VYPR

Vendor CVEs

Sgi

All CVEs

263 total · sorted by risk
  • CVE-2004-0639Aug 6, 2004
    risk 0.03cvss epss 0.06

    Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors…

  • CVE-2004-0424Jul 7, 2004
    risk 0.03cvss epss 0.01

    Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.

  • CVE-2002-0875Sep 5, 2002
    risk 0.03cvss epss 0.01

    Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.

  • CVE-2001-0823Dec 6, 2001
    risk 0.03cvss epss 0.01

    The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).

  • CVE-2000-1193Aug 31, 2001
    risk 0.03cvss epss 0.03

    Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.

  • CVE-2001-0485Jun 27, 2001
    risk 0.03cvss epss 0.01

    Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.

  • CVE-2000-0797Oct 20, 2000
    risk 0.03cvss epss 0.01

    Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option.

  • CVE-2000-0796Oct 20, 2000
    risk 0.03cvss epss 0.01

    Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.

  • CVE-2000-0798Oct 20, 2000
    risk 0.03cvss epss 0.03

    The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

  • CVE-2000-0794Oct 20, 2000
    risk 0.03cvss epss 0.01

    Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview.

  • CVE-2000-0795Oct 20, 2000
    risk 0.03cvss epss 0.01

    Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.

  • CVE-2000-0799Oct 20, 2000
    risk 0.03cvss epss 0.01

    inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.

  • CVE-2000-0545Aug 8, 2000
    risk 0.03cvss epss 0.01

    Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter.

  • CVE-2000-0013Dec 31, 1999
    risk 0.03cvss epss 0.01

    IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.

  • CVE-1999-0948Nov 2, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

  • CVE-1999-0949Nov 2, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

  • CVE-1999-1485May 31, 1999
    risk 0.03cvss epss 0.04

    nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.

  • CVE-1999-0765May 19, 1999
    risk 0.03cvss epss 0.05

    SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.

  • CVE-1999-0215Oct 26, 1998
    risk 0.03cvss epss 0.06

    Routed allows attackers to append data to files.

  • CVE-1999-1409Jul 3, 1998
    risk 0.03cvss epss 0.01

    The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

  • CVE-1999-0314Jul 1, 1998
    risk 0.03cvss epss 0.01

    ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.

  • CVE-1999-0126May 3, 1998
    risk 0.03cvss epss 0.01

    SGI IRIX buffer overflow in xterm and Xaw allows root access.

  • CVE-1999-0108May 1, 1998
    risk 0.03cvss epss 0.01

    The printers program in IRIX has a buffer overflow that gives root access to local users.

  • CVE-1999-1114Apr 8, 1998
    risk 0.03cvss epss 0.01

    Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.

  • CVE-1999-0270Apr 3, 1998
    risk 0.03cvss epss 0.32

    Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.

  • CVE-1999-0960Mar 20, 1998
    risk 0.03cvss epss 0.01

    IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.

  • CVE-1999-0125Jan 25, 1998
    risk 0.03cvss epss 0.01

    Buffer overflow in SGI IRIX mailx program.

  • CVE-1999-0328Nov 1, 1997
    risk 0.03cvss epss 0.01

    SGI permissions program allows local users to gain root privileges.

  • CVE-1999-1399Aug 20, 1997
    risk 0.03cvss epss 0.01

    spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.

  • CVE-1999-0030Jul 16, 1997
    risk 0.03cvss epss 0.01

    root privileges via buffer overflow in xlock command on SGI IRIX systems.

  • CVE-1999-0026Jul 16, 1997
    risk 0.03cvss epss 0.01

    root privileges via buffer overflow in pset command on SGI IRIX systems.

  • CVE-1999-0027Jul 16, 1997
    risk 0.03cvss epss 0.01

    root privileges via buffer overflow in eject command on SGI IRIX systems.

  • CVE-1999-0034May 29, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.

  • CVE-1999-1286May 9, 1997
    risk 0.03cvss epss 0.01

    addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.

  • CVE-1999-1410May 9, 1997
    risk 0.03cvss epss 0.01

    addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.

  • CVE-1999-1398May 7, 1997
    risk 0.03cvss epss 0.01

    Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.

  • CVE-1999-1461May 7, 1997
    risk 0.03cvss epss 0.01

    inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.

  • CVE-1999-0040May 1, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

  • CVE-1999-0149Apr 19, 1997
    risk 0.03cvss epss 0.03

    The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.

  • CVE-1999-0959Feb 1, 1997
    risk 0.03cvss epss 0.01

    IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.

  • CVE-1999-0051Jan 6, 1997
    risk 0.03cvss epss 0.01

    Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

  • CVE-1999-1120Jan 4, 1997
    risk 0.03cvss epss 0.01

    netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.

  • CVE-1999-0044Dec 3, 1996
    risk 0.03cvss epss 0.01

    fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.

  • CVE-1999-1384Oct 30, 1996
    risk 0.03cvss epss 0.02

    Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.

  • CVE-1999-0032Oct 25, 1996
    risk 0.03cvss epss 0.01

    Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

  • CVE-1999-1243Mar 3, 1995
    risk 0.03cvss epss 0.01

    SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.

  • CVE-1999-1022Oct 2, 1994
    risk 0.03cvss epss 0.01

    serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

  • CVE-1999-1219Aug 11, 1994
    risk 0.03cvss epss 0.01

    Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.

  • CVE-1999-1494Aug 9, 1994
    risk 0.03cvss epss 0.01

    colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.

  • CVE-2005-0469May 2, 2005
    risk 0.01cvss epss 0.09

    Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.

Page 2 of 6