Page 5 of 60 results (0.010 seconds)

CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 https://www.exploit-db.com/exploits/209 https://www.exploit-db.com/exploits/215 https://www.exploit-db.com/exploits/249 https://www.exploit-db.com/exploits/20185 https://www.exploit-db.com/exploits/210 https://www.exploit-db.com/exploits/20188 https://www.exploit-db.com/exploits/20186 https://www.exploit-db.com/exploits/197 https://www.exploit-db.com/exploits/20189 https://www.exploit-db.com/exploits/20190 ftp: • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 20EXPL: 3

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. • https://www.exploit-db.com/exploits/20149 ftp://sgigate.sgi.com/security/20000801-02-P http://archives.neohapsis.com/archives/bugtraq/2000-08/0154.html http://www.securityfocus.com/bid/1572 •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files. • https://www.exploit-db.com/exploits/20137 http://www.osvdb.org/8569 http://www.securityfocus.com/bid/1540 http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008021924.e72JOVs12558%40ix.put.poznan.pl •

CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 2

IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0204.html http://www.securityfocus.com/bid/1413 •

CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 2

The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. • http://archives.neohapsis.com/archives/bugtraq/2000-04/0056.html http://www.securityfocus.com/bid/1106 •