📦

irix

Vendor: sgi

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 57 Code Available
Total RCEs 17 Remote Access
Total CVEs 233 Total Indexed
Avg. EPSS 2.58% Exploit Prob.
Latest CVE CVE-2005-2925 Oct 12

Security Vulnerability Index

Page 1 / 24
7.2 CVSS
CVE-2005-2925
RCE Exploit Found

runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.

EPSS: 0.19%
7.5 CVSS
CVE-2005-0139

Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities.

EPSS: 0.49%
7.5 CVSS
CVE-2005-0138

rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability.

EPSS: 0.49%
2.1 CVSS
CVE-2005-0464
Exploit Found

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

EPSS: 0.60%
2.1 CVSS
CVE-2005-0465
Exploit Found

gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.

EPSS: 0.51%
7.2 CVSS
CVE-2005-0113

inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.

EPSS: 0.07%
10.0 CVSS
CVE-2004-0139

Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors.

EPSS: 0.43%
5.0 CVSS
CVE-2004-1891

The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.

EPSS: 0.41%
5.0 CVSS
CVE-2004-1889

Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows.

EPSS: 0.74%
7.2 CVSS
CVE-2004-0134

cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.

EPSS: 0.05%