VYPR

Irix

by Sgi

CVEs (185)

  • CVE-1999-1399Aug 20, 1997
    risk 0.03cvss epss 0.01

    spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.

  • CVE-1999-0026Jul 16, 1997
    risk 0.03cvss epss 0.01

    root privileges via buffer overflow in pset command on SGI IRIX systems.

  • CVE-1999-0030Jul 16, 1997
    risk 0.03cvss epss 0.01

    root privileges via buffer overflow in xlock command on SGI IRIX systems.

  • CVE-1999-0027Jul 16, 1997
    risk 0.03cvss epss 0.01

    root privileges via buffer overflow in eject command on SGI IRIX systems.

  • CVE-1999-1410May 9, 1997
    risk 0.03cvss epss 0.01

    addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.

  • CVE-1999-1286May 9, 1997
    risk 0.03cvss epss 0.01

    addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.

  • CVE-1999-1398May 7, 1997
    risk 0.03cvss epss 0.01

    Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.

  • CVE-1999-1461May 7, 1997
    risk 0.03cvss epss 0.01

    inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.

  • CVE-1999-0040May 1, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

  • CVE-1999-0149Apr 19, 1997
    risk 0.03cvss epss 0.03

    The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.

  • CVE-1999-0959Feb 1, 1997
    risk 0.03cvss epss 0.01

    IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.

  • CVE-1999-0051Jan 6, 1997
    risk 0.03cvss epss 0.01

    Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

  • CVE-1999-1120Jan 4, 1997
    risk 0.03cvss epss 0.01

    netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.

  • CVE-1999-0044Dec 3, 1996
    risk 0.03cvss epss 0.01

    fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.

  • CVE-1999-1384Oct 30, 1996
    risk 0.03cvss epss 0.02

    Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.

  • CVE-1999-0032Oct 25, 1996
    risk 0.03cvss epss 0.01

    Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

  • CVE-1999-1243Mar 3, 1995
    risk 0.03cvss epss 0.01

    SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.

  • CVE-1999-1022Oct 2, 1994
    risk 0.03cvss epss 0.01

    serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

  • CVE-1999-1219Aug 11, 1994
    risk 0.03cvss epss 0.01

    Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.

  • CVE-1999-1494Aug 9, 1994
    risk 0.03cvss epss 0.01

    colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.

Page 4 of 10