Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-0465

4 documents4 sources

Severity

2.1LOW

EPSS

0.5%

top 33.75%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SGI Irix

Timeline

PublishedMay 2

Latest updateMay 3

Description

gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDsgi/irix98 versions+97

Patches

Patch: patches.sgi.com ↗Patch: www.idefense.com ↗Patch: patches.sgi.com ↗

🔴Vulnerability Details

GHSA

GHSA-wf2r-72fr-qcpj: gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option↗2022-05-03

▶

CVEList

CVE-2005-0465: gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option↗2005-04-08

▶

💥Exploits & PoCs

Exploit-DB

SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite↗2005-04-07

▶