SGI IRIX 5.2

gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.

Published: 2005-04-08T04:00:00.000Z
Updated: 2024-08-07T21:13:54.397Z

The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.

Published: 2004-06-23T04:00:00.000Z
Updated: 2024-08-08T00:10:03.429Z

cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.

Published: 2004-06-03T04:00:00.000Z
Updated: 2024-08-08T00:10:03.866Z

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Published: 2004-09-01T04:00:00.000Z
Updated: 2024-08-08T01:43:35.189Z

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

Published: 2003-04-02T05:00:00.000Z
Updated: 2024-08-08T02:56:38.696Z

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

Published: 2002-07-12T04:00:00.000Z
Updated: 2024-08-08T02:56:39.133Z

Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

Published: 2003-04-02T05:00:00.000Z
Updated: 2024-08-08T02:42:28.107Z

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

Published: 2000-10-13T04:00:00.000Z
Updated: 2024-08-08T05:28:41.479Z

Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts.

Published: 2000-06-02T04:00:00.000Z
Updated: 2024-08-08T05:14:20.498Z

colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.

Published: 2002-03-09T05:00:00.000Z
Updated: 2024-08-01T17:18:07.517Z

addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.

Published: 2001-09-12T04:00:00.000Z
Updated: 2024-08-01T17:11:03.266Z

Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook).

Published: 2001-09-12T04:00:00.000Z
Updated: 2024-08-01T17:11:03.347Z

Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.

Published: 2001-09-12T04:00:00.000Z
Updated: 2024-08-01T17:11:03.258Z

Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.

Published: 2002-03-09T05:00:00.000Z
Updated: 2024-08-01T17:11:03.217Z

Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations.

Published: 2001-09-12T04:00:00.000Z
Updated: 2024-08-01T17:11:01.787Z

SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.

Published: 2002-03-09T05:00:00.000Z
Updated: 2024-08-01T17:02:53.862Z

Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.

Published: 2001-09-12T04:00:00.000Z
Updated: 2024-08-01T17:02:53.915Z

Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.

Published: 2002-03-09T05:00:00.000Z
Updated: 2024-08-01T17:02:53.745Z

serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

Published: 2001-09-12T04:00:00.000Z
Updated: 2024-08-01T16:55:29.394Z

SGI mediad program allows local users to gain root access.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:34:51.838Z

SGI permissions program allows local users to gain root privileges.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:34:51.857Z

rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:34:50.915Z

Buffer overflow in SGI IRIX mailx program.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:27:57.706Z

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.

Published: 1999-09-29T08:00:00.000Z
Updated: 2026-03-08T09:06:54.428Z

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:27:57.441Z

fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:27:57.595Z

webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-09-12T14:37:05.701Z

Buffer overflow in xlock program allows local users to execute commands as root.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-09-12T14:37:48.860Z

IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-10-29T14:07:28.583Z

Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:27:57.133Z

root privileges via buffer overflow in ordist command on SGI IRIX systems.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-10-29T14:07:56.381Z

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-10-29T14:08:24.263Z

Buffer overflow in statd allows root privileges.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:27:56.714Z

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:27:56.971Z

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

Published: 1999-09-29T04:00:00.000Z
Updated: 2024-08-01T16:11:38.579Z