The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2012-11-29
Updated
2013-02-26
SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information.
Max CVSS
1.2
EPSS Score
0.04%
Published
2007-02-06
Updated
2008-09-05
gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-05-02
Updated
2008-09-05
gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-05-02
Updated
2008-09-05
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-02-07
Updated
2018-08-13
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-18
Updated
2017-10-11
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
Max CVSS
2.1
EPSS Score
0.07%
Published
2004-08-18
Updated
2017-07-11
Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-07-11
The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-07-11
Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-08-27
Updated
2008-09-10
SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.
Max CVSS
2.1
EPSS Score
0.05%
Published
2004-02-03
Updated
2017-07-11
The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.
Max CVSS
2.1
EPSS Score
0.05%
Published
2002-12-31
Updated
2017-12-19
SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-05
SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-05
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
Max CVSS
2.1
EPSS Score
0.08%
Published
2002-09-05
Updated
2008-09-10
netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-05-29
Updated
2008-09-11
xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-05-16
Updated
2016-10-18
/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).
Max CVSS
2.1
EPSS Score
0.10%
Published
2002-05-16
Updated
2008-09-11
Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-06-18
Updated
2008-09-05
Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-03-28
Updated
2008-09-05
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
Max CVSS
2.1
EPSS Score
0.04%
Published
1990-10-31
Updated
2008-09-05
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
Max CVSS
2.1
EPSS Score
0.04%
Published
1994-08-09
Updated
2017-10-10
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
Max CVSS
2.1
EPSS Score
0.04%
Published
1998-07-03
Updated
2016-10-18
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-09-15
Updated
2017-10-10
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-31
Updated
2008-09-05
28 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!