National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:sgi:irix:6.5.7
There are 63 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2002-1518

mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.

Published: April 02, 2003; 12:00:00 AM -05:00
V2: 3.6 LOW
CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Published: March 25, 2003; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Published: March 03, 2003; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2002-1786

SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2002-1787

Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2002-1791

SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2002-2185

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

Published: December 31, 2002; 12:00:00 AM -05:00
V2: 4.9 MEDIUM
CVE-2002-1584

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

Published: December 27, 2002; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

Published: December 11, 2002; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2002-1318

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.

Published: December 11, 2002; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

Published: December 11, 2002; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2002-1265

The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).

Published: November 12, 2002; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2002-0632

Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.

Published: September 05, 2002; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

Published: July 23, 2002; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

Published: July 23, 2002; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2002-0359

xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.

Published: July 03, 2002; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2002-0631

Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.

Published: July 03, 2002; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2002-0652

xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().

Published: July 03, 2002; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2002-0042

Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.

Published: June 18, 2002; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2002-0357

Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.

Published: June 18, 2002; 12:00:00 AM -04:00
V2: 7.2 HIGH