Irix Security Vulnerabilities and Issues — Irix CVE List

Lucene search

SgiIrix

22 matches found

CVE•added 2000/02/04 5:0 a.m.•449 views

CVE-1999-0524

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

2.1CVSS6.5AI score0.00702EPSS

CVE•added 2004/08/06 4:0 a.m.•58 views

CVE-2004-0136

The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."

2.1CVSS6AI score0.0007EPSS

CVE•added 2002/03/09 5:0 a.m.•54 views

CVE-1999-1102

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.

2.1CVSS6.8AI score0.00121EPSS

CVE•added 2003/04/02 5:0 a.m.•49 views

CVE-2002-0875

Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.

2.1CVSS6.2AI score0.01068EPSS

CVE•added 2005/06/28 4:0 a.m.•46 views

CVE-2002-1791

SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.

2.1CVSS6.8AI score0.00109EPSS

CVE•added 2004/08/06 4:0 a.m.•46 views

CVE-2004-0137

Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."

2.1CVSS6.3AI score0.0007EPSS

CVE•added 2002/03/09 5:0 a.m.•44 views

CVE-1999-1214

The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.

2.1CVSS7.1AI score0.00081EPSS

CVE•added 2003/04/02 5:0 a.m.•44 views

CVE-2002-0213

xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.

2.1CVSS6.3AI score0.00102EPSS

CVE•added 2001/09/12 4:0 a.m.•43 views

CVE-1999-1554

/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.

2.1CVSS7AI score0.00902EPSS

CVE•added 2005/06/28 4:0 a.m.•42 views

CVE-2002-1786

SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.

2.1CVSS6.6AI score0.00144EPSS

CVE•added 2002/06/25 4:0 a.m.•41 views

CVE-2002-0040

Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.

2.1CVSS6.5AI score0.00065EPSS

CVE•added 2005/05/02 4:0 a.m.•41 views

CVE-2005-0464

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

2.1CVSS6.5AI score0.00337EPSS

CVE•added 1999/09/29 4:0 a.m.•39 views

CVE-1999-0327

SGI syserr program allows local users to corrupt files.

2.1CVSS7.1AI score0.00116EPSS

CVE•added 2004/02/03 5:0 a.m.•39 views

CVE-2003-0175

SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.

2.1CVSS6.2AI score0.00097EPSS

CVE•added 2005/05/02 4:0 a.m.•37 views

CVE-2005-0465

gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.

2.1CVSS6.4AI score0.00237EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0172

/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).

2.1CVSS6.4AI score0.00223EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0355

netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.

2.1CVSS6.2AI score0.00157EPSS

CVE•added 2005/08/05 4:0 a.m.•36 views

CVE-2002-2093

The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.

2.1CVSS6.9AI score0.00078EPSS

CVE•added 2003/04/02 5:0 a.m.•34 views

CVE-2002-0042

Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.

2.1CVSS6.2AI score0.00144EPSS

CVE•added 2002/03/09 5:0 a.m.•33 views

CVE-1999-1409

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

2.1CVSS7.1AI score0.00306EPSS

CVE•added 2002/03/09 5:0 a.m.•33 views

CVE-1999-1494

colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.

2.1CVSS7.2AI score0.00343EPSS

CVE•added 2003/08/27 4:0 a.m.•33 views

CVE-2003-0679

Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.

2.1CVSS6.3AI score0.00112EPSS