CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SGI » Irix » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0679 2003-08-27 2008-09-10
2.1
None Local Low Not required None Partial None
Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.
2 CVE-2001-0801 +Priv 2001-12-06 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.
3 CVE-2001-0800 Exec Code 2001-12-06 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
4 CVE-2001-0799 Exec Code Overflow 2001-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.
5 CVE-2001-0796 DoS 2001-12-06 2017-10-10
5.0
None Remote Low Not required None None Partial
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.
6 CVE-2001-0331 Exec Code Overflow 2001-06-27 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.
7 CVE-2000-0893 2001-02-16 2008-09-05
5.0
None Remote Low Not required Partial None None
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.
8 CVE-1999-1384 Exec Code +Priv 1996-10-30 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
9 CVE-1999-1319 +Priv 1996-01-03 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations.
10 CVE-1999-1286 1997-05-09 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.
11 CVE-1999-1243 +Priv 1995-03-03 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.
12 CVE-1999-1214 255 DoS 1997-09-15 2017-10-10
2.1
None Local Low Not required None None Partial
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
13 CVE-1999-1181 +Priv 1998-09-29 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
14 CVE-1999-1143 +Priv 1997-05-28 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.
15 CVE-1999-1120 +Priv 1997-01-04 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.
16 CVE-1999-1102 1999-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
17 CVE-1999-0461 1999-01-28 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
18 CVE-1999-0241 Exec Code 1995-11-01 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
19 CVE-1999-0195 DoS 1997-07-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
20 CVE-1999-0108 Overflow 1998-05-01 2018-05-03
7.2
None Local Low Not required Complete Complete Complete
The printers program in IRIX has a buffer overflow that gives root access to local users.
21 CVE-1999-0083 1997-06-11 2008-09-09
5.0
None Remote Low Not required Partial None None
getcwd() file descriptor leak in FTP.
22 CVE-1999-0035 1997-05-29 2008-09-09
5.1
None Remote High Not required Partial Partial Partial
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
23 CVE-1999-0033 Exec Code Overflow 1997-06-12 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Command execution in Sun systems via buffer overflow in the at program.
24 CVE-1999-0030 Overflow 1997-07-16 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
root privileges via buffer overflow in xlock command on SGI IRIX systems.
25 CVE-1999-0029 Overflow 1997-07-16 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
root privileges via buffer overflow in ordist command on SGI IRIX systems.
26 CVE-1999-0028 Overflow 1997-07-16 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.
27 CVE-1999-0027 119 Overflow 1997-07-16 2009-02-25
7.2
None Local Low Not required Complete Complete Complete
root privileges via buffer overflow in eject command on SGI IRIX systems.
28 CVE-1999-0026 Overflow 1997-07-16 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
root privileges via buffer overflow in pset command on SGI IRIX systems.
29 CVE-1999-0025 Overflow 1997-07-16 2018-05-03
7.2
None Local Low Not required Complete Complete Complete
root privileges via buffer overflow in df command on SGI IRIX systems.
Total number of vulnerabilities : 29   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.