Irix
by Sgi
CVEs (185)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0028 | 0.01 | — | 0.15 | Mar 25, 2003 | Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in… | |||
| CVE-2002-0678 | 0.01 | — | 0.09 | Jul 23, 2002 | CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. | |||
| CVE-2002-0677 | 0.01 | — | 0.07 | Jul 23, 2002 | CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||
| CVE-2005-0138 | 0.00 | — | 0.01 | Sep 21, 2005 | rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does… | |||
| CVE-2005-0139 | 0.00 | — | 0.01 | Sep 21, 2005 | Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities. | |||
| CVE-2005-0113 | 0.00 | — | 0.00 | Jan 14, 2005 | inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges. | |||
| CVE-2004-0139 | 0.00 | — | 0.02 | Jan 10, 2005 | Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors. | |||
| CVE-2004-1891 | 0.00 | — | 0.01 | Dec 31, 2004 | The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged. | |||
| CVE-2004-1889 | 0.00 | — | 0.02 | Dec 31, 2004 | Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows. | |||
| CVE-2004-0134 | 0.00 | — | 0.00 | Aug 18, 2004 | cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process. | |||
| CVE-2004-0135 | 0.00 | — | 0.00 | Aug 6, 2004 | The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory. | |||
| CVE-2004-0137 | 0.00 | — | 0.00 | Aug 6, 2004 | Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues." | |||
| CVE-2004-0136 | 0.00 | — | 0.00 | Aug 6, 2004 | The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary." | |||
| CVE-2004-0483 | 0.00 | — | 0.02 | Jul 7, 2004 | Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests. | |||
| CVE-2004-2001 | 0.00 | — | 0.00 | May 5, 2004 | ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received. | |||
| CVE-2004-2002 | 0.00 | — | 0.02 | May 5, 2004 | Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet. | |||
| CVE-2004-1890 | 0.00 | — | 0.02 | Apr 2, 2004 | Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via the PORT mode. | |||
| CVE-2003-0796 | 0.00 | — | 0.02 | Mar 29, 2004 | Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled. | |||
| CVE-2003-0797 | 0.00 | — | 0.02 | Mar 29, 2004 | Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors. | |||
| CVE-2003-0175 | 0.00 | — | 0.00 | Feb 3, 2004 | SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. |
- CVE-2003-0028Mar 25, 2003risk 0.01cvss —epss 0.15
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in…
- CVE-2002-0678Jul 23, 2002risk 0.01cvss —epss 0.09
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
- CVE-2002-0677Jul 23, 2002risk 0.01cvss —epss 0.07
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
- CVE-2005-0138Sep 21, 2005risk 0.00cvss —epss 0.01
rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does…
- CVE-2005-0139Sep 21, 2005risk 0.00cvss —epss 0.01
Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities.
- CVE-2005-0113Jan 14, 2005risk 0.00cvss —epss 0.00
inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.
- CVE-2004-0139Jan 10, 2005risk 0.00cvss —epss 0.02
Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors.
- CVE-2004-1891Dec 31, 2004risk 0.00cvss —epss 0.01
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.
- CVE-2004-1889Dec 31, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows.
- CVE-2004-0134Aug 18, 2004risk 0.00cvss —epss 0.00
cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.
- CVE-2004-0135Aug 6, 2004risk 0.00cvss —epss 0.00
The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.
- CVE-2004-0137Aug 6, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."
- CVE-2004-0136Aug 6, 2004risk 0.00cvss —epss 0.00
The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."
- CVE-2004-0483Jul 7, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests.
- CVE-2004-2001May 5, 2004risk 0.00cvss —epss 0.00
ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.
- CVE-2004-2002May 5, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet.
- CVE-2004-1890Apr 2, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via the PORT mode.
- CVE-2003-0796Mar 29, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled.
- CVE-2003-0797Mar 29, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors.
- CVE-2003-0175Feb 3, 2004risk 0.00cvss —epss 0.00
SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.
Page 5 of 10