Sgi Irix vulnerabilities
161 known vulnerabilities affecting sgi/irix.
Total CVEs
161
CISA KEV
0
Public exploits
61
Exploited in wild
3
Severity breakdown
CRITICAL29HIGH69MEDIUM39LOW24
Vulnerabilities
Page 3 of 9
CVE-1999-1286P4HIGHCVSS 7.2PoC≤ 6.2v5.31997-05-09
CVE-1999-1286 [HIGH] CVE-1999-1286: addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain
addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.
nvd
CVE-2000-0013P4HIGHCVSS 7.2PoCv6.21999-12-31
CVE-2000-0013 [HIGH] CVE-2000-0013: IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
nvd
CVE-1999-0036P4HIGHCVSS 8.4PoCv5.1v5.2+6 more1997-05-26
CVE-1999-0036 [HIGH] CWE-434 CVE-1999-0036: IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
nvd
CVE-1999-0051P4HIGHCVSS 7.2PoCv3.3.2v3.3.3+29 more1997-01-06
CVE-1999-0051 [HIGH] CVE-1999-0051: Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0,
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
nvd
CVE-1999-0960P4HIGHCVSS 7.2PoCv5v6.0+5 more1998-03-20
CVE-1999-0960 [HIGH] CVE-1999-0960: IRIX cdplayer allows local users to create directories in arbitrary locations via a command line opt
IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.
nvd
CVE-2001-0249P3CRITICALCVSS 9.8≥ 6.5, ≤ 6.5.202001-06-18
CVE-2001-0249 [CRITICAL] CWE-131 CVE-2001-0249: Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by cr
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.
nvd
CVE-2002-1584P3CRITICALCVSS 10.0v6.5.1v6.5.2+51 more2002-12-27
CVE-2002-1584 [CRITICAL] CVE-2002-1584: Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
nvd
CVE-1999-0044P4HIGHCVSS 7.2PoCv5.1v5.1.1+6 more1996-12-03
CVE-1999-0044 [HIGH] CVE-1999-0044: fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.
fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.
nvd
CVE-1999-0959P4HIGHCVSS 7.2PoCv5v6.0+5 more1997-02-01
CVE-1999-0959 [HIGH] CVE-1999-0959: IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
nvd
CVE-2002-0359P3CRITICALCVSS 10.0v6.2v6.3+46 more2002-07-03
CVE-2002-0359 [CRITICAL] CVE-2002-0359: xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call da
xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.
nvd
CVE-2003-0028P3HIGHCVSS 7.5v6.5v6.5.1+53 more2003-03-25
CVE-2003-0028 [HIGH] CVE-2003-0028: Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external d
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
nvd
CVE-2001-0248P3CRITICALCVSS 9.8v6.5v6.5.1+1 more2001-06-18
CVE-2001-0248 [CRITICAL] CWE-131 CVE-2001-0248: Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by cr
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
nvd
CVE-1999-1410P4MEDIUMCVSS 6.2PoCv5.0v5.0.1+7 more1997-05-09
CVE-1999-1410 [MEDIUM] CVE-1999-1410: addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root
addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.
nvd
CVE-1999-1485P4MEDIUMCVSS 6.4PoCv6.5v6.5.1+1 more1999-05-31
CVE-1999-1485 [MEDIUM] CVE-1999-1485: nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attack
nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.
nvd
CVE-1999-1461P4HIGHCVSS 7.2PoCv5.3v6.1+4 more1997-05-07
CVE-1999-1461 [HIGH] CVE-1999-1461: inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find a
inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.
nvd
CVE-1999-0073P3CRITICALCVSS 10.0v5.0v5.0.1+9 more1995-10-13
CVE-1999-0073 [CRITICAL] CVE-1999-0073: Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing a
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
nvd
CVE-1999-0692P3CRITICALCVSS 10.0v6.2v6.3+6 more1999-07-19
CVE-1999-0692 [CRITICAL] CVE-1999-0692: The default configuration of the Array Services daemon (arrayd) disables authentication, allowing re
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
nvd
CVE-1999-1022P4MEDIUMCVSS 6.2PoCv4v5.2+1 more1994-10-02
CVE-1999-1022 [MEDIUM] CVE-1999-1022: serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variabl
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
nvd
CVE-2000-1193P4MEDIUMCVSS 5.0PoCv6.3v6.4+1 more2001-08-31
CVE-2000-1193 [MEDIUM] CVE-2000-1193: Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attacke
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
nvd
CVE-1999-1243P4MEDIUMCVSS 4.6PoC≤ 6.0.1v5.2+1 more1995-03-03
CVE-1999-1243 [MEDIUM] CVE-1999-1243: SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for
SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.
nvd