Sgi: Security Vulnerabilities
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
CVSS Score
10.0
EPSS Score
0.602
Published
1995-12-12
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
CVSS Score
10.0
EPSS Score
0.051
Published
1995-11-01
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
CVSS Score
10.0
EPSS Score
0.003
Published
1995-10-13
SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.
CVSS Score
4.6
EPSS Score
0.003
Published
1995-03-03
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
CVSS Score
6.2
EPSS Score
0.001
Published
1994-10-02
Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.
CVSS Score
7.2
EPSS Score
0.002
Published
1994-08-11
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
CVSS Score
2.1
EPSS Score
0.003
Published
1994-08-09
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
CVSS Score
6.2
EPSS Score
0.001
Published
1991-10-22
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
CVSS Score
2.1
EPSS Score
0.009
Published
1990-10-31
Page 26