CVE-2005-2925 – SGI IRIX 6.5.28 - 'runpriv' Design Error
https://notcve.org/view.php?id=CVE-2005-2925
runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin. • https://www.exploit-db.com/exploits/1577 ftp://patches.sgi.com/support/free/security/advisories/20051001-01-P.asc http://secunia.com/advisories/17131 http://securitytracker.com/id?1015031 http://www.idefense.com/application/poi/display?id=312&type=vulnerabilities http://www.osvdb.org/19907 http://www.securityfocus.com/archive/1/427409/100/0/threaded http://www.securityfocus.com/bid/15055 https://exchange.xforce.ibmcloud.com/vulnerabilities/22561 •
CVE-2005-0139
https://notcve.org/view.php?id=CVE-2005-0139
Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities. Vulnerabilidad desconocida en rpc.mountd en SGI IRIX 6.5.25, 6.5.26 y 6.5.27 no restringe el derecho de acceso suficientemente para leer la mayoría de las exportaciones, lo que permite a atacantes llevar a cabo actividades no autorizadas. • ftp://patches.sgi.com/support/free/security/advisories/20050601-01-U http://secunia.com/advisories/15619 http://www.ciac.org/ciac/bulletins/p-214.shtml http://www.vupen.com/english/advisories/2005/0702 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2005-0138
https://notcve.org/view.php?id=CVE-2005-0138
rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability. rpc.mountd en SGI IRIX 6.5.25, 6.5.26 y 6.5.27 no permiten correctamente el acceso a clientes anónimos que conectan desde un sistema cuyo nombre de host no puede ser determinado. NOTA: mientras que este problema ocurre en un mecanismo de seguridad, no hay un rol de atacante aparente y probablemente no satisface la definición de CVE de una vulnerabilidad. • ftp://patches.sgi.com/support/free/security/advisories/20050601-01-U http://secunia.com/advisories/15619 http://www.ciac.org/ciac/bulletins/p-214.shtml http://www.vupen.com/english/advisories/2005/0702 • CWE-17: DEPRECATED: Code •
CVE-2005-1859
https://notcve.org/view.php?id=CVE-2005-1859
Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array. • ftp://patches.sgi.com/support/free/security/advisories/20050701-01-P.asc http://securitytracker.com/id?1014454 •
CVE-2005-1043
https://notcve.org/view.php?id=CVE-2005-1043
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. • http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:072 http://www.redhat.com/support/errata/RHSA-2005-406.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.m •