| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type. |
| The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin. |
| Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. |
| The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory. |
| IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited. |
| Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option. |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. |
| Bash treats any character with a value of 255 as a command separator. |
| Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges. |
| netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. |
| Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. |
| Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. |
| Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump. |
| rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. |
| Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges. |
| Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. |
| The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. |
| root privileges via buffer overflow in eject command on SGI IRIX systems. |
| /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users. |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |
