| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. |
| SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. |
| Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list. |
| Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable. |
| Buffer overflow in statd allows root privileges. |
| The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. |
| root privileges via buffer overflow in df command on SGI IRIX systems. |
| Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
| fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. |
| SGI syserr program allows local users to corrupt files. |
| A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. |
| Buffer overflow in uum program for Canna input system allows local users to gain root privileges. |
| IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. |
| Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise. |
| Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable. |
| SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities. |
