Irix
by Sgi
CVEs (185)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-4938 | 0.04 | — | 0.16 | Sep 18, 2007 | Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a… | |||
| CVE-2002-0652 | 0.04 | — | 0.09 | Jul 3, 2002 | xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs(). | |||
| CVE-2000-0844 | 0.04 | — | 0.15 | Nov 14, 2000 | Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||
| CVE-2000-0733 | 0.04 | — | 0.12 | Oct 20, 2000 | Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. | |||
| CVE-2000-0245 | 0.04 | — | 0.12 | Mar 27, 2000 | Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. | |||
| CVE-2000-0207 | 0.04 | — | 0.08 | Mar 1, 2000 | SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters. | |||
| CVE-2000-1220 | 0.04 | — | 0.14 | Jan 8, 2000 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. | |||
| CVE-2000-1221 | 0.04 | — | 0.17 | Jan 8, 2000 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended… | |||
| CVE-1999-0009 | 0.04 | — | 0.29 | Apr 8, 1998 | Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||
| CVE-1999-0018 | 0.04 | — | 0.10 | Dec 5, 1997 | Buffer overflow in statd allows root privileges. | |||
| CVE-1999-0148 | 0.04 | — | 0.10 | Sep 1, 1997 | The handler CGI program in IRIX allows arbitrary command execution. | |||
| CVE-1999-0025 | 0.04 | — | 0.12 | Jul 16, 1997 | root privileges via buffer overflow in df command on SGI IRIX systems. | |||
| CVE-1999-0208 | 0.04 | — | 0.13 | Dec 12, 1995 | rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. | |||
| CVE-2005-2925 | 0.03 | — | 0.01 | Oct 12, 2005 | runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin. | |||
| CVE-2005-0465 | 0.03 | — | 0.01 | May 2, 2005 | gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. | |||
| CVE-2005-0464 | 0.03 | — | 0.01 | May 2, 2005 | gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error. | |||
| CVE-2002-0875 | 0.03 | — | 0.01 | Sep 5, 2002 | Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. | |||
| CVE-2000-1193 | 0.03 | — | 0.03 | Aug 31, 2001 | Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port. | |||
| CVE-2001-0485 | 0.03 | — | 0.01 | Jun 27, 2001 | Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option. | |||
| CVE-2000-0794 | 0.03 | — | 0.01 | Oct 20, 2000 | Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview. |
- CVE-2007-4938Sep 18, 2007risk 0.04cvss —epss 0.16
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a…
- CVE-2002-0652Jul 3, 2002risk 0.04cvss —epss 0.09
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
- CVE-2000-0844Nov 14, 2000risk 0.04cvss —epss 0.15
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
- CVE-2000-0733Oct 20, 2000risk 0.04cvss —epss 0.12
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
- CVE-2000-0245Mar 27, 2000risk 0.04cvss —epss 0.12
Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts.
- CVE-2000-0207Mar 1, 2000risk 0.04cvss —epss 0.08
SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters.
- CVE-2000-1220Jan 8, 2000risk 0.04cvss —epss 0.14
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
- CVE-2000-1221Jan 8, 2000risk 0.04cvss —epss 0.17
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended…
- CVE-1999-0009Apr 8, 1998risk 0.04cvss —epss 0.29
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
- CVE-1999-0018Dec 5, 1997risk 0.04cvss —epss 0.10
Buffer overflow in statd allows root privileges.
- CVE-1999-0148Sep 1, 1997risk 0.04cvss —epss 0.10
The handler CGI program in IRIX allows arbitrary command execution.
- CVE-1999-0025Jul 16, 1997risk 0.04cvss —epss 0.12
root privileges via buffer overflow in df command on SGI IRIX systems.
- CVE-1999-0208Dec 12, 1995risk 0.04cvss —epss 0.13
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
- CVE-2005-2925Oct 12, 2005risk 0.03cvss —epss 0.01
runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.
- CVE-2005-0465May 2, 2005risk 0.03cvss —epss 0.01
gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.
- CVE-2005-0464May 2, 2005risk 0.03cvss —epss 0.01
gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
- CVE-2002-0875Sep 5, 2002risk 0.03cvss —epss 0.01
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
- CVE-2000-1193Aug 31, 2001risk 0.03cvss —epss 0.03
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
- CVE-2001-0485Jun 27, 2001risk 0.03cvss —epss 0.01
Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.
- CVE-2000-0794Oct 20, 2000risk 0.03cvss —epss 0.01
Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview.
Page 2 of 10