Vulnerability Details CVE-1999-1384
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.0%
CVSS Severity
CVSS v2 Score 7.2
References
- ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.08.SGI.systour.vul
- ftp://patches.sgi.com/support/free/security/advisories/19961101-01-I
- http://marc.info/?l=bugtraq&m=87602167420095&w=2
- http://www.iss.net/security_center/static/7456.php
- http://www.securityfocus.com/bid/470
- ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.08.SGI.systour.vul
- ftp://patches.sgi.com/support/free/security/advisories/19961101-01-I
- http://marc.info/?l=bugtraq&m=87602167420095&w=2
- http://www.iss.net/security_center/static/7456.php
- http://www.securityfocus.com/bid/470
Products affected by CVE-1999-1384
-
cpe:2.3:o:sgi:irix:-
-
cpe:2.3:o:sgi:irix:4.0.1
-
cpe:2.3:o:sgi:irix:4.0.1t
-
cpe:2.3:o:sgi:irix:4.0.2
-
cpe:2.3:o:sgi:irix:4.0.3
-
cpe:2.3:o:sgi:irix:4.0.4
-
cpe:2.3:o:sgi:irix:4.0.4b
-
cpe:2.3:o:sgi:irix:4.0.4t
-
cpe:2.3:o:sgi:irix:4.0.5
-
cpe:2.3:o:sgi:irix:4.0.5_iop
-
cpe:2.3:o:sgi:irix:4.0.5a
-
cpe:2.3:o:sgi:irix:4.0.5b
-
cpe:2.3:o:sgi:irix:4.0.5d
-
cpe:2.3:o:sgi:irix:4.0.5e
-
cpe:2.3:o:sgi:irix:4.0.5f
-
cpe:2.3:o:sgi:irix:4.0.5g
-
cpe:2.3:o:sgi:irix:4.0.5h
-
cpe:2.3:o:sgi:irix:5
-
cpe:2.3:o:sgi:irix:5.0
-
cpe:2.3:o:sgi:irix:5.0.1
-
cpe:2.3:o:sgi:irix:5.1
-
cpe:2.3:o:sgi:irix:5.1.1
-
cpe:2.3:o:sgi:irix:5.2
-
cpe:2.3:o:sgi:irix:5.3
-
cpe:2.3:o:sgi:irix:6.0
-
cpe:2.3:o:sgi:irix:6.0.1
-
cpe:2.3:o:sgi:irix:6.1
-
cpe:2.3:o:sgi:irix:6.2
-
cpe:2.3:o:sgi:irix:6.3