Sgi: >> Irix >> 6.5.15f Security Vulnerabilities
xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.
CVSS Score
10.0
EPSS Score
0.014
Published
2002-07-03
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2002-06-18
Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.
CVSS Score
5.0
EPSS Score
0.011
Published
2002-04-22
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.
CVSS Score
7.5
EPSS Score
0.061
Published
2002-04-03
rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.
CVSS Score
5.0
EPSS Score
0.007
Published
2002-03-28
Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-03-28
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.
CVSS Score
9.8
EPSS Score
0.04
Published
2001-06-18
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.
CVSS Score
5.0
EPSS Score
0.014
Published
2001-02-16
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
CVSS Score
10.0
EPSS Score
0.031
Published
2000-01-08
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
CVSS Score
10.0
EPSS Score
0.122
Published
2000-01-08