CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 y anteriores; NFS/ONCplus versión B.11.31_09 y anteriores sobre HP-UX de HP versiones B.11.11, B.11.23 y B.11.31; y IRIX de SGI versión 6.5, permiten a los atacantes remotos ejecutar código arbitrario por medio de una petición RPC que contiene especificadores de cadena de formato en un nombre de directorio no comprobado. • https://www.exploit-db.com/exploits/14407 http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc http://marc.info/?l=bugtraq&m=127428077629933&w=2 http://osvdb.org/64729 http://secunia.com/advisories/39835 http://secunia.com/advisories/39911 http://securitytracker.com/id?1024016 http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html http://www.ibm.com/support/docview.wss?uid=isg1IZ73590 http://www.ibm.com/support/docview.wss?uid=isg1IZ735 • CWE-134: Use of Externally-Controlled Format String •
CVE-2005-0465 – SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2005-0465
gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. • https://www.exploit-db.com/exploits/25362 ftp://patches.sgi.com/support/free/security/advisories/20050402-01-P http://secunia.com/advisories/14875 http://securitytracker.com/id?1013662 http://www.idefense.com/application/poi/display?id=225&type=vulnerabilities •
CVE-2005-0113
https://notcve.org/view.php?id=CVE-2005-0113
inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges. • http://secunia.com/advisories/13858 http://securitytracker.com/id?1012894 http://www.idefense.com/application/poi/display?id=182&type=vulnerabilities http://www.osvdb.org/12915 http://www.securityfocus.com/bid/12259 https://exchange.xforce.ibmcloud.com/vulnerabilities/18894 •
CVE-2004-1891
https://notcve.org/view.php?id=CVE-2004-1891
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged. • ftp://patches.sgi.com/support/free/security/advisories/20040401-01-P.asc •
CVE-2004-1889
https://notcve.org/view.php?id=CVE-2004-1889
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows. • ftp://patches.sgi.com/support/free/security/advisories/20040401-01-P.asc http://www.securityfocus.com/bid/10037 https://exchange.xforce.ibmcloud.com/vulnerabilities/15722 •