CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SGI : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-4938 119 DoS Exec Code Overflow 2007-09-18 2008-11-15
7.6
Admin Remote High Not required Complete Complete Complete
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
2 CVE-2005-2925 Exec Code Bypass 2005-10-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.
3 CVE-2005-1859 2005-07-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array.
4 CVE-2005-0605 Exec Code Overflow 2005-03-02 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
5 CVE-2005-0206 Overflow 2005-04-27 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
6 CVE-2005-0139 2005-09-21 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities.
7 CVE-2005-0138 2005-09-21 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability.
8 CVE-2005-0113 Exec Code 2005-01-14 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.
9 CVE-2005-0005 Exec Code Overflow 2005-05-02 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
10 CVE-2004-1471 DoS Exec Code 2004-12-31 2008-09-05
7.1
Admin Remote High Single system Complete Complete Complete
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
11 CVE-2004-1307 Exec Code Overflow 2004-12-21 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
12 CVE-2004-0488 Exec Code Overflow 2004-07-07 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
13 CVE-2004-0424 DoS Exec Code Overflow 2004-07-07 2010-08-21
7.2
Admin Local Low Not required Complete Complete Complete
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
14 CVE-2004-0148 Bypass 2004-04-15 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
15 CVE-2004-0135 +Priv 2004-08-06 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.
16 CVE-2004-0134 +Priv 2004-08-18 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.
17 CVE-2004-0110 Exec Code Overflow 2004-03-15 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
18 CVE-2004-0105 Exec Code Overflow 2004-03-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
19 CVE-2004-0104 Exec Code 2004-03-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
20 CVE-2003-0796 2004-03-29 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled.
21 CVE-2003-0683 Bypass 2003-11-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions.
22 CVE-2003-0680 Bypass 2003-10-06 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.
23 CVE-2003-0574 +Priv 2003-08-18 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028.
24 CVE-2003-0174 2003-05-12 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.
25 CVE-2003-0173 +Priv 2003-05-05 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
26 CVE-2003-0064 Exec Code 2003-03-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
27 CVE-2003-0028 Exec Code Overflow 2003-03-25 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
28 CVE-2002-1419 2003-04-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.
29 CVE-2002-1317 DoS Exec Code Overflow 2002-12-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
30 CVE-2002-0678 2002-07-23 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
31 CVE-2002-0677 +Priv 2002-07-23 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
32 CVE-2002-0652 Exec Code 2002-07-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
33 CVE-2002-0631 +Priv 2002-07-03 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.
34 CVE-2002-0357 +Priv 2002-06-18 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.
35 CVE-2002-0356 +Priv 2002-05-29 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.
36 CVE-2002-0174 +Priv 2002-05-29 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.
37 CVE-2002-0173 Overflow +Priv 2002-05-16 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.
38 CVE-2002-0171 +Priv 2002-05-16 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges.
39 CVE-2002-0017 Exec Code Overflow 2002-04-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.
40 CVE-2001-1456 119 Exec Code Overflow 2001-09-04 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
41 CVE-2001-0891 +Priv 2002-01-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.
42 CVE-2001-0823 +Priv 2001-12-06 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).
43 CVE-2001-0801 +Priv 2001-12-06 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.
44 CVE-2001-0485 Exec Code 2001-06-27 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.
45 CVE-2001-0331 Exec Code Overflow 2001-06-27 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.
46 CVE-2000-0797 Overflow +Priv 2000-10-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option.
47 CVE-2000-0796 Overflow +Priv 2000-10-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.
48 CVE-2000-0795 Overflow +Priv 2000-10-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.
49 CVE-2000-0794 Overflow +Priv 2000-10-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview.
50 CVE-2000-0533 2000-06-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files.
Total number of vulnerabilities : 96   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.