Sgi Irix vulnerabilities

CVE-2002-0174 [HIGH] CVE-2002-0174: nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileg nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.

CVE-2002-0356 [HIGH] CVE-2002-0356: Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local us Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.

CVE-2002-0355 [LOW] CVE-2002-0355: netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the syst netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.

CVE-2002-0173 [HIGH] CVE-2002-0173: Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

CVE-2002-0172 [LOW] CVE-2002-0172: /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).

CVE-2002-0213 [LOW] CVE-2002-0213: xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink at xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.

CVE-2002-0041 [MEDIUM] CVE-2002-0041: Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.

CVE-2002-0017 [HIGH] CVE-2002-0017: Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to ex Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.

CVE-2002-0039 [MEDIUM] CVE-2002-0039: rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to c rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.

CVE-2002-0040 [LOW] CVE-2002-0040: Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.

CVE-2002-0038 [MEDIUM] CVE-2002-0038: Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.

CVE-2001-0797 [CRITICAL] CVE-2001-0797: Buffer overflow in login in various System V based operating systems allows remote attackers to exec Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

CVE-2001-0800 [CRITICAL] CVE-2001-0800: lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.

CVE-2001-0799 [CRITICAL] CVE-2001-0799: Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

CVE-2001-0801 [HIGH] CVE-2001-0801: lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.

CVE-2001-0796 [MEDIUM] CVE-2001-0796: SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.

CVE-2001-1456 [HIGH] CWE-119 CVE-2001-1456: Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 al Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

CVE-2000-1193 [MEDIUM] CVE-2000-1193: Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attacke Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.

CVE-2001-0554 [CRITICAL] CWE-120 CVE-2001-0554: Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attack Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

CVE-2001-0485 [HIGH] CVE-2001-0485: Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.