CVE-1999-0026
Description
A buffer overflow in the pset command on SGI IRIX systems allows local users to execute arbitrary code as root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overflow in the pset command on SGI IRIX systems allows local users to execute arbitrary code as root.
Vulnerability
The pset utility, as shipped with SGI IRIX versions 5.x and 6.x through 6.3, contains a buffer overflow vulnerability. This vulnerability exists in the argument parsing of the pset command. Affected versions include IRIX 5.x and 6.x up to and including 6.3 [1].
Exploitation
An unauthenticated local user can exploit this vulnerability by supplying a crafted, overly long string as an argument to the pset command. This input overwrites the return address on the stack, enabling the attacker to redirect execution flow to arbitrary code, which is then executed with root privileges [1].
Impact
Successful exploitation of this vulnerability allows any user on the system to execute arbitrary code with the privileges of the root user. This can lead to a complete compromise of the affected system [1].
Mitigation
Patched versions of SGI IRIX are not specified in the available references. Users are advised to upgrade to a non-vulnerable version if available. No specific workarounds or EOL status are disclosed in the provided references [1].
AI Insight generated on Jun 1, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1News mentions
0No linked articles in our index yet.