| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in statd allows root privileges. |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. |
| addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file. |
| IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. |
| Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| Command execution in Sun systems via buffer overflow in the at program. |
| Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. |
| Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization. |
| Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. |
| Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges. |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. |
| SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user. |
| Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port. |
