Vendor CVEs
Sgi
All CVEs
263 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-0359 | 0.00 | — | 0.04 | Jul 3, 2002 | xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges. | |||
| CVE-2002-0631 | 0.00 | — | 0.00 | Jul 3, 2002 | Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges. | |||
| CVE-2002-0357 | 0.00 | — | 0.00 | Jun 18, 2002 | Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges. | |||
| CVE-2002-0042 | 0.00 | — | 0.00 | Jun 18, 2002 | Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS. | |||
| CVE-2002-0174 | 0.00 | — | 0.00 | May 29, 2002 | nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file. | |||
| CVE-2002-0356 | 0.00 | — | 0.00 | May 29, 2002 | Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files. | |||
| CVE-2002-0355 | 0.00 | — | 0.00 | May 29, 2002 | netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions. | |||
| CVE-2002-0171 | 0.00 | — | 0.02 | May 16, 2002 | IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges. | |||
| CVE-2002-0173 | 0.00 | — | 0.00 | May 16, 2002 | Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges. | |||
| CVE-2002-0213 | 0.00 | — | 0.00 | May 16, 2002 | xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. | |||
| CVE-2002-0172 | 0.00 | — | 0.00 | May 16, 2002 | /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). | |||
| CVE-2002-0041 | 0.00 | — | 0.02 | Apr 22, 2002 | Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump. | |||
| CVE-2002-0017 | 0.00 | — | 0.03 | Apr 3, 2002 | Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request. | |||
| CVE-2002-0039 | 0.00 | — | 0.01 | Mar 28, 2002 | rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths. | |||
| CVE-2002-0040 | 0.00 | — | 0.00 | Mar 28, 2002 | Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. | |||
| CVE-2001-0891 | 0.00 | — | 0.00 | Jan 31, 2002 | Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters. | |||
| CVE-2002-0038 | 0.00 | — | 0.02 | Jan 31, 2002 | Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk. | |||
| CVE-2001-0801 | 0.00 | — | 0.00 | Dec 6, 2001 | lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. | |||
| CVE-2001-0799 | 0.00 | — | 0.04 | Dec 6, 2001 | Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument. | |||
| CVE-2001-0796 | 0.00 | — | 0.02 | Dec 6, 2001 | SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. | |||
| CVE-2001-1456 | 0.00 | — | 0.06 | Sep 4, 2001 | Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | |||
| CVE-2001-0331 | 0.00 | — | 0.03 | Jun 27, 2001 | Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. | |||
| CVE-2000-0893 | 0.00 | — | 0.01 | Feb 16, 2001 | The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. | |||
| CVE-2000-0578 | 0.00 | — | 0.00 | Jun 21, 2000 | SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user. | |||
| CVE-2000-0579 | 0.00 | — | 0.00 | Jun 21, 2000 | IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited. | |||
| CVE-2000-0533 | 0.00 | — | 0.00 | Jun 20, 2000 | Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files. | |||
| CVE-2000-0283 | 0.00 | — | 0.02 | Apr 12, 2000 | The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. | |||
| CVE-1999-1102 | 0.00 | — | 0.00 | Dec 31, 1999 | lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | |||
| CVE-1999-1066 | 0.00 | — | 0.01 | Dec 22, 1999 | Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request. | |||
| CVE-1999-0692 | 0.00 | — | 0.02 | Jul 19, 1999 | The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges. | |||
| CVE-1999-0413 | 0.00 | — | 0.00 | Mar 1, 1999 | A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. | |||
| CVE-1999-0461 | 0.00 | — | 0.03 | Jan 28, 1999 | Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. | |||
| CVE-1999-0463 | 0.00 | — | 0.01 | Dec 1, 1998 | Remote attackers can perform a denial of service using IRIX fcagent. | |||
| CVE-1999-1181 | 0.00 | — | 0.00 | Sep 29, 1998 | Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. | |||
| CVE-1999-0313 | 0.00 | — | 0.00 | Jul 1, 1998 | disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. | |||
| CVE-1999-0329 | 0.00 | — | 0.00 | Jun 1, 1998 | SGI mediad program allows local users to gain root access. | |||
| CVE-1999-1492 | 0.00 | — | 0.00 | May 27, 1998 | Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges. | |||
| CVE-1999-1039 | 0.00 | — | 0.00 | May 27, 1998 | Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise. | |||
| CVE-1999-1040 | 0.00 | — | 0.00 | Apr 8, 1998 | Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable. | |||
| CVE-1999-1501 | 0.00 | — | 0.00 | Apr 8, 1998 | (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | |||
| CVE-1999-1183 | 0.00 | — | 0.03 | Apr 2, 1998 | System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or… | |||
| CVE-1999-1272 | 0.00 | — | 0.00 | Mar 1, 1998 | Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges. | |||
| CVE-1999-0327 | 0.00 | — | 0.00 | Nov 1, 1997 | SGI syserr program allows local users to corrupt files. | |||
| CVE-1999-1131 | 0.00 | — | 0.02 | Oct 24, 1997 | Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization. | |||
| CVE-1999-1214 | 0.00 | — | 0.00 | Sep 15, 1997 | The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | |||
| CVE-1999-0028 | 0.00 | — | 0.00 | Jul 16, 1997 | root privileges via buffer overflow in login/scheme command on SGI IRIX systems. | |||
| CVE-1999-0195 | 0.00 | — | 0.01 | Jul 1, 1997 | Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | |||
| CVE-1999-0033 | 0.00 | — | 0.01 | Jun 12, 1997 | Command execution in Sun systems via buffer overflow in the at program. | |||
| CVE-1999-0083 | 0.00 | — | 0.02 | Jun 11, 1997 | getcwd() file descriptor leak in FTP. | |||
| CVE-1999-1143 | 0.00 | — | 0.00 | May 28, 1997 | Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs. |
- CVE-2002-0359Jul 3, 2002risk 0.00cvss —epss 0.04
xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.
