| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. |
| Csetup under IRIX allows arbitrary file creation or overwriting. |
| IRIX fam service allows an attacker to obtain a list of all files on the server. |
| Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. |
| Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. |
| SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information. |
| Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. |
| IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. |
| IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. |
| The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. |
| The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning. |
| The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| root privileges via buffer overflow in df command on SGI IRIX systems. |
