CVSS: 7.1EPSS: 0%CPEs: 100EXPL: 2CVE-2005-0465 – SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2005-0465
08 Apr 2005 — gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. Local exploitation of a file overwrite vulnerability in the gr_osview command included in multiple versions of Silicon Graphics Inc.'s IRIX operating system could allow for the overwriting of arbitrary files, regardless of permissions. The vulnerability specifically exists in the way that gr_osview opens user specified files without dropping privileges. When a file is... • https://www.exploit-db.com/exploits/25362 •
CVSS: 7.8EPSS: 0%CPEs: 103EXPL: 0CVE-2004-0135 – HexView Security Advisory 2004-06-01.01
https://notcve.org/view.php?id=CVE-2004-0135
18 Jun 2004 — The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory. La llamada de sistema syssgi SGI_IOPROVE en IRIX 6.5.20 a 6.5.24 permite a usuarios locales ganar privilegios leyendo y escribiendo en la memoria del kernel. Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which... • ftp://patches.sgi.com/support/free/security/advisories/20040601-01-P.asc •
CVSS: 7.8EPSS: 0%CPEs: 103EXPL: 0CVE-2004-0134 – HexView Security Advisory 2004-05-07.01
https://notcve.org/view.php?id=CVE-2004-0134
26 May 2004 — cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process. cpr (libcpr) en SGI IRIX anteriores a 6.5.25 permite a usuarios locales ganar privilegios cargando una librería suminstrada por el usuario mientras se reinicia el proceso con punto de comprobación. Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a u... • ftp://patches.sgi.com/support/free/security/advisories/20040507-01-P.asc •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0679
https://notcve.org/view.php?id=CVE-2003-0679
15 Aug 2003 — Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files. Vulnerabilidad desconocida en la librería libcpr del sistema de Punto de Comprobación/Reinicio (Checkpoint/Restart - cpr) en SGI IRIX 6.5.21f y anteriores permite a usuarios locales truncar o sobreescribir ciertos ficheros. • ftp://patches.sgi.com/support/free/security/advisories/20030802-01-P •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0174
https://notcve.org/view.php?id=CVE-2003-0174
29 Apr 2003 — The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. El servicio de nombres LDAP (nsd) en IRIX 6.5.19 y anteriores no verifica adecuadamente si el atributo USERPASSWORD ha sido suministrado por el servidor LDAP, lo que podría permitir a atacantes iniciar sesión sin una contraseña. • ftp://patches.sgi.com/support/free/security/advisories/20030407-01-P • CWE-346: Origin Validation Error •
CVSS: 9.8EPSS: 0%CPEs: 91EXPL: 0CVE-2003-0064
https://notcve.org/view.php?id=CVE-2003-0064
03 Mar 2003 — The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. El emulador de terminal dtterm permite a atacantes modificar el título de la ventana mediante una cierta secuencia de carácter de escape, y a continuación insertarlo de nuevo en la linea de comandos del... • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html •
CVSS: 7.5EPSS: 2%CPEs: 59EXPL: 0CVE-2002-1265
https://notcve.org/view.php?id=CVE-2002-1265
12 Nov 2002 — The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). La funcionalidad RPC de Sun en múltiples implementaciones de libc no provee de un mecanismo de exceso de tiempo cuando se leen datos de conexiones TCP, lo que permite a atacantes remotos causar una denegación de servicio (cuelgue) • ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P •
CVSS: 7.8EPSS: 0%CPEs: 41EXPL: 0CVE-2002-0173
https://notcve.org/view.php?id=CVE-2002-0173
16 May 2002 — Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges. Desbordamiento de buffer en cpr para el paquete de software eoe.sw.cpr SGI Checkpoint-Restart Software package en SGI IRIX 6.5.10 y anteriores pueden permitir a los usuarios locales ganar privilegios de root. • ftp://patches.sgi.com/support/free/security/advisories/20020409-01-I •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2001-0801
https://notcve.org/view.php?id=CVE-2001-0801
06 Dec 2001 — lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. lpstat en IRIX 6.5.13.f y anteriores permite a usuarios locales obtener privilegios de root especificando un caballo de troya como librería compartida de nettype. • ftp://patches.sgi.com/support/free/security/advisories/20011003-02-P •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2001-0796
https://notcve.org/view.php?id=CVE-2001-0796
06 Dec 2001 — SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. SGI IRIX 6.5 a 6.5.12f y posiblemente versiones anteriores, y FreeBSD 3.0, permiten a un atacante remoto producir una denegación de servicio mediante un paquete un paquete IGMP malformado con un pequeño retardo de respuesta. • ftp://patches.sgi.com/support/free/security/advisories/20011001-01-P •