National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:sgi:irix:6.5.7
There are 63 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2002-0174

nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.

Published: May 29, 2002; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2002-0355

netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.

Published: May 29, 2002; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2002-0356

Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.

Published: May 29, 2002; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2002-0172

/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).

Published: May 16, 2002; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2002-0173

Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

Published: May 16, 2002; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2002-0213

xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.

Published: May 16, 2002; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2002-0041

Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.

Published: April 22, 2002; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2002-0017

Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.

Published: April 03, 2002; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2002-0039

rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.

Published: March 28, 2002; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2002-0040

Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.

Published: March 28, 2002; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2002-0038

Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.

Published: January 31, 2002; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0796

SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.

Published: December 06, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0799

Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

Published: December 06, 2001; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2001-0800

lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.

Published: December 06, 2001; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2001-0801

lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.

Published: December 06, 2001; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2001-0331

Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0247

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Published: November 14, 2000; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2000-0733

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

Published: October 20, 2000; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2000-0799

inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.

Published: October 20, 2000; 12:00:00 AM -04:00
V2: 3.7 LOW