VYPR

Vendor CVEs

Sgi

All CVEs

263 total · sorted by risk
  • CVE-2002-0359Jul 3, 2002
    risk 0.00cvss epss 0.04

    xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.

  • CVE-2002-0631Jul 3, 2002
    risk 0.00cvss epss 0.00

    Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.

  • CVE-2002-0357Jun 18, 2002
    risk 0.00cvss epss 0.00

    Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.

  • CVE-2002-0042Jun 18, 2002
    risk 0.00cvss epss 0.00

    Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.

  • CVE-2002-0174May 29, 2002
    risk 0.00cvss epss 0.00

    nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.

  • CVE-2002-0356May 29, 2002
    risk 0.00cvss epss 0.00

    Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.

  • CVE-2002-0355May 29, 2002
    risk 0.00cvss epss 0.00

    netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.

  • CVE-2002-0171May 16, 2002
    risk 0.00cvss epss 0.02

    IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges.

  • CVE-2002-0173May 16, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

  • CVE-2002-0213May 16, 2002
    risk 0.00cvss epss 0.00

    xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.

  • CVE-2002-0172May 16, 2002
    risk 0.00cvss epss 0.00

    /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).

  • CVE-2002-0041Apr 22, 2002
    risk 0.00cvss epss 0.02

    Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.

  • CVE-2002-0017Apr 3, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.

  • CVE-2002-0039Mar 28, 2002
    risk 0.00cvss epss 0.01

    rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.

  • CVE-2002-0040Mar 28, 2002
    risk 0.00cvss epss 0.00

    Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.

  • CVE-2001-0891Jan 31, 2002
    risk 0.00cvss epss 0.00

    Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.

  • CVE-2002-0038Jan 31, 2002
    risk 0.00cvss epss 0.02

    Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.

  • CVE-2001-0801Dec 6, 2001
    risk 0.00cvss epss 0.00

    lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.

  • CVE-2001-0799Dec 6, 2001
    risk 0.00cvss epss 0.04

    Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

  • CVE-2001-0796Dec 6, 2001
    risk 0.00cvss epss 0.02

    SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.

  • CVE-2001-1456Sep 4, 2001
    risk 0.00cvss epss 0.06

    Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

  • CVE-2001-0331Jun 27, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.

  • CVE-2000-0893Feb 16, 2001
    risk 0.00cvss epss 0.01

    The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.

  • CVE-2000-0578Jun 21, 2000
    risk 0.00cvss epss 0.00

    SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user.

  • CVE-2000-0579Jun 21, 2000
    risk 0.00cvss epss 0.00

    IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.

  • CVE-2000-0533Jun 20, 2000
    risk 0.00cvss epss 0.00

    Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files.

  • CVE-2000-0283Apr 12, 2000
    risk 0.00cvss epss 0.02

    The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon.

  • CVE-1999-1102Dec 31, 1999
    risk 0.00cvss epss 0.00

    lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.

  • CVE-1999-1066Dec 22, 1999
    risk 0.00cvss epss 0.01

    Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.

  • CVE-1999-0692Jul 19, 1999
    risk 0.00cvss epss 0.02

    The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.

  • CVE-1999-0413Mar 1, 1999
    risk 0.00cvss epss 0.00

    A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.

  • CVE-1999-0461Jan 28, 1999
    risk 0.00cvss epss 0.03

    Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.

  • CVE-1999-0463Dec 1, 1998
    risk 0.00cvss epss 0.01

    Remote attackers can perform a denial of service using IRIX fcagent.

  • CVE-1999-1181Sep 29, 1998
    risk 0.00cvss epss 0.00

    Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.

  • CVE-1999-0313Jul 1, 1998
    risk 0.00cvss epss 0.00

    disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.

  • CVE-1999-0329Jun 1, 1998
    risk 0.00cvss epss 0.00

    SGI mediad program allows local users to gain root access.

  • CVE-1999-1492May 27, 1998
    risk 0.00cvss epss 0.00

    Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges.

  • CVE-1999-1039May 27, 1998
    risk 0.00cvss epss 0.00

    Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.

  • CVE-1999-1040Apr 8, 1998
    risk 0.00cvss epss 0.00

    Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable.

  • CVE-1999-1501Apr 8, 1998
    risk 0.00cvss epss 0.00

    (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.

  • CVE-1999-1183Apr 2, 1998
    risk 0.00cvss epss 0.03

    System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or…

  • CVE-1999-1272Mar 1, 1998
    risk 0.00cvss epss 0.00

    Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges.

  • CVE-1999-0327Nov 1, 1997
    risk 0.00cvss epss 0.00

    SGI syserr program allows local users to corrupt files.

  • CVE-1999-1131Oct 24, 1997
    risk 0.00cvss epss 0.02

    Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.

  • CVE-1999-1214Sep 15, 1997
    risk 0.00cvss epss 0.00

    The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.

  • CVE-1999-0028Jul 16, 1997
    risk 0.00cvss epss 0.00

    root privileges via buffer overflow in login/scheme command on SGI IRIX systems.

  • CVE-1999-0195Jul 1, 1997
    risk 0.00cvss epss 0.01

    Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.

  • CVE-1999-0033Jun 12, 1997
    risk 0.00cvss epss 0.01

    Command execution in Sun systems via buffer overflow in the at program.

  • CVE-1999-0083Jun 11, 1997
    risk 0.00cvss epss 0.02

    getcwd() file descriptor leak in FTP.

  • CVE-1999-1143May 28, 1997
    risk 0.00cvss epss 0.00

    Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.

Page 5 of 6