Sgi Irix
187 CVEs affecting Sgi Irix. Latest disclosed: 2012-01-04. Critical: 3, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2003-0174 | Critical | 9.8 | 2003-05-12 | The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could… |
CVE-2001-0249 | Critical | 9.8 | 2001-06-18 | Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which… |
CVE-2001-0248 | Critical | 9.8 | 2001-06-18 | Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which… |
CVE-1999-0029 | High | 8.4 | 1997-07-16 | root privileges via buffer overflow in ordist command on SGI IRIX systems. |
CVE-1999-0036 | High | 8.4 | 1997-05-26 | IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. |
CVE-1999-0038 | High | 8.4 | 1997-04-26 | Buffer overflow in xlock program allows local users to execute commands as root. |
CVE-1999-0022 | High | 7.8 | 1996-07-03 | Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
CVE-1999-0059 | High | 7.3 | 1997-07-14 | IRIX fam service allows an attacker to obtain a list of all files on the server. |
CVE-1999-0039 | High | 7.3 | 1997-05-06 | webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. |
CVE-1999-0035 | Medium | 5.4 | 1997-05-29 | Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. |
CVE-1999-0524 | Medium | 4.0 | 1997-08-01 | ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
CVE-2011-3337 | | 2012-01-04 | eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to… | |
CVE-2010-2594 | | 2010-07-02 | Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snar… | |
CVE-2010-1039 | | 2010-05-20 | Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and… | |
CVE-2007-6232 | | 2007-12-04 | Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter… | |
CVE-2007-4938 | | 2007-09-18 | Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or… | |
CVE-2005-2925 | | 2005-10-12 | runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileg… | |
CVE-2005-0139 | | 2005-09-21 | Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows a… | |
CVE-2005-0138 | | 2005-09-21 | rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be det… | |
CVE-2005-0465 | | 2005-05-02 | gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. |