.8AI score0.00121EPSS

CVE•added 2004/09/01 4:0 a.m.•54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS

CVE•added 2003/08/18 4:0 a.m.•54 views

CVE-2003-0574

Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028.

7.2CVSS6.4AI score0.88625EPSS

CVE•added 2004/09/01 4:0 a.m.•53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS

CVE•added 2007/09/18 7:17 p.m.•53 views

CVE-2007-4938

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry ...

7.6CVSS8.1AI score0.09501EPSS

CVE•added 1999/09/29 4:0 a.m.•52 views

CVE-1999-0035

Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.

5.1CVSS7.5AI score0.00545EPSS

CVE•added 1999/09/29 4:0 a.m.•52 views

CVE-1999-0148

The handler CGI program in IRIX allows arbitrary command execution.

7.5CVSS7.1AI score0.06952EPSS

CVE•added 2001/09/18 4:0 a.m.•51 views

CVE-2001-0331

Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.

7.5CVSS7.7AI score0.01026EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0044

fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.

7.2CVSS7AI score0.00093EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0073

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.

10CVSS7.7AI score0.00259EPSS

CVE•added 2001/06/18 4:0 a.m.•50 views

CVE-2001-0249

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

10CVSS10AI score0.03991EPSS

Total number of security vulnerabilities182