cbcvebase.

Sgi Irix vulnerabilities

161 known vulnerabilities affecting sgi/irix.

Total CVEs
161
CISA KEV
0
Public exploits
61
Exploited in wild
3
Severity breakdown
CRITICAL29HIGH69MEDIUM39LOW24

Vulnerabilities

Page 4 of 9
CVE-2003-0575P3CRITICALCVSS 10.0v6.5v6.5.1+30 more2003-08-27
CVE-2003-0575 [CRITICAL] CVE-2003-0575: Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.
nvd
CVE-1999-1319P3CRITICALCVSS 10.0≤ 6.1v5+2 more1996-01-03
CVE-1999-1319 [CRITICAL] CVE-1999-1319: Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain r Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations.
nvd
CVE-1999-0270P4MEDIUMCVSS 5.0v6.2v6.3+1 more1998-04-03
CVE-1999-0270 [MEDIUM] CVE-1999-0270: Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") fo Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.
nvd
CVE-2002-0677P3HIGHCVSS 7.5v5.2v5.3+23 more2002-07-23
CVE-2002-0677 [HIGH] CVE-2002-0677: CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory loca CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
nvd
CVE-1999-1120P4MEDIUMCVSS 4.6PoC≤ 6.4v5.3+5 more1997-01-04
CVE-1999-1120 [MEDIUM] CVE-1999-1120: netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executin netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.
nvd
CVE-2001-0799P4CRITICALCVSS 10.0≤ 6.5.13f2001-12-06
CVE-2001-0799 [CRITICAL] CVE-2001-0799: Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.
nvd
CVE-1999-1398P4MEDIUMCVSS 6.2PoCv5.0v5.0.1+10 more1997-05-07
CVE-1999-1398 [MEDIUM] CVE-1999-1398: Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.
nvd
CVE-1999-1494P4LOWCVSS 2.1PoCv5.1v5.1.1+3 more1994-08-09
CVE-1999-1494 [LOW] CVE-1999-1494: colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
nvd
CVE-2005-0465P4LOWCVSS 2.1PoCv3.2v3.3+96 more2005-05-02
CVE-2005-0465 [LOW] CVE-2005-0465: gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to ove gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.
nvd
CVE-2005-0464P4LOWCVSS 2.1PoCv6.5.222005-05-02
CVE-2005-0464 [LOW] CVE-2005-0464: gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
nvd
CVE-2001-0331P4HIGHCVSS 7.5≤ 6.5.8v6.5.52001-06-27
CVE-2001-0331 [HIGH] CVE-2001-0331: Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.
nvd
CVE-2000-0799P4LOWCVSS 3.7PoCv6.5v6.5.1+8 more2000-10-20
CVE-2000-0799 [LOW] CVE-2000-0799: inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.
nvd
CVE-1999-1409P4LOWCVSS 2.1PoCv6.2v6.4+2 more1998-07-03
CVE-1999-1409 [LOW] CVE-1999-1409: The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbit The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
nvd
CVE-2002-0017P4HIGHCVSS 7.5v6.5v6.5.1+19 more2002-04-03
CVE-2002-0017 [HIGH] CVE-2002-0017: Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to ex Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.
nvd
CVE-2002-0875P4LOWCVSS 2.1PoCv6.5.15v6.5.16+1 more2002-09-05
CVE-2002-0875 [LOW] CVE-2002-0875: Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
nvd
CVE-2003-0473P4CRITICALCVSS 10.0v6.5.192003-08-07
CVE-2003-0473 [CRITICAL] CVE-2003-0473: Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the r Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications.
nvd
CVE-1999-1183P4HIGHCVSS 7.6v6.3v6.41998-04-02
CVE-1999-1183 [HIGH] CVE-1999-1183: System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by pro System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type.
nvd
CVE-2003-0064P4HIGHCVSS 7.5v5.0v5.0.1+63 more2003-03-03
CVE-2003-0064 [HIGH] CVE-2003-0064: The dtterm terminal emulator allows attackers to modify the window title via a certain character esc The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
nvd
CVE-2001-1456P4HIGHCVSS 7.5v6.2v6.3+2 more2001-09-04
CVE-2001-1456 [HIGH] CWE-119 CVE-2001-1456: Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 al Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
nvd
CVE-2002-0678P4HIGHCVSS 7.2v5.2v5.3+23 more2002-07-23
CVE-2002-0678 [HIGH] CVE-2002-0678: CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a syml CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
nvd
Sgi Irix vulnerabilities | cvebase