CVE-1999-1461
SGI IRIX 6.4 - 'inpview' Local Privilege Escalation
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 1997-05-07 CVE Published
- 1997-05-07 First Exploit
- 2001-08-31 CVE Reserved
- 2023-03-08 EPSS Updated
- 2024-08-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://marc.info/?l=bugtraq&m=87602167420921&w=2 | Mailing List |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/19304 | 1997-05-07 | |
http://www.securityfocus.com/bid/381 | 2024-08-01 |
URL | Date | SRC |
---|---|---|
ftp://patches.sgi.com/support/free/security/advisories/20001101-01-I | 2016-10-18 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 5.3 Search vendor "Sgi" for product "Irix" and version "5.3" | - |
Affected
| ||||||
Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.1 Search vendor "Sgi" for product "Irix" and version "6.1" | - |
Affected
| ||||||
Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.2 Search vendor "Sgi" for product "Irix" and version "6.2" | - |
Affected
| ||||||
Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.3 Search vendor "Sgi" for product "Irix" and version "6.3" | - |
Affected
| ||||||
Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.4 Search vendor "Sgi" for product "Irix" and version "6.4" | - |
Affected
| ||||||
Sgi Search vendor "Sgi" | Irix Search vendor "Sgi" for product "Irix" | 6.5.10 Search vendor "Sgi" for product "Irix" and version "6.5.10" | - |
Affected
|