Sgi: >> Irix >> 6.5.16m Security Vulnerabilities
Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-12-31
SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-12-31
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
CVSS Score
4.9
EPSS Score
0.004
Published
2002-12-31
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
CVSS Score
10.0
EPSS Score
0.053
Published
2002-12-27
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
CVSS Score
5.0
EPSS Score
0.024
Published
2002-11-12
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.
CVSS Score
9.8
EPSS Score
0.04
Published
2001-06-18
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.
CVSS Score
5.0
EPSS Score
0.014
Published
2001-02-16
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
CVSS Score
10.0
EPSS Score
0.031
Published
2000-01-08
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
CVSS Score
10.0
EPSS Score
0.122
Published
2000-01-08
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
CVSS Score
10.0
EPSS Score
0.013
Published
1999-01-28