| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files. |
| Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. |
| The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. |
| The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). |
| Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. |
| Buffer overflow in SGI IRIX mailx program. |
| nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system. |
| /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users. |
| xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. |
| mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories. |
| The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors. |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. |
| Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. |
| /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). |
| CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
| Csetup under IRIX allows arbitrary file creation or overwriting. |
| IRIX fam service allows an attacker to obtain a list of all files on the server. |
| ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. |
