CVE-1999-1398 – SGI IRIX 6.4 - 'xfsdump' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-1398
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. • https://www.exploit-db.com/exploits/19358 http://marc.info/?l=bugtraq&m=87602167420921&w=2 http://www.insecure.org/sploits/irix.xfsdump.html http://www.securityfocus.com/bid/472 •
CVE-1999-0039 – SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Command Execution
https://notcve.org/view.php?id=CVE-1999-0039
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. • https://www.exploit-db.com/exploits/19299 ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX http://www.cert.org/advisories/CA-1997-12.html http://www.osvdb.org/235 http://www.securityfocus.com/bid/374 https://exchange.xforce.ibmcloud.com/vulnerabilities/333 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-1999-0040 – LibXt - 'XtAppInitialize()' Local Overflow *xterm
https://notcve.org/view.php?id=CVE-1999-0040
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. • https://www.exploit-db.com/exploits/331 https://www.exploit-db.com/exploits/322 https://www.exploit-db.com/exploits/19200 https://www.exploit-db.com/exploits/19201 https://www.exploit-db.com/exploits/19202 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0040 •
CVE-1999-0038 – BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0038
Buffer overflow in xlock program allows local users to execute commands as root. • https://www.exploit-db.com/exploits/19173 https://www.exploit-db.com/exploits/19172 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-1999-0959 – SGI IRIX 6.4 - 'startmidi' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0959
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/19355 ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX http://www.osvdb.org/8447 http://www.securityfocus.com/bid/469 https://exchange.xforce.ibmcloud.com/vulnerabilities/1634 •