Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-0464

4 documents4 sources

Severity

2.1LOW

EPSS

0.6%

top 30.70%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SGI Irix

Timeline

PublishedMay 2

Latest updateMay 3

Description

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDsgi/irix6.5.22

Patches

Patch: patches.sgi.com ↗Patch: www.idefense.com ↗Patch: patches.sgi.com ↗

🔴Vulnerability Details

GHSA

GHSA-f3g9-v59r-jm7w: gr_osview in SGI IRIX 6↗2022-05-03

▶

CVEList

CVE-2005-0464: gr_osview in SGI IRIX 6↗2005-04-08

▶

💥Exploits & PoCs

Exploit-DB

SGI IRIX 6.5.22 - GR_OSView Information Disclosure↗2005-04-07

▶