CVE-1999-0039 – SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Command Execution
https://notcve.org/view.php?id=CVE-1999-0039
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. • https://www.exploit-db.com/exploits/19299 ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX http://www.cert.org/advisories/CA-1997-12.html http://www.osvdb.org/235 http://www.securityfocus.com/bid/374 https://exchange.xforce.ibmcloud.com/vulnerabilities/333 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-1999-1116
https://notcve.org/view.php?id=CVE-1999-1116
Vulnerability in runpriv in Indigo Magic System Administration subsystem of SGI IRIX 6.3 and 6.4 allows local users to gain root privileges. • ftp://patches.sgi.com/support/free/security/advisories/19970503-01-PX http://www.osvdb.org/1009 http://www.securityfocus.com/bid/462 https://exchange.xforce.ibmcloud.com/vulnerabilities/2108 •
CVE-1999-0040 – LibXt - 'XtAppInitialize()' Local Overflow *xterm
https://notcve.org/view.php?id=CVE-1999-0040
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. • https://www.exploit-db.com/exploits/331 https://www.exploit-db.com/exploits/322 https://www.exploit-db.com/exploits/19200 https://www.exploit-db.com/exploits/19201 https://www.exploit-db.com/exploits/19202 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0040 •
CVE-1999-0038 – BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0038
Buffer overflow in xlock program allows local users to execute commands as root. • https://www.exploit-db.com/exploits/19173 https://www.exploit-db.com/exploits/19172 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-1999-0149 – SGI IRIX 6.2 - cgi-bin wrap
https://notcve.org/view.php?id=CVE-1999-0149
The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. • https://www.exploit-db.com/exploits/19298 ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX http://www.osvdb.org/247 http://www.securityfocus.com/bid/373 https://exchange.xforce.ibmcloud.com/vulnerabilities/290 •