- CVE-2002-0631Jul 3, 2002risk 0.00cvss —epss 0.00
Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.
- CVE-2002-0357Jun 18, 2002risk 0.00cvss —epss 0.00
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.
- CVE-2002-0042Jun 18, 2002risk 0.00cvss —epss 0.00
Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.
- CVE-2002-0174May 29, 2002risk 0.00cvss —epss 0.00
nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.
- CVE-2002-0356May 29, 2002risk 0.00cvss —epss 0.00
Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.
- CVE-2002-0355May 29, 2002risk 0.00cvss —epss 0.00
netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.
- CVE-2002-0171May 16, 2002risk 0.00cvss —epss 0.02
IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges.
- CVE-2002-0173May 16, 2002risk 0.00cvss —epss 0.00
Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.
- CVE-2002-0213May 16, 2002risk 0.00cvss —epss 0.00
xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.
- CVE-2002-0172May 16, 2002risk 0.00cvss —epss 0.00
/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).
- CVE-2002-0041Apr 22, 2002risk 0.00cvss —epss 0.02
Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.
- CVE-2002-0017Apr 3, 2002risk 0.00cvss —epss 0.03
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.
- CVE-2002-0039Mar 28, 2002risk 0.00cvss —epss 0.01
rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.
- CVE-2002-0040Mar 28, 2002risk 0.00cvss —epss 0.00
Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.
- CVE-2001-0891Jan 31, 2002risk 0.00cvss —epss 0.00
Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.
- CVE-2002-0038Jan 31, 2002risk 0.00cvss —epss 0.02
Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.
- CVE-2001-0801Dec 6, 2001risk 0.00cvss —epss 0.00
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.
- CVE-2001-0799Dec 6, 2001risk 0.00cvss —epss 0.04
Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.
- CVE-2001-0796Dec 6, 2001risk 0.00cvss —epss 0.02
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.
- CVE-2001-1456Sep 4, 2001risk 0.00cvss —epss 0.06
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
- CVE-2001-0331Jun 27, 2001risk 0.00cvss —epss 0.03
Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.
- CVE-2000-0893Feb 16, 2001risk 0.00cvss —epss 0.01
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.
- CVE-2000-0578Jun 21, 2000risk 0.00cvss —epss 0.00
SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user.
- CVE-2000-0579Jun 21, 2000risk 0.00cvss —epss 0.00
IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.
- CVE-2000-0533Jun 20, 2000risk 0.00cvss —epss 0.00
Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files.
- CVE-2000-0283Apr 12, 2000risk 0.00cvss —epss 0.02
The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon.
- CVE-1999-1102Dec 31, 1999risk 0.00cvss —epss 0.00
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
- CVE-1999-1066Dec 22, 1999risk 0.00cvss —epss 0.01
Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.
- CVE-1999-0692Jul 19, 1999risk 0.00cvss —epss 0.02
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
- CVE-1999-0413Mar 1, 1999risk 0.00cvss —epss 0.00
A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.
- CVE-1999-0461Jan 28, 1999risk 0.00cvss —epss 0.03
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
- CVE-1999-0463Dec 1, 1998risk 0.00cvss —epss 0.01
Remote attackers can perform a denial of service using IRIX fcagent.
- CVE-1999-1181Sep 29, 1998risk 0.00cvss —epss 0.00
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
- CVE-1999-0313Jul 1, 1998risk 0.00cvss —epss 0.00
disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.
- CVE-1999-0329Jun 1, 1998risk 0.00cvss —epss 0.00
SGI mediad program allows local users to gain root access.
- CVE-1999-1492May 27, 1998risk 0.00cvss —epss 0.00
Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges.
- CVE-1999-1039May 27, 1998risk 0.00cvss —epss 0.00
Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.
- CVE-1999-1040Apr 8, 1998risk 0.00cvss —epss 0.00
Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable.
- CVE-1999-1501Apr 8, 1998risk 0.00cvss —epss 0.00
(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.
- CVE-1999-1183Apr 2, 1998risk 0.00cvss —epss 0.03
System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or…
- CVE-1999-1272Mar 1, 1998risk 0.00cvss —epss 0.00
Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges.
- CVE-1999-0327Nov 1, 1997risk 0.00cvss —epss 0.00
SGI syserr program allows local users to corrupt files.
- CVE-1999-1131Oct 24, 1997risk 0.00cvss —epss 0.02
Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.
- CVE-1999-1214Sep 15, 1997risk 0.00cvss —epss 0.00
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
- CVE-1999-0028Jul 16, 1997risk 0.00cvss —epss 0.00
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.
- CVE-1999-0195Jul 1, 1997risk 0.00cvss —epss 0.01
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
- CVE-1999-0033Jun 12, 1997risk 0.00cvss —epss 0.01
Command execution in Sun systems via buffer overflow in the at program.
- CVE-1999-0083Jun 11, 1997risk 0.00cvss —epss 0.02
getcwd() file descriptor leak in FTP.
- CVE-1999-1143May 28, 1997risk 0.00cvss —epss 0.00
Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.
Page 5 of 6